Interview with Ankita Gupta, CEO of Akto
How to Navigate Shadow AI Risk in the enterpriseThis week, we discuss AI governance in the enterprise, starting with the nuts and bolts of how to discover and understand shadow AI. Following that, we dive into what security and tech leaders should do next with this information: apply guardrails? Limit vendor options?Ankita has a wealth of experience and anecdotes to share here, from years of working with customers and seeing all the unexpected things that happen with AI in today's workplace.Segment Resources:- Website: https://www.akto.io
- Book a Free Demo: https://www.akto.io/agentic-security-demo
- LinkedIn: https://www.linkedin.com/company/akto-io
- YouTube: https://www.youtube.com/@aktodotio
Topic Segment: Verizon's Breach Impact Study
The same team that delivers the DBIR every year gave us a bonus, based on over 70,000 insurance claims!Some of my favorite insights:- Cost of breaches, broken out by SMB, mid-sized enterprise, and large
- The claim amount as a percentage of the company's revenue
- Losses broken down by loss TYPE
Weekly Enterprise News
Finally, in the enterprise security news,- A $100M seed round!
- Accenture acquires 3 security vendors
- Some thoughts on the government takedown of Fable and Mythos
- One of the craziest security mistakes I’ve ever seen, in the software FIFA uses to manage World Cup streams!
- A Critical Copilot vulnerability
- 75,000 Fortinet Firewalls get compromised
- Remediation is broken
- Using guardrails to evade detection
Ankita Gupta is the Co-Founder and CEO of Akto, an Agentic AI Security platform focused on securing AI agents across Enterprises. She brings more than 15 years of experience across cybersecurity, engineering, enterprise software, and go-to-market leadership, with prior roles at VMware, LinkedIn, and JPMorgan Chase.
She is recognized as a prominent voice in modern application and AI security, speaking at industry conferences and communities including Black Hat USA, OWASP, Defcon, RSA, and GraphQLConf. Her work focuses on securing autonomous AI behavior, building Enterprise AI Governance programs, AI Security Strategy and implementation for emerging risks around AI agents and MCP ecosystems.
Ankita holds an MBA from Dartmouth and engineering bachelors degree from Indian Institute of Technology Roorkee.
Security leaders, your SOC is under pressure to do more with less while threats get faster and more sophisticated. AI is reshaping both the attack surface and how defenders operate. So how do you modernize without adding more tools or complexity?
Join the AI for Next-Gen SOC Virtual Cybersecurity Summit on June 24th to learn how leading enterprises are using AI to improve detection, reduce noise, and scale operations effectively.
Security Weekly listeners can register free at https://securityweekly.com/nextgensoc using the promo code: CSS26-SW
Adrian Sanabria
- FUNDING/M&A: Courtesy of the Security, Funded newsletter, #248 – Mo Models, Mo Problems
VIBE CHECK
When frontier AI companies Anthropic or OpenAI go public via IPO, how do you think public cybersecurity stocks will respond?
- 40% - No change
- 33% - Down bad
- 26% - Up and to the right
FUNDING
- NinjaOne, a United States-based endpoint management and protection platform, raised a $400.0M Secondary Market.
- Brandon Dixon's (founder of PassiveTotal, acq by RiskIQ, acq by Microsoft) Ent comes out of stealth with a $100M seed round to "Bring Prevention Back to Cybersecurity"
- A Security, an Israel-based autonomous offensive security platform, raised a $32.0M Series A from Lightspeed Venture Partners and an additional $5.0M Seed from CyberStarts.
- Aryon Security, an Israel-based cloud security guardrails and misconfiguration prevention platform, raised a $29.0M Series A from Brightmind Partners.
- Pi Security, a United States-based agentic AI-driven product security platform, raised a $25.0M Series A from Brightmind Partners and Third Point Ventures.
ACQUISITIONS
- Databricks strikes deal to buy Panther Labs in cybersecurity push <- hey Snowflake, where you at?
- In a huge roll-up move, Accenture is acquiring a majority stake in Dragos at a $3.2B valuation. Dragos previously raised $438.2M in funding. This move also includes a 100% acquisition of runZero and NetRise (total funding of $20M and $26.2M, respectively), bringing the combined "business value" to $4.175B. Note that "business value" is not the deal amount. The press release mentions that all three companies combined are doing $208M ARR, which is about 1.1% of Accenture's revenue ($18.72B as of Q3 FY26)
- Strata Identity, a United States-based multi-cloud identity and access management (IAM) orchestration platform, was acquired by Rubrik for an undisclosed amount. Strata Identity had previously raised $37.5M in funding.
- REGULATIONS: Statement on the US government directive to suspend access to Fable 5 and Mythos 5
They literally asked for it Got a White House EO Ignored the request in the EO Got regulated Thanks to one of their biggest investors (Amazon)
Either the Mythos marketing campaign backfired, or it is going exactly to plan.
Your model is so good, the US Government banned it? No one else's models are good enough to ban? You literally cannot buy exposure this good!
If I'm right, then the cybersecurity community has been Anthropic's pawn, twice (get 'Mythos-ready', and 'Free Fable' and the US Government, once.
- VULNERABILITIES: I Could’ve Rickrolled the Entire FIFA World Cup. All I Needed Was My ID.
Incredible bug, painfully bad comms - hard to believe FIFA's tech could be THIS bad for such a visible organization, at their most vulnerable time. Please, someone, at least tell me AI came up with this terrible design - I don't want to hear that a human is responsible.
- VULNERABILITIES: Critical Copilot vulnerability allowed hackers to steal 2FA code from users
This used a familiar technique that worked on 365 Copilot a few years ago - using prompt injection to get the agent to visit a website owned by the attacker, while attaching secrets to the URL of the visited website. (e.g. https:/mywebsite.com/yoursecretsgohere/avatar.jpg)
Look at the website logs and boom - you've got exfiltrated data.
Microsoft's efforts to put guardrails around Copilot didn't work, because they only went in place after the AI completed its "thinking" phase. And the thinking phase is typically when it visits and scrapes websites.
- ATTACKS: FortiBleed: 75,000 Fortinet Firewalls Compromised: Global Enterprises Exposed – Claim Your Ethical Disclosure
Not sure if "vulnerabilities" or "attacks" was the right category for this - lots of talk about using stolen creds, but that's a bit hard to believe with THIS many compromised devices.
- REPORTS: The Broken Physics of Remediation (from Qualys)
"The mandate is clear. We must match autonomous offense with autonomous defense. This requires a foundational architectural shift away from reactive human triage and toward a Risk Operations Center (ROC) that fuses embedded intelligence, deterministic confirmation of actual exploitability, and autonomous remediation into a single operational loop."
You know why autonomous defense has never worked? Because, for defenders, breaking things comes with an enormous financial and personal cost that no one is willing to pay.
Some really useful data in this report. The chart on page 15 is worth pondering for a bit.
The executive summary got me fired up, but later on, the report is saying exactly what I say in my vuln mgmt advisory calls - mitigations suddenly become very important when you know you have no chance of patching in time.
"Risk mass" is an interesting concept - measuring vulnerability risk in number of days exposed, multiplied by how many instances of the vuln exist in your environment. e.g. one vuln on 5 hosts that doesn't get fixed for 30 days has 150 days of risk mass. This is adjacent to what I refer to as "vulnerability body counts" - the number of breaches a vulnerability has caused.
- IDEAS: Using Guardrails to Frustrate Analysis (MalwareTech via LinkedIn)
One of the biggest shortcomings of LLMs is their insistence on following instructions, regardless of where they come from and what their intent is. We're already discussing two cases this week where things ended badly because of prompt injection: Microsoft Copilot and Instagram's support service.
In this case, Marcus Hutchins hypothesizes that LLM-based defenses could be foiled by simply triggering built-in guardrails, which could force an LLM to abandon its task.
- SQUIRREL: s0xDk/ghostty-blackhole
Ghostty Blackhole puts a real, ray-traced black hole inside your terminal. It grows as Claude Code's context window fills up, live. A fresh session is a quiet hole in the corner. A full one swallows half your screen. You'll always see /compact coming.
