Danny Jenkins, a cybersecurity practitioner at ThreatLocker focused on application control and zero trust, cuts through AI hype. He warns against treating AI as a cure and talks about agentic AI risks, treating agents like users, mixing AI with rule-based controls, and pragmatic steps like default-deny app control, closing open ports, and restricting cloud app access.
26:15
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
insights INSIGHT
AI Is Not The Security Silver Bullet
AI is not a magic cure for cybersecurity problems and won't replace fundamental controls.
Danny Jenkins shows that despite AI availability, cybercrime has increased, proving controls matter more than hype.
insights INSIGHT
AI Can Explain Code But Not Intent
AI can analyze code and speed SOC work but cannot determine software intent reliably.
Jenkins uses the backup vs exfiltration example: identical function but different intent, which AI cannot discern.
volunteer_activism ADVICE
Restrict Agentic AI To Need‑To‑Know Access
Treat agentic AIs like users: grant only necessary access and impose strict boundaries.
Limit where agents can send data, what internet endpoints they reach, and constrain their permissions on devices.
Get the Snipd Podcast app to discover more snips from this episode
Thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal
AI isn't the magic cybersecurity cure the industry wants you to believe it is Danny Jenkins tells us in this interview. He cuts through the marketing hype and explains why relying solely on AI to block attacks is not a solution to all our cyber problems.
We also discuss modern threats—including the rise of
Agentic AI—and why determining the "intent" of software is practically impossible for artificial intelligence. Instead of chasing the latest buzzwords, learn the foundational, proven strategies to actually secure your network.
We dive deep into Zero Trust Network Access (ZTNA), the
power of default deny, and the specific, tangible controls you need to block
ransomware, prevent Office 365 phishing, and stop bad actors. Whether you're an IT admin, SOC analyst, or CISO, this video outlines exactly what you should be doing instead of just buying another AI tool
// Danny Jenkins’ SOCIAL //
LinkedIn: / dannyjenkinscyber
// ThreatLocker’s SOCIAL //
LinkedIn: https://www.linkedin.com/company/thre...
X: https://x.com/threatlocker
Instagram: / threatlocker
Website: https://www.threatlocker.com/
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
0:00 - Coming Up
0:36 - Introduction
01:01 - Solving Problems with AI and Security
03:14 - Concerns with Agentic AI
08:01 - ThreatLocker AI Products
09:20 - AI vs AI and Security
11:34 - Vibe Coding in Industry
14:42 - Ways for Companies to Stop Hacks
19:29 - Deny by Default vs AI
20:29 - Industry reaction to Deny by Default
22:10 - About ThreatLocker
23:19 - Announcements from ZTW26
25:22 - The Growth of Threatlocker
26:12 - Outro
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#cybersecurity #ai #hack
David Bombal 