Interview with Jim Spignardo
What does it take to build AI workflows that work? Why do so many fail?
Jim isn’t a typical ESW guest. I think it’s essential for security folks to regularly step outside the security bubble and understand other perspectives and mindsets. That’s what we’re doing today with Jim.
He specializes in building custom AI architecture and workflows for his clients. We discuss the state of AI in the enterprise and why so many of these efforts fail. We’ll discuss the elements of AI success and whether security plays a role in helping AI efforts succeed or contribute to failures.
Segment Resources:
RSAC Exec Interviews, Part 1
Trends Revealed in Fortinet’s FortiGuard Labs 2026 Global Threat Landscape Report
Fortinet’s Global Director of Threat Intelligence and Adversarial AI Research explores the trends revealed in the latest Global Threat Landscape Report from FortiGuard Labs, including a surge in AI-enabled cybercrime. As AI optimizes and accelerates attack techniques, here’s how cyber defenders should respond.
This segment is sponsored by Fortinet . Visit https://securityweekly.com/fortinetrsac to learn more about them!
X-PHY Delivers Hardware-Enforced Security for the Age of AI Agents
Camellia Chan, CEO and Co-Founder of X-PHY, discusses how Model Context Protocol (MCP) is making it easier for AI agents to plug into enterprise apps and operate with elevated permissions—creating new opportunities for attacks and data exfiltration. She explains how X-PHY’s hardware-enforced monitoring and detection sit beyond the OS trust boundary to enforce immutable limits on what agents can do and stop threats before data is lost, so organizations can adopt agentic AI with confidence.
Security leaders looking to deploy AI agents safely can request a demo or briefing with X-PHY at https://securityweekly.com/xphyrsac.
RSAC Exec Interviews, Part 2
Introducing Legion Investigator: Goal-Oriented AI Investigations
Traditional security playbooks often fail because they cannot capture the fluid, context-dependent reasoning required when a routine investigation hits a non-scripted "judgment point." Legion Investigator addresses this gap by employing goal-oriented AI agents that move beyond rigid scripts to interpret findings and execute complex, multi-step investigations based on your team's unique environment and expertise. By bridging the divide between automated execution and human-level reasoning, the platform ensures that every alert (no matter how unpredictable) is handled with the depth and consistency of a senior analyst.
This segment is sponsored by Legion Security. Visit https://securityweekly.com/legionrsac to learn more about them!
The Missing Layer in Zero Trust: The Security Policy Control Plane
Zero Trust has become the dominant security architecture for hybrid and cloud environments, but many organizations are discovering that deploying enforcement technologies alone does not deliver operational control. Firewalls, cloud security groups, and microsegmentation platforms enforce access decisions, yet the policies behind those controls are often fragmented, difficult to validate, and constantly changing. In this conversation, FireMon CEO Jody Brazil discusses why modern security architectures increasingly require a security policy control plane: a layer that continuously validates how policy is enforced across firewalls, cloud networks, and segmentation platforms. The discussion explores why policy drift occurs in real environments, how enforcement systems become difficult to coordinate at scale, and what organizations must do to ensure Zero Trust policies remain consistent as infrastructure evolves.
This segment is sponsored by FireMon. Visit https://securityweekly.com/firemonrsac to learn more about them!
Visit https://www.securityweekly.com/esw for all the latest episodes!
Show Notes: https://securityweekly.com/esw-455
Security Weekly Podcast Network (Audio) 
