Risky Bulletin Sponsored: AI is making old school prevention cool again
Mar 29, 2026
Adam Pointon, CEO of Knocknoc, a leader in identity-gated access and just-in-time host protection. He explains how AI is accelerating exploit timelines. He describes hiding services until users authenticate. He outlines deny-by-default controls, limiting exposure, and just-in-time allowances for maintenance.
AI Snips
Chapters
Transcript
Episode notes
Make Services Invisible Until Authentication
- Knocknoc hides services until a user authenticates, exposing resources only to verified identities.
- Adam Pointon describes orchestrating firewalls so Citrix is reachable only after an SSO challenge, reducing internet exposure.
Zero Day Clock Shrunk To Hours
- AI-driven exploitation shrank the window between disclosure and active attacks from days to hours, forcing a rethink of patch-first models.
- Pointon cites data moving from 1.6 days average to about eight hours and describes Gen AI automating vulnerability-to-exploit workflows.
Block Everything Then Allow Authenticated Users
- Prevent exposure as the primary control instead of trying to outpace attackers with detection or patched-based response.
- Pointon recommends blocking everything by default and only allowing authenticated, verified users through, including stepped-up MFA.