The ITSPmagazine Podcast

At RSAC Conference 2026, Eric Herzog, Chief Marketing Officer of Infinidat, sat down with Sean Martin for a booth-side Brand Highlight that reframes a familiar blind spot. Infinidat is a high-end enterprise storage company serving global Fortune 500 organizations and mid-range managed service providers -- and Herzog argues that leaving storage out of a corporate cybersecurity strategy means leaving the largest concentration of enterprise data exposed. Infinidat embeds cybersecurity directly into its storage platform through InfiniSafe, a software suite that has earned recognition from both storage and cybersecurity analysts. The centerpiece of the offering is a written guarantee: any dataset, regardless of size, will be recovered in one minute or less. Herzog explains that this is backed by immutable snapshots that cannot be altered or deleted, a management plane separated from the data plane, and AI/ML-powered scanning through InfiniSafe Cyber Detection that validates a snapshot is clean before it is restored. The goal is a "known good copy" -- a forensically clean snapshot that can be brought back with confidence. Herzog notes that security teams often focus on confidentiality and availability while underweighting integrity. Infinidat's approach addresses all three: snapshots are verified clean, recovery is fast, and the process is demonstrable in live proof-of-concept environments. At the beginning of April 2026, Infinidat recovered six petabytes in three seconds in a live demo. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Eric Herzog, Chief Marketing Officer, Infinidat LinkedIn: https://www.linkedin.com/in/erherzog RESOURCES Infinidat Website: https://www.infinidat.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Eric Herzog, Infinidat, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, enterprise storage, cybersecurity, ransomware recovery, data protection, InfiniSafe, immutable snapshots, cyber resilience, RSAC Conference 2026, next generation data protection, MSP security, storage security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not waiting for permission to deploy AI agents -- they are already in production, often without a clear picture of what those agents can access or who is accountable for them. Token Security was built specifically for this moment, and being named an RSAC Conference Innovation Sandbox finalist is confirmation that the market is catching up to the problem the company has been solving since 2023. Itamar Apelblat, co-founder and CEO, and Ido Shlomo, co-founder and CTO, came out of Israel's elite intelligence unit 8200 -- Apelblat from the defensive security side and Shlomo from offensive cyber operations. That shared background, and 17 years of partnership, shapes how Token Security approaches a problem that most identity vendors have not yet reckoned with: AI agents are not humans, and they are not standard machine identities either. The core concept is intent-based access management. Rather than looking at an agent's historical behavior and extending permissions based on the past, Token Security asks: what is this agent supposed to do? What is its purpose? Restrictions are then built around that intent. As Apelblat explains, agents are non-deterministic -- they will pursue a goal through whatever path is available, including ones you did not anticipate or want. Locking down access based on intent rather than history is the only approach that holds. Shlomo adds a dimension that makes the risk concrete: an AI agent forgets everything between sessions. Every interaction starts fresh. That means it does not remember a previous attack attempt. A sophisticated adversary who manipulates an agent today can try the exact same technique tomorrow. Combine that with the agent's relentless drive to satisfy its directive -- even to the point of deleting data or modifying infrastructure if that is what it takes -- and the case for an isolated, intent-scoped perimeter becomes clear. The customer journey at Token Security almost always begins after deployment. Organizations arrive saying, in effect: we think we have agents out there, can you help us find them? Visibility comes first -- discovering what agents exist, understanding their usage, mapping ownership, managing lifecycle. Policy enforcement comes after. Critically, Token Security achieves this without sitting as an inline broker. The platform connects to both the agent platforms and the business applications those agents reach, creating enforcement at both ends without introducing friction into developer workflows. Apelblat frames the architecture in terms of micro agents: purpose-specific, narrowly scoped, each with a well-defined role. Not one agent doing everything -- thousands of focused agents, each constrained to exactly what it needs. Shlomo puts the business case plainly: an agent with properly managed identity is not a chatbot, it is a member of a digital workforce. Get identity right, and the productivity multiplier is enormous. Get it wrong, and a single compromised agent can cascade across every connected system it touches. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTS Itamar Apelblat, Co-Founder & CEO, Token Securityhttps://www.linkedin.com/in/itamar-apelblat/ Ido Shlomo, Co-Founder & CTO, Token Securityhttps://il.linkedin.com/in/ido--shlomo RESOURCES Token Security website: https://www.token.security/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Itamar Apelblat, Ido Shlomo, Token Security, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI agent security, AI agent identity, non-human identity, NHI security, intent-based access management, privileged access management, zero trust, RSAC Conference 2026, Innovation Sandbox, identity lifecycle management, agentic AI security, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Vijit Nair, VP of Product Management at Corelight, joins Sean Martin on the floor of RSAC Conference 2026 for a conversation about what it takes to move security operations from AI-assisted to AI-autonomous. Corelight is the fastest-growing company in the network detection and response (NDR) space, and Nair has spent six years helping build the platform from early network monitoring to its current position as a Gartner Magic Quadrant Leader. The company's open NDR platform transforms raw network traffic into high-fidelity, unopinionated evidence -- and that evidence is now powering the next leap: agentic triage. Corelight's newly launched Agentic Triage product moves beyond the "level one" AI assistant model -- where a system answers questions but takes no action -- to a "level two" agent that actually investigates and triages alerts. It identifies the riskiest entities in an environment, collects all associated context and data, runs a full investigation cycle, and delivers a verdict with full evidence attached. Nair calls it "bringing the receipts": analysts see not just the conclusion but every step of the reasoning. Early results show a 10x increase in investigation speed and 60-70% of alerts being automatically triaged. The network is having a resurgence as an essential visibility layer, and Nair explains why: attackers have adapted to EDR. Nation-state-style campaigns like Volt Typhoon and Salt Typhoon operate in the network layer, targeting unmanaged devices, routers, firewalls, and VPNs that endpoint tools cannot see. Corelight almost always finds something in the first 30 days of a pilot deployment -- from shadow IT and shadow VPNs to active red team attacks using tools like Sliver-based C2 frameworks. On the question of SOC adoption, Nair pushes back on the assumption that hesitation comes from the top. The hunger for AI-powered tools runs from CISOs all the way down to the analysts dealing with alert overload and understaffed teams. A recent customer put it simply: "This is amazing. Please don't take it away from me." Nair frames the path to full autonomy as a spectrum -- from human-controlled to fully agentic -- and draws the comparison to Waymo: the journey is measured and incremental, but the destination is inevitable. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vijit Nair, VP of Product Management, Corelighthttps://www.linkedin.com/in/vijitn RESOURCES Corelight: https://corelight.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vijit Nair, Corelight, Sean Martin, network detection and response, NDR, agentic triage, AI SOC, autonomous security operations, SOC automation, network security monitoring, threat detection, AI-powered security, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ISACA has stepped into a defining role in the CMMC ecosystem, taking over as the CMMC Assessor and Instructor Certification Organization -- the CAICO -- for the U.S. Department of War's Cybersecurity Maturity Model Certification program. Recorded live at RSAC Conference 2026, this conversation with Todd Gagnon, the Director of the CAICO at ISACA, gets right to the heart of what that means for cybersecurity professionals, defense contractors, and anyone thinking about where their career intersects with the defense industrial base. The CMMC program exists to solve a persistent problem: too many companies doing business with the federal government had failed to properly implement required cybersecurity controls. Built around NIST 800-171's 110 security requirements, CMMC demands third-party, independent verification -- and that means a large, trained, credentialed assessor workforce. ISACA's role is to build and certify exactly that. Todd Gagnon walks through the two foundational credentials at the center of this effort: the CMMC Certified Professional (CCP) as the entry point, and the CMMC Certified Assessor (CCA) as the operational core. With roughly 800 credentialed professionals in the current ecosystem against a need measured in thousands, the stakes and the urgency are clear. What makes this conversation practically useful is the range of people it speaks to. Gagnon lays out who should be thinking about a CCP -- including professionals early in their careers and organizations that want internal staff who truly understand the CMMC framework, not just outside consultants. He explains the C3PAO model, how subcontractor compliance flows through the ecosystem, and why NIST 800-171 is a strong cybersecurity foundation regardless of whether an organization ever touches a government contract. The certification pathway is open to non-ISACA members, the CCP is designed to be accessible, and the knowledge transfers well beyond the federal contracting context. ISACA is also moving ahead of the curve: with NIST having released Revision 3 of 800-171, ISACA is already developing training content for the transition -- targeting late 2025 delivery so that a wave of Revision 3-ready professionals will be in place when the Department of War makes the regulatory shift. Todd Gagnon closes with a candid ask for patience as the April 1st transition from Cyber AB to ISACA takes effect, along with a clear statement of intent: the credentials issued under ISACA's watch should stand for something. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Todd Gagnon, Director, CMMC Assessor & Instructor Certification Organization (CAICO) at ISACA LinkedIn: https://www.linkedin.com/in/todd-gagnon-90b8a6264/ RESOURCES ISACA CMMC Certification Hub: https://www.isaca.org/cmmc ISACA Official Website: https://www.isaca.org KEYWORDS Todd Gagnon, ISACA, Sean Martin, Marco Ciappelli, CMMC, Cybersecurity Maturity Model Certification, CAICO, CCP, CCA, NIST 800-171, Defense Industrial Base, cybersecurity certification, DoD compliance, government contractors, brand spotlight, brand story, brand marketing, marketing podcast, RSAC Conference 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Sean Martin caught up with Rich Mogull at the Cloud Security Alliance booth for a candid conversation about where enterprise security programs stand -- and what it takes to keep pace with AI. Mogull, who joined CSA as Chief Analyst in October 2025, brings a practitioner's instinct to a research-first organization, and he arrived with a clear mandate: help organizations stop treating security frameworks as shelf documents and start treating them as operational tools. CSA operates across three pillars -- cloud, zero trust, and AI -- and Mogull is the first to acknowledge the identity tension that comes with that breadth. But his argument is consistent: each pillar represents a transformational technology that exposed the limits of existing security practices. "Our sweet spot is these transformational, disruptive technologies," he says. The same challenge that played out with cloud adoption is now repeating itself with AI, and CSA's job is to help security teams navigate it with research that is genuinely actionable. One of the most anticipated deliverables from Mogull's first year is the AI Security Maturity Model -- a structured framework that gives enterprise security programs a lens for assessing and improving their AI security posture. Modeled on CSA's Cloud Security Maturity Model (which Mogull also authored), it is built around measurable KPIs and designed to be as automatable as possible. After its first public draft drew over 600 comments from 60 international reviewers, Mogull is in the final stages of revision. The model covers governance, identity and access management, security monitoring, model security, AI infrastructure, agentic applications, MCP servers, and AI developer enablement -- a purpose-built lens for enterprise AI security programs, not a generic maturity template. Beyond the model itself, Mogull is building the operational infrastructure to help CSA members actually use it. The new Enterprise Membership program -- launched in March 2026 -- centers on the Operational Maturity Roadmap: a structured, year-long engagement where CSA analysts work directly with member organizations, providing monthly guidance, specific recommendations, and an annual progress report tied to measurable outcomes. The goal is to move CSA from research producer to implementation partner -- and to deliver the kind of decision support that scales beyond what any individual consultant can provide. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Rich Mogull, Chief Analyst, Cloud Security Alliance LinkedIn: https://www.linkedin.com/in/richmogull/ RESOURCES Cloud Security Alliance: https://cloudsecurityalliance.org CSA Enterprise Membership Program: https://cloudsecurityalliance.org/membership CSA AI Controls Matrix: https://cloudsecurityalliance.org/research/working-groups/ai-controls-matrix CSA Cloud Controls Matrix: https://cloudsecurityalliance.org/research/cloud-controls-matrix Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Rich Mogull, Cloud Security Alliance, CSA, Sean Martin, AI Security Maturity Model, cloud security, zero trust, AI security, enterprise security, security maturity model, RSAC Conference 2026, brand spotlight, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

On the RSAC Conference show floor, Tony Anscombe shared how ESET has expanded its threat intelligence offering with ECR reports -- designed to give commercial organizations both machine-readable feeds and human-readable analysis. The reason: threat actors are increasingly hard to attribute, they share tools, run coordinated campaigns, and reinvest profits into more sophisticated operations. Having someone do the research and surface actionable intelligence is no longer a luxury. Anscombe pointed to a telling campaign pattern from last year: threat actors refined attack methods against UK retailers, then rapidly adapted those same techniques against US retailers. The implication is clear -- your business may be unique in its infrastructure, but it is not unique in its sector. Understanding how your sector is being targeted is the foundation of a prevention-first posture. Automation came up as equally non-negotiable. If it takes three days to collect all the information needed to make a determination about an incident, the post-attack phase has already begun. ESET Inspect is designed to flip that equation: when an analyst opens an incident, the forensic analysis is done, the evidence is visualized, and the determination can be made on facts rather than gathered through investigation. Anscombe was careful to draw a line between automation as speed and automation as replacement. ESET's position is that AI should operate alongside human expertise -- trust and verify applies to AI-assisted analysis just as it does to any intelligence feed. Oversight remains essential, even as the tooling gets faster. A preview of upcoming survey data offered one of the more striking moments in the conversation. Roughly 35% of SMBs using MDR are sourcing that service directly from their cyber insurer. Anscombe flagged the monoculture risk: when a large share of businesses in the same sector run identical security stacks, a single point of failure becomes a sector-wide vulnerability. His advice after 30 years in the industry -- different organizations should deliberately choose different platforms to maintain diversity. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES ESET: https://www.eset.com ESET Threat Intelligence: https://www.eset.com/int/business/services/threat-intelligence/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, threat intelligence, cyber resilience, MDR, EDR, XDR, managed detection and response, SMB security, cybersecurity automation, RSAC Conference 2026, prevention-first security, cyber insurance, monoculture risk, ESET Inspect, APT research Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the expo floor runs on one word: AI. But Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, has been watching the confusion this creates in real time. Visitors at the Stellar Cyber booth are asking the same question: does AI in cybersecurity mean a tool that fights AI-powered attackers, a tool that is AI-based, or something else entirely? Lisa Liu's take is direct -- if your messaging can't answer that question, the noise is winning. Stellar Cyber has been building toward a human-augmented, autonomous SOC for years -- long before "agentic" became the conference password. The logic driving that mission is not about market positioning. It is about what happens when AI makes a mistake at scale. One error in judgment can echo a thousandfold. Human oversight is not a limitation on the platform -- it is the architecture. The goal is not to put a human on the sidelines as a safety check. The goal is to make every analyst perform at a higher level, so a junior analyst works at the capability of a senior analyst. Lisa Liu draws on the Waymo analogy familiar to anyone walking the streets of San Francisco this week: autonomous vehicles went from having a safety driver present to running solo. But when a power outage knocked out every Waymo unit simultaneously, the city needed humans to step in immediately. The same principle applies to security operations. Agentic AI is changing the analyst's role -- replacing alert fatigue and log chasing with higher-order problem solving -- but human involvement in the process is not going away. For SOC teams asking how to get there, Lisa Liu is clear: success is not a rip-and-replace project. Success is minimal personnel disruption and maximum operational efficiency -- repositioning existing tools to work smarter without exposing the organization to weeks of vulnerability during a rebuild. Stellar Cyber's platform integrates with existing SIEMs and tools, adds coverage across network, endpoint, identity, and cloud environments, and offers hundreds of pre-built integrations with more being added continuously. For managed security service providers serving clients across different industries and risk profiles, that kind of unified visibility is what makes the business model scale. The outcomes are specific. One Stellar Cyber customer reported that analysts were 83% more accurate in their threat environment analysis. Lisa Liu frames that number carefully: analysts are not measured by what they catch -- they are measured by what they miss. Any meaningful improvement in accuracy is not just a business metric. It changes how people feel about their work. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyberhttps://www.linkedin.com/in/lisaaliu/ RESOURCES Stellar Cyber: https://stellarcyber.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, RSAC Conference 2026, human-augmented SOC, autonomous SOC, AI-native security operations, Multi-Layer AI, MSSP security platform, SOC analyst efficiency, alert triage, agentic AI cybersecurity, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Daniel Bardenstein, CEO and co-founder of Manifest Cyber, opens with a candid assessment: the fundamental problem hasn't changed since Log4Shell. Organizations still don't understand what's inside the software and AI they build and buy. A recent Manifest Cyber study found a 40-50% gap between how well CISOs believed their security posture was managed and how their own AppSec teams rated the reality. Traditional SCA tools bury analysts in alerts without enabling response. Third-party tools hand out letter grades without reflecting actual empirical risk. The result is what Bardenstein calls the illusion of transparency -- confidence in visibility that doesn't actually exist. The hidden sources of risk go deeper than most teams realize. C/C++ code underpins critical infrastructure across medical devices, automotive, defense, and financial services -- yet most scanning tools can't effectively analyze it. Third-party binaries carry serious risk that vendors rarely disclose. Open source libraries that haven't been updated in years represent quiet exposure. And AI adoption is adding a new layer of opacity: datasets of unknown provenance, open-weight models with untested risk profiles, and AI-embedded applications where organizations have no visibility into what models or agents are operating underneath. Bardenstein frames the path forward in three dimensions: rapid response when a new issue emerges, proactive inventory and monitoring of critical dependencies, and supply chain risk stopped at the procurement gate before it enters the enterprise. When customers demand SBOMs as a condition of doing business, vendors improve -- and those improvements flow to all their other customers as well. Manifest Cyber sees this market dynamic as one of the most powerful forces for making the software ecosystem more secure. The conversation also takes on accountability. Drawing on his time leading technology strategy at CISA, Bardenstein argues that the burden of transparency must fall on the people who write software, not those who buy and use it. The "transparency tax" -- the hidden cost of cheap or opaque technology -- only surfaces after something goes wrong, in the form of incident response, people-hours, and exposure. Compliance drivers like the EU Cyber Resilience Act are reinforcing this shift, but market pressure from major banks, pharmaceutical companies, and government is already moving faster than regulation. Manifest Cyber automates the hard work: generating SBOMs, analyzing binaries, surfacing risk in C/C++ and third-party dependencies, and enabling fast, owner-assigned remediation. One customer went from zero to generating SBOMs across their entire fleet in 90 seconds -- without touching a command line. The platform is built to keep engineer velocity high, surface risk in plain language for procurement and risk teams, and make supply chain security accessible to the entire organization, not just the AppSec team. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Daniel Bardenstein, CEO and Co-Founder, Manifest Cyber LinkedIn: https://www.linkedin.com/in/bardenstein/ RESOURCES Manifest Cyber: https://www.manifestcyber.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Daniel Bardenstein, Manifest Cyber, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, software supply chain security, SBOM, Software Bill of Materials, AIBOM, AI supply chain, Log4Shell, software transparency, SCA tools, C/C++ security, open source risk, Secure by Design, EU Cyber Resilience Act, supply chain risk management, third-party risk, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The security operations center is under pressure from every direction -- rising alert volumes, fragmented data environments, and a skills gap that no amount of hiring fully closes. At RSAC Conference 2026, Monzy Merza of Crogl sat down with Sean Martin and Marco Ciappelli to talk about what the AI-enabled SOC actually looks like when it is working at enterprise scale. Crogl recently published the State of the AI SOC report, a survey of more than 600 organizations. The headline finding: nearly 40% of alerts go completely unattended. Not triaged. Not escalated. Just missed. The report also found that a large share of respondents rank the security of an AI system above its raw capability -- trust before performance. Merza says the goal of the report was part data, part demystification, and part empathy building -- giving security leaders permission to recognize that everyone is dealing with the same problems. Crogl's knowledge engine is built on a foundational premise: data is fragmented in the enterprise, and that is not going to change. Rather than requiring data normalization before analysis, Crogl builds an enterprise semantic knowledge graph that maps relationships across data lakes, SIEMs, and SOAR platforms, wherever the data lives. Analysts no longer need to navigate schemas or query languages. Crogl handles the investigation and surfaces what matters. Merza describes two compressor effects his customers experience. A competency compressor allows any analyst to draw on multiple data lakes at once. A domain knowledge compressor lets Crogl work across alert types -- phishing, endpoint, and beyond -- rather than routing each to a specialist. The result is a team that operates well above its apparent headcount. One customer example: a CISA advisory that would take hours to manually parse can be uploaded into Crogl and assessed across the enterprise footprint -- IOC mapping and detection coverage -- in sub-hours. The same logic extends to compliance, where audit data calls that once required manual query-by-query execution can now be executed by Crogl against a full 500-query data call at once. On the jobs question, Merza takes a clear position: AI will create more security jobs, not fewer. Every new AI deployment is a new attack surface. Every new footprint needs to be defended. The repetitive tier-one work is going away -- but the volume of meaningful security work is expanding and the entry level is rising. The organizations getting ahead of this are already standing up AI review boards and putting security capability at the center of how they evaluate new AI tools. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl LinkedIn: https://www.linkedin.com/in/monzymerza RESOURCES State of the AI SOC Report (free download): https://www.crogl.com Crogl: https://www.crogl.com AI SOC Summit: https://aisocsummit.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Monzy Merza, Crogl, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI SOC, security operations center, SOC automation, AI in cybersecurity, alert fatigue, security data lakes, SIEM integration, enterprise knowledge graph, threat intelligence, CISA advisory, Volt Typhoon, RSAC Conference 2026, RSAC 2026, cybersecurity AI, autonomous investigation, SOC analysts, security workforce, CISO strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hewlett Packard Enterprise has been rethinking what it means to secure an enterprise network -- and the answer they keep arriving at is that security cannot be an afterthought. At RSAC Conference 2026, Mounir Hahad, Head of HPE Threat Labs, sat down with Sean Martin to walk through what that philosophy looks like in practice and what two major announcements at the show mean for security teams. One of those announcements is the HPE AI firewall -- a solution built specifically for organizations trying to govern how employees use generative AI tools without shutting down innovation. Mounir Hahad frames the challenge directly: gen AI has doubled the attack surface, and organizations that fail to act risk both data leakage and a loss of confidence in the technology itself. The AI firewall starts with visibility -- showing which AI services employees are using, what data is moving where, and whether private information is leaking to external services -- and then gives administrators the tools to set and enforce policy. The second announcement is the formal launch of HPE Threat Labs, which brings together threat research capabilities from both Hewlett Packard Enterprise and the former Juniper Networks. The combined team covers both threat analysis and vulnerability analysis -- capabilities that were previously siloed. HPE Threat Labs has published its inaugural In the Wild threat report, drawing on telemetry, honeypots, and open-source intelligence to give CISOs and decision makers a clear view of how cybercrime has industrialized, why attacks are increasingly targeted, and why high-confidence alerts matter more than ever. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Mounir Hahad, Head of HPE Threat Labs, Hewlett Packard Enterprise LinkedIn: https://www.linkedin.com/in/mounirhahad/ RESOURCES HPE Threat Labs: https://www.hpe.com HPE Threat Labs 2026 In the Wild Threat Report: https://www.hpe.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Mounir Hahad, Hewlett Packard Enterprise, HPE, HPE Threat Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, AI firewall, generative AI security, network security, threat intelligence, SASE, cybercrime, RSAC Conference 2026, threat research, enterprise security, AI governance, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.