We Catch up on the News, Including AI Vuln Hunting; Also More RSAC Interviews! - Mark Lambert, Samuel Hassine, John Wilson, Georges Bossert - ESW #454

The rapid proliferation of generative AI tools has outpaced traditional security controls, prompting vendors like ArmorCode to introduce dedicated governance platforms. AIEM aggregates signals from existing security and IT stacks, mapping AI models to owners and risk scores, thereby delivering board‑ready audit trails. By turning opaque shadow‑AI deployments into measurable assets, enterprises can justify AI investments while mitigating compliance exposure, a shift that aligns with the findings of the 2026 State of AI Risk Management report, which highlighted governance as the top concern among 650 surveyed leaders.

Simultaneously, the cyber‑threat landscape is evolving from reactive indicator‑of‑compromise (IOC) alerts to proactive, intelligence‑driven defense. The Continuous Threat Exposure Management (CTEM) framework discussed in the episode bridges threat intel with adversary‑emulation exercises, enabling security teams to quantify risk and prioritize remediation. This approach transforms raw data into strategic narratives for C‑suite decision‑makers, ensuring resources target the most damaging attack vectors. As organizations recognize that threat intelligence now informs business continuity and brand reputation, CTEM becomes a critical component of modern risk management portfolios.

Insights from the RSAC interviews reinforce the need for disciplined AI adoption and heightened email fraud awareness. Georges Bossert cautioned that deploying AI agents without robust context can amplify false positives, eroding SOC credibility. Meanwhile, Fortra’s analysis of the Scripted Sparrow collective revealed an operation capable of dispatching six million targeted BEC emails monthly, leveraging 119 domains and 256 bank accounts across three continents. The scale underscores the importance of integrating AI‑enhanced detection with human‑led verification to thwart sophisticated phishing campaigns. Together, these developments signal a market pivot toward integrated, governance‑centric security solutions that balance innovation with resilience.