Cast your vote for Cyber Sentries as Best Technology Podcast here!

Bridging the AI Security Gap—Inside the Rise of Non‑Human Identities

In this episode of Cyber Sentries from CyberProof, host John Richards sits down with Idan Gour, co-founder and president of Astrix Security, to unpack one of today’s fastest-emerging challenges: securing AI agents and non-human identities (NHIs) in the modern enterprise. As companies rush to adopt generative-AI tools and deploy Model Context Protocol (MCP) servers, they’re unlocking incredible automation—and a brand-new attack surface. Together, John and Idan explore how credential leakage, hard-coded secrets, and rapid “shadow-AI” experimentation are exposing organizations to unseen risks, and what leaders can do to stay ahead.

From Non‑Human Chaos to Secure‑by‑Design AI

Idan shares the origin story of Astrix Security—built to close the identity-security gap left behind by traditional IAM tools. He explains how enterprises can safely navigate their AI journey using the Discover → Secure → Deploy framework for managing non-human access. The conversation moves from early automation risk to today’s complex landscape of MCP deployments, secret-management pitfalls, and just-in-time credentialing. John and Idan also discuss Astrix’s open-source MCP wrapper, designed to prevent hard‑coded credentials from leaking during model integration—a practical step organizations can adopt immediately.

Questions We Answer in This Episode

• How can companies prevent AI‑agent credentials from leaking across cloud and development environments?
• What’s driving the explosion of non‑human identities—and how can security teams regain control?
• When should organizations begin securing AI agents in their adoption cycle?
• What frameworks or first principles best guide safe AI‑agent deployment?

Key Takeaways

• Start securing AI agents early—waiting until “maturity” means you’re already behind.
• Visibility is everything: you can’t protect what you don’t know exists.
• Automate secret management and avoid static credentials through just‑in‑time access.
• Treat AI agents and NHIs as first‑class citizens in your identity‑security program.

As AI adoption accelerates within every department—from R&D to customer operations—Idan emphasizes that non‑human identity management is the new frontier of cybersecurity. Getting that balance right means enterprises can innovate fearlessly while maintaining the integrity of their data, systems, and brand.

Links & Notes

• Learn more about Paladin Cloud
• Learn more about Astrix Security
• Idan Gour on LinkedIn
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:47) - Meet Idan Gour
• (04:02) - As the Vertical Started to Grow
• (07:03) - The Journey
• (09:50) - Struggling
• (13:44) - Risk
• (16:41) - Targeting
• (18:20) - Framework
• (20:44) - Implementing Early
• (22:18) - Back End Risks
• (24:30) - Bridging the Gap
• (26:39) - When to Engage Astrix
• (30:21) - Wrap Up

AI-Powered Compliance: Transforming Enterprise Security

In this episode of Cyber Sentries, John Richards speaks with Richa Kaul, CEO and founder of Complyance. Richa shares insights on using modular AI systems for enterprise security compliance and discusses the critical balance between automation and human oversight in cybersecurity.

Why Enterprise Security Compliance Matters Now

The conversation explores how enterprises struggle with increasing cyber threats and complex third-party vendor networks. Richa explains how moving from reactive to proactive compliance monitoring can transform security posture, sharing real examples from Fortune 100 companies and major sports organizations.

AI Implementation That Prioritizes Security

Richa details their approach to implementing AI in compliance, emphasizing their commitment to data privacy and security. The company uses a modular AI infrastructure with opt-in features and minimal data access principles, demonstrating how AI can enhance security without compromising privacy.

Questions We Answer:

• How can enterprises shift from reactive to proactive compliance monitoring?
• What are the key considerations for implementing AI in security compliance?
• How should companies manage third-party vendor risks in the AI era?
• What role does employee education play in maintaining security compliance?

Key Takeaways:

• Continuous monitoring beats point-in-time compliance checks
• Modular AI systems offer better security control than all-in-one solutions
• Third-party vendor risk requires automated, continuous assessment
• Human elements like training and culture can't be fully automated

Looking Ahead: Security Challenges

The discussion concludes with insights into future challenges, including quantum computing's impact on security and the growing complexity of AI-related risks. Richa emphasizes the importance of building nimble, configurable systems to address emerging threats.

Links & Notes

• More About Richa Kaul
• Complyance on LinkedIn and the Web
• Learn more about Paladin Cloud
• Learn more about Cyberproof
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:13) - Meet Richa Kaul from Complyance
• (02:32) - Areas Needing Security
• (04:19) - Reactive vs. Proactive
• (06:17) - Integrating AI
• (07:59) - AI Compliance Challenges
• (10:48) - Training Their Models
• (12:16) - Evaluating Third Parties
• (15:49) - The Team
• (19:04) - Looking to the Future
• (20:44) - How Others Are Implementing AI
• (24:04) - Creating Capacity
• (25:44) - Companies Doing It Well
• (27:25) - When They Don’t Have the Resources
• (28:50) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

AI Governance in an Era of Rapid Change

In this episode of Cyber Sentries, John Richards talks with Walter Haydock, founder of StackAware, about navigating the complex landscape of AI governance and security. Walter brings unique insights from his background as a Marine Corps intelligence officer and his extensive experience in both government and private sectors.

Understanding AI Risk Management

Walter shares his perspective on how organizations can develop practical AI governance frameworks while balancing innovation with security. He outlines a three-step approach starting with policy development, followed by thorough inventory of AI tools, and assessment of cybersecurity implications.

The discussion explores how different industries face varying levels of AI risk, with healthcare emerging as a particularly challenging sector where both opportunities and dangers are amplified. Walter emphasizes the importance of aligning AI governance with business objectives rather than treating it as a standalone initiative.

Questions We Answer in This Episode:

• How should organizations approach AI governance and risk management?
• What are the key challenges in implementing ISO 42001 for AI systems?
• How can companies address the growing problem of "shadow AI"?
• What are the implications of fragmented AI regulations across different jurisdictions?

Key Takeaways:

• Organizations need clear AI policies that define acceptable use boundaries
• Risk management should integrate with existing frameworks rather than create separate systems
• Companies must balance compliance requirements with innovation needs
• Employee education and flexible approval processes help prevent shadow AI usage

The Regulatory Landscape

The conversation delves into emerging AI regulations, from New York City's local laws to Colorado's comprehensive AI Act. Walter provides valuable insights into how organizations can prepare for upcoming regulatory changes while maintaining operational efficiency.

Links & Notes

• StackAware
• Connect with Walter on LinkedIn
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (00:56) - Walter Haydock from Stackaware
• (01:39) - Walter’s Background
• (03:02) - Areas Needing Improvement
• (03:49) - Integrating AI
• (04:59) - Stackaware’s Role
• (06:51) - AI Certification Standard
• (07:43) - Implementation Challenges
• (08:54) - Thoughts on Looser Protocols
• (11:42) - Regulations
• (13:27) - Approaches
• (15:23) - Areas of Concern
• (17:52) - Handling Risk
• (19:03) - Who Should Own AI Governance
• (20:09) - Pushback?
• (21:41) - Proper Techniques
• (22:52) - What Levels
• (24:15) - Smaller Companies
• (26:20) - Ideal Legislation
• (29:14) - Plugging Walter
• (30:02) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

Revolutionizing Cloud Security with AI-Powered Distributed Systems

In this episode of Cyber Sentries, John Richards sits down with Mark Fussell, CEO of Diagrid and co-creator of the Distributed Application Runtime (DAPR). Mark shares insights from his extensive experience in distributed systems and discusses how modern architectures are evolving to incorporate AI capabilities.

The Evolution of Distributed Applications

Mark explains how DAPR emerged from observing common challenges teams faced when building distributed systems. The project, which started in 2018 and became open source in 2019, has grown into a graduated Cloud Native Computing Foundation (CNCF) project used by thousands of companies worldwide. He details how DAPR's component model allows teams to swap infrastructure without changing code, providing crucial flexibility for enterprise systems.

Questions We Answer in This Episode

• How are distributed applications transforming modern software development?
• What role does security play in distributed architectures?
• How can organizations integrate AI agents into existing distributed systems?
• What's next for distributed systems in the age of AI?

Key Takeaways

• DAPR provides essential building blocks for secure, distributed applications
• Workflow durability is crucial for enterprise-ready AI agent systems
• Identity-based security principles are fundamental to distributed architectures
• The future of distributed systems will blend traditional microservices with AI agents

The Future of AI in Distributed Systems

Mark discusses Diagrid's Catalyst platform, which helps organizations build enterprise-ready distributed applications with integrated AI capabilities. He emphasizes the importance of security, durability, and workflow management as organizations begin incorporating AI agents into their systems.

Links & Notes

• Connect with Mark on LinkedIn
• Learn more about DAPR
• Diagrid
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:00) - Welcome to Cyber Sentries
• (00:56) - Diagrid’s Mark Fussell
• (01:33) - Meet Mark
• (05:03) - The Journey
• (11:21) - New AI Models
• (15:27) - On the Security Side
• (17:18) - Where Things Go Next
• (20:36) - Bringing in New Agentic Models
• (24:46) - Catalyst
• (27:38) - Getting in Touch
• (29:01) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

AI-Powered Cloud Security: From Research Lab to Enterprise Reality

In this episode of Cyber Sentries, John Richards talks with Mohit Tiwari, co-founder and CEO of Symmetry Systems and associate professor at UT Austin, about transforming academic research into practical enterprise security solutions. Mohit shares his journey from academic research to founding a company that's revolutionizing how organizations approach data security in the age of AI.

Bridging Academia and Industry

Mohit discusses how his research team at UT Austin developed innovative approaches to data security and privacy, working with organizations like NSA, Lockheed, and General Dynamics. Their work led to founding Symmetry Systems in 2020, focusing on operationalizing data flow security across enterprise environments.

The Evolution of Data Security

The conversation explores how traditional asset-centric security approaches are giving way to data-centric models. Mohit explains how Symmetry Systems helps organizations protect data flows across multiple applications and platforms, making security more efficient and effective than traditional bespoke solutions.

Questions We Answer in This Episode:

• How can organizations move from bespoke security solutions to systematic approaches?
• What role does AI governance play in modern enterprise security?
• How can companies effectively manage data security across different AI implementation scenarios?

Key Takeaways:

• Data-centric security approaches are becoming crucial as AI adoption increases
• Organizations need interoperable policy languages for effective AI governance
• Purpose-built, smaller AI models can be more effective than large, general-purpose ones
• Security solutions must evolve to handle the massive scale of modern enterprise data

Looking Ahead: The Future of AI Security

The episode concludes with insights into emerging challenges in AI security, including the need for better business purpose frameworks and advanced detection capabilities for sophisticated attacks like ransomware.

Resources

• Symmetry Systems website
• Connect with Symmetry Systems on LinkedIn
• Learn more about Paladin Cloud
• Learn more about Cyberproof
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:28) - Meet Mohit
• (03:32) - Application Examples
• (08:41) - Key Metrics
• (11:18) - Effects of AI
• (14:42) - Environments and Interfaces
• (17:05) - Tying It Together
• (18:45) - AI in the Process
• (23:17) - Model Decisions
• (26:07) - Research to Project
• (29:39) - Problems
• (31:51) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

AI-Powered Identity Verification: Beyond Passwords and into the Future

In this episode of Cyber Sentries, host John Richards sits down with Michael Engle, co-founder and CSO of 1Kosmos, to explore how AI is revolutionizing identity verification and authentication in cybersecurity. Mike brings decades of experience from Wall Street to modern startups, offering unique insights into the evolution of digital identity protection.

The Identity Crisis in Modern Security

Identity verification has become the new perimeter in cybersecurity, accounting for 80% of security problems. Mike explains how traditional methods like passwords and basic MFA are failing to meet current security challenges, especially as AI agents become more prevalent in our digital lives. 1Kosmos is tackling this through advanced biometric verification, behavioral analysis, and AI-powered authentication systems.

Questions We Answer in This Episode:

• How is AI changing the landscape of identity verification?
• What makes biometric authentication more secure than traditional methods?
• How can organizations transition from password-based to identity-based security?
• What role do digital wallets play in the future of identity verification?

Key Takeaways:

• Identity verification has replaced perimeter security as the primary security concern
• AI enables more sophisticated identity verification through behavioral analysis and pattern recognition
• Biometric authentication offers a more secure alternative to traditional passwords and MFA
• Digital wallets are emerging as the future of portable, verified identity

The Future of Digital Identity

Looking ahead, Mike discusses 1Kosmos's work on digital wallets and universal identity verification systems. These innovations aim to create reusable, trusted identities that can work across multiple platforms while maintaining security through biometric verification and AI-powered fraud detection.

Links & Notes

• Learn more about Cyberproof
• Learn more about 1Kosmos
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:29) - Meet Michael Engle
• (03:29) - Identity Threat
• (04:35) - With AI
• (06:16) - What 1Kosmos Does
• (13:14) - Adapting with AI
• (16:08) - Protecting Credentials
• (27:02) - Passkey Challenges
• (28:39) - AI-Driven Development
• (32:44) - What’s Next for 1Kosmos
• (35:06) - Learning More
• (36:08) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

AI's Evolution in Security Operations: From Support to Collaboration

Doron Davidson, Managing Director of Security Operations at Cyberproof, joins John Richards to explore how AI is transforming security operations and pushing SOC maturity models into new territory. With extensive experience from telecom security to founding SecBI, Doron brings unique insights into the evolution of managed security services.

Rethinking Security Maturity Models

Doron outlines Cyberproof's innovative approach to service maturity, moving beyond traditional frameworks to incorporate AI capabilities. He describes how they've developed a 1-5 scale measuring people, processes, and technology—with quantifiable 20% year-over-year improvement targets.

Questions We Answer:

• How are security operations teams evolving with AI integration?
• What does SOC maturity look like in an AI-enabled world?
• How can organizations measure and verify AI's security impact?
• What role will agentic AI play in future security operations?

Key Takeaways:

• AI is enabling better collaboration between security services
• Automated investigation has significantly reduced L1 analyst workload
• Well-defined processes and KPIs are crucial for successful AI implementation
• New maturity levels (6-8) are emerging focused on agentic AI capabilities

The Future of Security Operations

The conversation explores how Cyberproof is moving beyond traditional AI integration toward agentic models where multiple AI agents collaborate across security functions. This shift enables enhanced threat intelligence sharing, automated investigations, and improved visualization of security metrics for stakeholders.

Practical Applications and Impact

From automating email attack investigations to improving cross-team collaboration, Doron shares concrete examples of how AI is reducing human error while expanding security capabilities. He emphasizes the importance of maintaining human oversight while leveraging AI's strengths.

Resources

• Learn more about Cyberproof
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (00:59) - Today’s Guest: Doron Davidson
• (01:58) - Doron’s Background
• (03:53) - Latest Challenges
• (06:23) - Honesty Mindset
• (09:42) - Current AI Strategy
• (12:49) - Focus Areas
• (20:09) - Shifting Models
• (25:30) - What He’s Excited About
• (27:06) - Maturity Model
• (29:15) - Wrap Up

Cast your vote for Cyber Sentries as Best Technology Podcast here!

AI, Investment, and Security: A Venture Capitalist's Perspective

Sherman Williams, managing partner at AI and Ventures, joins John Richards to explore the intersection of artificial intelligence, cloud security, and venture capital. As a Naval Academy graduate turned investor, Sherman brings unique insights from both military and commercial technology perspectives. His firm focuses on dual-use technologies - innovations that serve both government and commercial applications - making him particularly well-positioned to discuss AI's evolving role in security.

The conversation delves deep into how organizations should approach AI implementation, viewing it as a powerful tool rather than a solution in itself. Sherman shares valuable perspectives on the distinction between AI DevTools and application layer AI, and how entrepreneurs should focus on solving specific problems rather than getting caught up in AI hype. The discussion explores critical considerations around open-source versus closed-source models, particularly in sensitive sectors like government, healthcare, and insurance.

Questions we answer in this episode:

• How should organizations approach AI implementation in their security strategy?
• What's the difference between AI DevTools and application layer AI?
• How are security concerns shaping the development of AI solutions?

Key Takeaways:

• AI should be viewed as a tool for efficiency and productivity, not a standalone solution
• The best AI implementations focus on solving specific, acute problems
• Security considerations are driving innovation in both AI development and deployment

This episode offers essential insights for anyone interested in the future of AI in security and technology development. Sherman's unique perspective, combining military experience with venture capital expertise, provides valuable context for understanding how AI is reshaping the security landscape while highlighting both opportunities and challenges ahead.

Links & Notes

• AIN Ventures
• Follow Sherman on LinkedIn
• The 2017 Google Article Mentioned
• Security Company Mentioned
• Learn more about Paladin Cloud
• Got a question? Ask us here!

• (00:04) - Welcome to Cyber Sentries
• (01:00) - Sherman Williams
• (01:28) - Sherman’s Background
• (05:52) - AI from the Investment Space
• (08:49) - Dev Tools or Application Layer AI
• (12:50) - Security
• (23:12) - Promising Work in Security
• (34:25) - Wrap Up