Fred Wilmot, CEO and co-founder of Detecteam, and Sebastien Tricaud, CTO and co-founder, bring a candid and critical take on cybersecurity’s detection and response problem. Drawing on their collective experience—from roles at Splunk, Devo, and time spent in defense and offensive operations—they raise a core question: does any of the content, detections, or tooling security teams deploy actually work?

The Detecteam founders challenge the industry’s obsession with metrics like mean time to detect or respond, pointing out that these often measure operational efficiency—not true risk readiness. Instead, they propose a shift in thinking: stop optimizing broken processes and start creating better ones.

At the heart of their work is a new approach to detection engineering—one that continuously generates and validates detections based on actual behavior, environmental context, and adversary tactics. It’s about moving away from one-size-fits-all IOCs toward purpose-built, context-aware detections that evolve as threats do.

Sebastien highlights the absurdity of relying on static, signature-based detection in a world of dynamic threats. Adversaries constantly change tactics, yet detection rules often sit unchanged for months. The platform they’ve built breaks detection down into a testable, iterative process—closing the gap between intel, engineering, and operations. Teams no longer need to rely on hope or external content packs—they can build, test, and validate detections in minutes.

Fred explains the benefit in terms any CISO can understand: this isn’t just detection—it’s readiness. If a team can build a working detection in under 15 minutes, they beat the average breakout time of many attackers. That’s a tangible advantage, especially when operating with limited personnel.

This conversation isn’t about a silver bullet or more noise—it’s about clarity. What’s working? What’s not? And how do you know? For organizations seeking real impact in their security operations—not just activity—this episode explores a path forward that’s faster, smarter, and grounded in reality.

Learn more about Detecteam: https://itspm.ag/detecteam-21686

Note: This story contains promotional content. Learn more.

Guests:

Fred Wilmot, Co-Founder & CEO, Detecteam | https://www.linkedin.com/in/fredwilmot/

Sebastien Tricaud, Co-Founder & CTO, Detecteam | https://www.linkedin.com/in/tricaud/

Resources

Learn more and catch more stories from Detecteam: https://www.itspmagazine.com/directory/detecteam

Webinar: Rethink, Don’t Just Optimize: A New Philosophy for Intelligent Detection and Response — An ITSPmagazine Webinar with Detecteam | https://www.crowdcast.io/c/rethink-dont-just-optimize-a-new-philosophy-for-intelligent-detection-and-response-an-itspmagazine-webinar-with-detecteam-314ca046e634

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, fred wilmot, sebastien tricaud, detecteam, detection, cybersecurity, behavior, automation, red team, blue team, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

In this episode, Subo Guha, Vice President of Product Management at Stellar Cyber, shares how the company is reshaping cybersecurity operations for managed service providers (MSPs) and their customers. Stellar Cyber’s mission is to simplify security without compromising depth—making advanced cybersecurity capabilities accessible to organizations without enterprise-level resources.

Subo walks through the foundations of their open XDR platform, which allows customers to retain the endpoint and network tools they already use—such as CrowdStrike or SentinelOne—without being locked into a single ecosystem. This flexibility proves especially valuable to MSSPs managing dozens or hundreds of customers with diverse toolsets, including those that have grown through acquisitions. The platform’s modular sensor technology supports IT, OT, and hybrid environments, offering deep packet inspection, network detection, and even user behavior analytics to flag potential lateral movement or anomalous activity.

One of the most compelling updates from the conversation is the introduction of their autonomous SOC capability. Subo emphasizes this is not about replacing humans but amplifying their efforts. The platform groups alerts into actionable cases, reducing noise and allowing analysts to respond faster. Built-in machine learning and threat intelligence feeds enrich data as it enters the system, helping determine if something is benign or a real threat.

The episode also highlights new program launches like Infinity, which enhances business development and peer collaboration for MSSP partners, and their Cybersecurity Alliance, which deepens integration across a wide variety of security tools. These efforts reflect Stellar Cyber’s strong commitment to ecosystem support and customer-centric growth.

Subo closes by reinforcing the importance of scalability and affordability. Stellar Cyber offers a single platform with unified licensing to help MSSPs grow without adding complexity or cost. It’s a clear statement: powerful security doesn’t need to be out of reach for smaller teams or companies.

This episode offers a practical view into what it takes to operationalize cybersecurity across diverse environments—and why automation with human collaboration is the path forward.

Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947

Note: This story contains promotional content. Learn more.

Guest:

Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/

Resources

Learn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyber

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, subo guha, xdr, mssp, cybersecurity, automation, soc, ai, ot, threat detection, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

Organizations are demanding more from their IT management platforms—not just toolsets, but tailored systems that meet specific business and security objectives. Vivin Sathyan, Senior Technology Evangelist at ManageEngine, shares how the company is responding with an integrated approach that connects IT, security, and business outcomes.

ManageEngine, a division of Zoho Corporation, now offers a suite of over 60 products that span identity and access management, SIEM, endpoint protection, service management, and analytics. These components don’t just coexist—they interact contextually. Vivin outlines a real-world example from the healthcare sector, where a SIM tool detects abnormal login behavior, triggers an identity system to challenge access, and then logs the incident for IT service resolution. This integrated chain reflects a philosophy where response is not just fast, but connected and accountable.

At the heart of the platform’s effectiveness is contextual intelligence—layered between artificial intelligence and business insights—to power decision-making that aligns with enterprise risk and compliance needs. Whether it’s SOC analysts triaging events, CIS admins handling system hygiene, or CISOs aligning actions with corporate goals, the tools are tailored to fit roles, not just generic functions. According to Vivin, this role-based approach is critical to eliminating silos and ensuring teams speak the same operational and risk language.

AI continues to play a role in enhancing that coordination, but ManageEngine is cautious not to follow hype for its own sake. The company has invested in its own AI and ML capabilities since 2012, and recently launched an agent studio—but only after evaluating how new models can meaningfully add value. Vivin points out that enterprise use cases often benefit more from small, purpose-built language models than from massive general-purpose ones.

Perhaps most compelling is ManageEngine’s global-first strategy. With operations in nearly 190 countries and 18+ of its own data centers, the company prioritizes proximity to customers—not just for technical support, but for cultural understanding and local compliance. That closeness informs both product design and customer trust, especially as regulations around data sovereignty intensify.

This episode challenges listeners to consider whether their tools are merely present—or actually connected. Are you enabling collaboration through context, or just stitching systems together and calling it a platform?

Learn more about ManageEngine: https://itspm.ag/manageen-631623

Note: This story contains promotional content. Learn more.

Guest:

Vivin Sathyan, Senior Technology Evangelist, ManageEngine | https://www.linkedin.com/in/vivin-sathyan/

Resources

Learn more and catch more stories from ManageEngine: https://www.itspmagazine.com/directory/manageengine

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, vivin sathyan, cybersecurity, ai, siem, identity, analytics, integration, platform, risk, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

Charles Henderson, who leads the cybersecurity services division at Coalfire, shares how the company is reimagining offensive and defensive operations through a programmatic lens that prioritizes outcomes over checkboxes. His team, made up of practitioners with deep experience and creative drive, brings offensive testing and exposure management together with defensive services and managed offerings to address full-spectrum cybersecurity needs. The focus isn’t on commoditized services—it’s on what actually makes a difference.

At the heart of the conversation is the idea that cybersecurity is a team sport. Henderson draws parallels between the improvisation of music and the tactics of both attackers and defenders. Both require rhythm, creativity, and cohesion. The myth of the lone hero doesn’t hold up anymore—effective cybersecurity programs are driven by collaboration across specialties and by combining services in ways that amplify their value.

Coalfire’s evolution reflects this shift. It’s not just about running a penetration test or red team operation in isolation. It’s about integrating those efforts into a broader mission-focused program, tailored to real threats and measured against what matters most. Henderson emphasizes that CISOs are no longer content with piecemeal assessments; they’re seeking simplified, strategic programs with measurable outcomes.

The conversation also touches on the importance of storytelling in cybersecurity reporting. Henderson underscores the need for findings to be communicated in ways that resonate with technical teams, security leaders, and the board. It’s about enabling CISOs to own the narrative, armed with context, clarity, and confidence.

Henderson’s reflections on the early days of hacker culture—when gatherings like HoCon and early Def Cons were more about curiosity and camaraderie than business—bring a human dimension to the discussion. That same passion still fuels many practitioners today, and Coalfire is committed to nurturing it through talent development and internships, helping the next generation find their voice, their challenge, and yes, even their hacker handle.

This episode offers a look at how to build programs, teams, and mindsets that are ready to lead—not follow—on the cybersecurity front.

Learn more about Coalfire: https://itspm.ag/coalfire-yj4w

Note: This story contains promotional content. Learn more.

Guest:

Charles Henderson, Executive Vice President of Cyber Security Services, Coalfire | https://www.linkedin.com/in/angustx/

Resources

Learn more and catch more stories from Coalfire: https://www.itspmagazine.com/directory/coalfire

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

charles henderson, sean martin, coalfire, red teaming, penetration testing, cybersecurity services, exposure management, ciso, threat intelligence, hacker culture, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

Kubernetes revolutionized the way software is built, deployed, and managed, offering engineers unprecedented agility and portability. But as Edera co-founder and CEO Emily Long shares, the speed and flexibility of containerization came with overlooked tradeoffs—especially in security. What started as a developer-driven movement to accelerate software delivery has now left security and infrastructure teams scrambling to contain risks that were never part of Kubernetes’ original design.

Emily outlines a critical flaw: Kubernetes wasn’t built for multi-tenancy. As a result, shared kernels across workloads—whether across customers or internal environments—introduce lateral movement risks. In her words, “A container isn’t real—it’s just a set of processes.” And when containers share a kernel, a single exploit can become a system-wide threat.

Edera addresses this gap by rethinking how containers are run—not rebuilt. Drawing from hypervisor tech like Xen and modernizing it with memory-safe Rust, Edera creates isolated “zones” for containers that enforce true separation without the overhead and complexity of traditional virtual machines. This isolation doesn’t disrupt developer workflows, integrates easily at the infrastructure layer, and doesn’t require retraining or restructuring CI/CD pipelines. It’s secure by design, without compromising performance or portability.

The impact is significant. Infrastructure teams gain the ability to enforce security policies without sacrificing cost efficiency. Developers keep their flow. And security professionals get something rare in today’s ecosystem: true prevention. Instead of chasing billions of alerts and layering multiple observability tools in hopes of finding the needle in the haystack, teams using Edera can reduce the noise and gain context that actually matters.

Emily also touches on the future—including the role of AI and “vibe coding,” and why true infrastructure-level security is essential as code generation becomes more automated and complex. With GPU security on their radar and a hardware-agnostic architecture, Edera is preparing not just for today’s container sprawl, but tomorrow’s AI-powered compute environments.

This is more than a product pitch—it’s a reframing of how we define and implement security at the container level. The full conversation reveals what’s possible when performance, portability, and protection are no longer at odds.

Learn more about Edera: https://itspm.ag/edera-434868

Note: This story contains promotional content. Learn more.

Guest:

Emily Long, Founder and CEO, Edera | https://www.linkedin.com/in/emily-long-7a194b4/

Resources

Learn more and catch more stories from Edera: https://www.itspmagazine.com/directory/edera

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, emily long, containers, kubernetes, hypervisor, multi-tenancy, devsecops, infrastructure, virtualization, cybersecurity, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

In this episode, Sean Martin speaks with Richard Seiersen, Chief Risk Technology Officer at Qualys, about a new way to think about cybersecurity—one that puts value and business resilience at the center, not just threats.

Richard shares the thinking behind Qualys’ Risk Operations Center, a new approach that responds directly to a common pain point: organizations struggling to manage vast amounts of telemetry from dozens of security tools without clear direction on how to act. Instead of forcing companies to build and maintain massive internal platforms just to piece together asset, vulnerability, and threat data, Qualys is creating a system to operationalize risk as a real-time, measurable business function.

With a background that includes serving as Chief Risk Officer at a cyber insurance firm and co-authoring foundational books like How to Measure Anything in Cybersecurity Risk and The Metrics Manifesto, Richard frames the conversation in practical business terms. He emphasizes that success is not just about detecting threats, but about understanding where value exists in the business, and how to protect it efficiently.

From Security Operations to Risk Operations

While a traditional SOC focuses on attack surface and compromise detection, the Risk Operations Center is designed to understand, prioritize, and mitigate value at risk. Richard describes how this involves normalizing data across environments, connecting asset identities—including ephemeral and composite digital assets—and aligning technical activity to business impact.

The Risk Operations Center enables teams to think in terms of risk surface, not just threat surface, by giving security leaders visibility into what matters most—and the tools to act accordingly. And importantly, it does so without increasing headcount.

A CISO’s Role in the Business of Risk

Richard challenges security leaders to break away from purely tactical work and lean into business alignment. He argues that boards want CISOs who think strategically—who can talk about capital reserves, residual risk, and how mitigation and transfer can be measured against business outcomes. In his words, “A successful business is in the business of exposing more value to more people… security must understand and support that mission.”

This episode is packed with ideas worth listening to and sharing. What would your version of a Risk Operations Center look like?

Learn more about Qualys: https://itspm.ag/qualys-908446

Note: This story contains promotional content. Learn more.

Guest:

Rich Seiersen, Chief Risk Technology Officer, Qualys | https://www.linkedin.com/in/richardseiersen/

Resources

Learn more and catch more stories from Qualys: https://www.itspmagazine.com/directory/qualys

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, richard seiersen, risk, cybersecurity, data, resilience, telemetry, automation, ciso, soc, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

In this on-location conversation recorded during RSAC 2025, attorney and investor Yair Geva shares a unique perspective shaped by years of legal counsel and deal-making across Israel, Europe, and the U.S. Now a Partner at Herzog, Fox & Neeman, Geva offers insight into how cybersecurity, AI, and M&A are intersecting in today’s tech ecosystem.

Geva’s role spans much more than legal guidance—he operates as a connector across markets, helping early-stage founders and institutional investors navigate cultural, legal, and strategic gaps. With over 50 personal investments under his belt and recent institutional activity focused heavily on cybersecurity, his perspective reflects not just what’s happening in legal due diligence, but where the real momentum lies.

AI Acceleration and M&A Hesitation

According to Geva, the accelerating capabilities of AI have created a strange paradox: in some sectors, VCs are hesitant to invest because the pace of change undermines long-term confidence. Yet in cybersecurity, AI has become a catalyst, not a caution. Cyber-AI combinations are among the few domains where deals are still moving quickly. He points to recent acquisitions—such as Palo Alto Networks’ move on Protect AI—as a signal that strategic consolidation is alive and well, even if overall deal volume is lighter than anticipated.

Cyber Due Diligence Is Now Table Stakes

No matter the industry, Geva confirms that cybersecurity evaluations are now a standard part of M&A. Whether acquiring a fashion brand or a software firm, buyers expect to see a clear security posture, a plan for risk management, and disclosure of any prior breaches. Experience managing incidents, he notes, can even serve as a confidence-builder rather than a liability—if handled professionally.

From Global Hubs to Human Connections

While San Francisco remains influential, Geva sees growing activity in New York, London, and Tel Aviv. But the real differentiator? Relationships. Knowing the players, understanding the culture, and reducing friction in cross-border deals all play into how transactions are shaped—and how they succeed.

Listen to the full conversation to hear what’s shaping the deals behind tomorrow’s cybersecurity innovations.

Note: This story contains promotional content. Learn more.

Guest:

Yair Geva, Partner, Head Tech Division at Herzog, Fox & Neeman | https://www.linkedin.com/in/yairgeva/

Resources

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, marco ciappelli, yair geva, cybersecurity, investment, ai, m&a, venture, resilience, innovation, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

In this on-location episode recorded at the RSAC Conference, Sean Martin and Marco Ciappelli sit down once again with Rob Allen, Chief Product Officer at ThreatLocker, to unpack what Zero Trust really looks like in practice—and how organizations can actually get started without feeling buried by complexity.

Rather than focusing on theory or buzzwords, Rob lays out a clear path that begins with visibility. “You can’t control what you can’t see,” he explains. The first step toward Zero Trust is deploying lightweight agents that automatically build a view of the software running across your environment. From there, policies can be crafted to default-deny unknown applications, while still enabling legitimate business needs through controlled exceptions.

The Zero Trust Mindset: Assume Breach, Limit Access

Rob echoes the federal mandate definition of Zero Trust: assume a breach has already occurred and limit access to only what is needed. This assumption flips the defensive posture from reactive to proactive. It’s not about waiting to detect bad behavior—it’s about blocking the behavior before it starts.

The ThreatLocker approach stands out because it focuses on removing the traditional “heavy lift” often associated with Zero Trust implementations. Rob highlights how some organizations have spent years trying (and failing) to activate overly complex systems, only to end up stuck with unused tools and endless false positives. ThreatLocker’s automation is designed to lower that barrier and get organizations to meaningful control faster.

Modern Threats, Simplified Defenses

As AI accelerates the creation of polymorphic malware and low-code attack scripts, Zero Trust offers a counterweight. Deny-by-default policies don’t require knowing every new threat—just clear guardrails that prevent unauthorized activity, no matter how it’s created. Whether it’s PowerShell scripts exfiltrating data or AI-generated exploits, proactive controls make it harder for attackers to operate undetected.

This episode reframes Zero Trust from an overwhelming project into a series of achievable, common-sense steps. If you’re ready to hear what it takes to stop chasing false positives and start building a safer, more controlled environment, this conversation is for you.

Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974

Note: This story contains promotional content. Learn more.

Guest:

Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/

Resources

Learn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlocker

Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25

______________________

Keywords:

sean martin, marco ciappelli, rob allen, zero trust, cybersecurity, visibility, access control, proactive defense, ai threats, policy automation, brand story, brand marketing, marketing podcast, brand story podcast

______________________

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us