Security teams today are expected to manage two fronts—building and maintaining proactive defenses, and staying ready to respond at any moment to threats that slip through. But unless someone actively watches those alerts 24/7, your detection tools are expensive noise generators. In this episode, Rob Allen, chief product officer at ThreatLocker, lays out why their Cyber Hero® MDR offering is built not as a standalone security strategy, but as a complement to a deny-by-default, proactively hardened environment. With real-time visibility, flexible communication, one-click remediation, and human-backed support—not just automation—ThreatLocker’s MDR offering is positioned to deliver value even when the alerts are quiet. Joining him are TC Niedzialkowski, head of IT and security at Opendoor, and Sasha Pereira, CISO at WASH. Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
18:04
Stopping AI Oversharing with Knostic
Large language models are most useful to your business when they have access to your data. But these models also overshare by default, providing need-to-know information without sophisticated access controls. But organizations that try to limit the data accessed by an LLM risk undersharing within their organization, not giving the information users need to do their jobs more efficiently. In this episode, Sounil Yu, CTO at Knostic, explains how they address internal knowledge segmentation, offer continuous assessments, and help prevent oversharing while also identifying under-sharing opportunities. Joining him are our panelists, Ross Young, CISO-in-residence at Team8, and David Cross, CISO at Atlassian. Huge thanks to our sponsor, Knostic Knostic protects enterprises from LLM oversharing by applying need-to-know access controls to AI tools like Microsoft 365 Copilot. Get visibility into overshared data, fix risky exposures, and deploy AI confidently—without data leakage. If you’re rolling out Copilot or Glean, you need Knostic.
--------
17:02
Navigating Unauthorized Site Access with ThreatLocker
Unauthorized site access remains a significant security concern for organizations. But why does this issue persist, and how can it be effectively addressed? In this episode, Rob Allen, chief product officer at ThreatLocker, discusses the core functionality of ThreatLocker's Web Control solution: blocking access to unauthorized sites without meddling with DNS servers—a common pitfall among other tools. Rob explains that the simplicity of defining where employees can and cannot access is pivotal. This approach not only helps keep users away from malicious sites but also steers them clear of non-productive ones, thereby enhancing resource allocation. Rob is joined by our panelists, TC Niedzialkowski, Head of IT & Security at Opendoor, and Sasha Pereira, CISO, WASH. Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
--------
15:12
Getting Linux Visibility with Sandfly Security
Linux is the backbone of critical infrastructure, yet it often flies under the radar when it comes to endpoint monitoring. From legacy servers to embedded systems, Linux devices are frequently unprotected, either due to operational risk, overlooked assets, or the false assumption that Linux is “secure by default.” In this episode, Craig Rowland, founder and CEO of Sandfly Security, introduces an agentless approach to EDR purpose-built for Linux systems. By operating over SSH and running rapid, randomized checks without traditional kernel hooks, Sandfly can monitor unprotected Linux endpoints, detect fileless and dormant attacks, and uncover SSH key-based lateral movement—all without tipping over sensitive systems. Joining Craig are Jerich Beason, CISO at WM, and Steve Zalewski, co-host of Defense in Depth, dive into where this solution fits in the broader Linux security conversation and why it might be the missing piece for OT and critical infrastructure teams. Huge thanks to our sponsor, Sandfly Security Sandfly delivers agentless Linux EDR that deploys instantly across all distributions and architectures - from cloud servers to embedded devices and legacy systems. Our platform detects evasive threats, monitors SSH keys, and identifies system drift without performance impacts. Comprehensive Linux security without the endpoint agent risk.
--------
18:18
Solving Patch Management with ThreatLocker
For years, patch management has been treated as a solved problem—until reality strikes. Outdated applications, portable executables, patch conflicts, and shadow software leave organizations unknowingly exposed. The tools may exist, but the process often breaks down. In this episode, Rob Allen, chief product officer at ThreatLocker, discusses why their new patch management solution goes beyond legacy approaches. With built-in patch packaging, pre-deployment testing, and granular control, the platform helps teams navigate complex environments while keeping rollback, risk tolerance, and deny-by-default strategies in play. Joining him are Mike Woods, vp of cybersecurity at GE Vernova, and Steve Zalewski, co-host of Defense in Depth. Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that.
Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on:
How to explain the issue to your CEO
What the solution actually does (and doesn’t do)
How the pricing model works
Then, our security leaders ask the tough questions to see what sets this vendor apart.
Subscribe now and and stay ahead of the latest security solutions. Visit CISOseries.com for more details.
Security You Should Know: Connecting security solutions with security leaders.
México