Episodios

  • Continuous Security Validation in a World of Agentic AI | A Brand Spotlight at RSAC Conference 2026 with Matt Stewart and Alex Grohmann of Impetum

    Continuous Security Validation in a World of Agentic AI | A Brand Spotlight at RSAC Conference 2026 with Matt Stewart and Alex Grohmann of Impetum
    Apr 3 2026

    The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score.

    Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can.

    The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins.

    Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading.

    This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

    GUEST
    Matt Stewart, Co-Founder, Impetum
    Alex Grohmann, Co-Founder, Impetum
    LinkedIn: https://www.linkedin.com/in/alexandergrohmann/

    RESOURCES
    Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com
    ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS
    Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    22 m
  • When Fraud Becomes a Business: Stopping Bots, Agents, and the New Economics of Attack | A Brand Spotlight at RSAC Conference 2026 with Frank Teruel, Chief Operating Officer of Arkose Labs

    When Fraud Becomes a Business: Stopping Bots, Agents, and the New Economics of Attack | A Brand Spotlight at RSAC Conference 2026 with Frank Teruel, Chief Operating Officer of Arkose Labs
    Apr 2 2026

    Arkose Labs sits at the intersection of bot management, fraud prevention, and identity protection -- working with the world's largest consumer-facing brands to make fraud unprofitable. Frank Teruel walks through how the threat landscape shifted from nation-state actors and organized crime to fully democratized crime-as-a-service platforms, where MFA bypass kits are sold online and multi-billion dollar fraud operations run with the efficiency of a product company.

    The conversation covers three of the biggest attack categories hitting organizations today: SMS toll fraud, bonus abuse, and fake account registrations. Each one exploits legitimate business flows -- onboarding, loyalty programs, referral bonuses -- and often goes entirely undetected by security teams because the attackers never trigger a traditional alert. In one example, a rideshare company's cell bill climbed by millions before anyone connected it to a fraud campaign.

    With agentic AI now in the mix, the attribution problem has become exponentially harder. Is that agent booking a hotel room a legitimate user action or the opening move of an account takeover? Arkose Labs places its defenses at the very top of the funnel -- registration and login flows -- combining risk scoring, challenge technology, a 24/7 SOC, and a dark web intelligence program called ACTOR. When a novel attack technique surfaces in gaming, Arkose Labs writes a global mitigation; when that same technique hits banking two days later, the defense is already deployed.

    Frank Teruel closes with a direct message to CISOs: 75% of organizations surveyed cannot perform attribution, and 97% expect a major AI-driven incident within the next 12 months. The signal to watch for is not always in the security stack -- it shows up in rising SMS bills, unusual account-linking activity, and transaction abandonment rates that do not match marketing spend. The answer is internal fusion: security, fraud, finance, and operations sharing data before the incident, not after.

    This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

    GUEST

    Frank Teruel, Chief Operating Officer, Arkose Labs
    https://www.linkedin.com/in/frankteruel/

    RESOURCES

    Arkose Labs: https://www.arkoselabs.com

    RSAC Conference 2026: https://www.rsaconference.com

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Frank Teruel, Arkose Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, fraud prevention, bot management, account security, SMS toll fraud, agentic AI, fraud deterrence, identity protection, crime as a service, RSAC Conference 2026, CISO, account takeover, fake account registration, bonus abuse, loyalty fraud, federated threat intelligence


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    20 m
  • When the Browser Becomes the Battlefield: Human and Agentic Security in the Age of AI | A Brand Spotlight at RSAC Conference 2026 with Ed Wright, VP of Product Marketing at Menlo Security

    When the Browser Becomes the Battlefield: Human and Agentic Security in the Age of AI | A Brand Spotlight at RSAC Conference 2026 with Ed Wright, VP of Product Marketing at Menlo Security
    Apr 2 2026
    At RSAC Conference 2026, the floor at Moscone Center was buzzing with talk of AI -- but underneath the excitement, a sharper question was forming: are enterprises actually ready to secure the AI systems they are rushing to deploy? Ed Wright, VP of Product Marketing at Menlo Security, joined Sean Martin on-site to dig into exactly that question. With 85 percent of knowledge workers now operating primarily through a browser, Menlo Security has spent 13 years building the infrastructure to protect that surface -- and the threat landscape has just taken a significant turn. The traditional browser threat model centers on humans: phishing links, malicious downloads, social engineering, deepfake video scams. Enterprises have spent billions on SSE stacks and endpoint protection stacks. Yet attacks continue to multiply. What Menlo Security is now tracking is a second threat model layered on top -- one designed specifically for AI agents. Agents use browsers to acquire data and complete tasks, often spinning up hundreds or thousands of headless browser sessions outside the enterprise perimeter, invisible to network security tools that only monitor the wire. The threat profile for agents is distinct. Where a human might miss a suspicious link, an agent reads white-on-white text and zero-font-size characters embedded in web pages -- classic prompt injection techniques. Agents are maniacally focused on task completion and do not naturally separate instructions from data. A co-opted agent, redirected through hidden instructions, will pursue its new goal with the same single-mindedness as its original one. Ed Wright notes that the top concern among CISOs at the RSAC Conference CISO bootcamp -- confirmed by a live audience poll -- is data exfiltration from agents: an agent accessing files, scraping internal pages, passing data to external LLMs, and moving sensitive information outside the organization. Menlo Security's response is a unified browser security platform that applies a single policy framework to both human and agentic workloads. The platform is built on four pillars: threat prevention including zero-day protection, secure application access, data security through AI Adaptive DLP, and file security. AI Adaptive DLP is the capability Ed Wright emphasizes most -- it functions as a combination of DLP and DSPM, discovering and classifying sensitive data across the organization and masking it in real time rather than blocking access. When traditional DLP blocks a human, they call IT. When it blocks an agent, the workflow silently fails. AI Adaptive DLP eliminates that failure mode entirely, keeping workflows uninterrupted while sensitive data stays protected at the source. The unification argument cuts through a crowded point-solution market. Rather than deploying separate tools for prompt injection, file security, and application access, Menlo Security delivers a single layer of visibility and observability across the entire workforce. Single policies. Single set of capabilities. No stitching together of forensic data from disconnected systems. Ed Wright points to a Fortune 500 customer that deployed 20,000-plus agents in a short window after a board mandate -- and quickly realized they had no security guardrails in place for browser-based agentic activity. The emergency call to Menlo Security was not the first of its kind, and it will not be the last. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ed Wright, VP of Product Marketing, Menlo Security LinkedIn: https://www.linkedin.com/in/edwardwright1/ RESOURCES Menlo Security: https://www.menlosecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Ed Wright, Menlo Security, Sean Martin, browser security, agentic AI security, AI agents, headless browsers, prompt injection, data exfiltration, AI Adaptive DLP, DSPM, zero-day threats, enterprise browser, SSE, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    22 m
  • One Key to Rule Them All: Physical Access, Digital Login, and Post-Quantum Security | A Brand Highlight at RSAC Conference 2026 with Alexander Summerer, Head of Authentication at Swissbit

    One Key to Rule Them All: Physical Access, Digital Login, and Post-Quantum Security | A Brand Highlight at RSAC Conference 2026 with Alexander Summerer, Head of Authentication at Swissbit
    Apr 2 2026

    Most enterprise authentication today is still built on passwords or one-time codes -- and neither is phishing-resistant. Alexander Summerer explains that fraud remains the core challenge: attackers intercept credentials in the online channel, and users are burdened with complex password policies that slow them down without making them safer. Swissbit's answer is the iShield Key, a FIDO2-based hardware security key that is plug and play. No passwords to remember, no codes to intercept, and no chance for a phishing attack to succeed.

    What sets Swissbit apart at RSAC Conference 2026 is convergence. The same iShield Key that authenticates a user at their workstation can also open a door. Tap it on an HID reader in a healthcare facility, a university, or a manufacturing plant, and access is granted -- physical and digital, in one device. Swissbit is the only vendor on the market today offering this combination, with HID Seos support now available and a global partner network ready to deploy at scale.

    The forward story is post-quantum cryptography. Alexander Summerer notes that quantum computing poses a real and coming threat to standard authentication algorithms. Swissbit is already previewing a PQC evaluation platform at booth 6565 -- a device that runs a post-quantum chip alongside the traditional chip. Organizations can upgrade to PQC-protected authentication with the same hardware, keeping legacy use cases running without disruption.

    This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight

    GUEST

    Alexander Summerer, Head of Authentication, Swissbit
    LinkedIn: https://www.linkedin.com/in/alexander-summerer

    RESOURCES

    Swissbit: https://www.swissbit.com
    iShield Key product page: https://www.swissbit.com/en/products/security-products/ishield-key/

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Alexander Summerer, Swissbit, Sean Martin, RSAC Conference 2026, hardware security key, FIDO2, phishing-resistant authentication, passwordless authentication, physical access control, post-quantum cryptography, PQC, iShield Key, HID Seos, enterprise authentication, zero trust, brand story, brand marketing, marketing podcast, brand highlight


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    10 m
  • Securing Data Across the Hybrid Enterprise | A Brand Spotlight at RSAC Conference 2026 with Thyaga Vasudevan, EVP, Product of Skyhigh Security

    Securing Data Across the Hybrid Enterprise | A Brand Spotlight at RSAC Conference 2026 with Thyaga Vasudevan, EVP, Product of Skyhigh Security
    Apr 2 2026

    Most organizations are not cloud-only and, according to Thyaga Vasudevan, EVP, Product at Skyhigh Security, they are unlikely to become cloud-only anytime soon. Legacy on-prem applications, new AI workloads kept inside the firewall, and the growing cost of routing all enterprise traffic through a cloud proxy are pushing organizations toward a hybrid security architecture -- one that needs to enforce consistent policy regardless of where the traffic goes or where the data lives.

    Skyhigh Security announced three major innovations at RSAC Conference 2026: a next-generation SSE hybrid platform with a single console managing on-prem and cloud enforcement under one policy construct; a patent-pending browser security capability that injects JavaScript controls dynamically into existing browser sessions without requiring a dedicated enterprise browser; and the general availability of its DSPM platform, which uniquely provides visibility into both data at rest and data in motion by combining proxy-layer inspection with posture management.

    The browser has quietly become the most important enforcement point in the enterprise. As AI tools like Microsoft Copilot operate through web socket connections that cannot be intercepted at the server level, security controls have to reach inside the browser session itself. Vasudevan describes a seamless approach: because Skyhigh Security already sees the traffic flowing through its SSE cloud, it can inject controls at the browser layer without asking employees to change the tools they use.

    Data sovereignty is no longer a compliance footnote -- it is an architectural driver. Vasudevan walked through a global manufacturer operating simultaneously in Europe, the United States, and China. Each region carries different regulatory constraints, different trust postures for cloud infrastructure, and different performance requirements. Skyhigh Security's hybrid platform handles all three scenarios under the same management framework and the same policy construct. The customer chooses where enforcement happens -- on-prem, cloud, or hybrid -- without rebuilding their security architecture.

    On AI agents, Vasudevan describes the evolution clearly: 2022 was about protecting data flowing into generative AI tools; 2025 became about protecting the actions of the agents themselves. Skyhigh Security positions itself as a proxy between agent traffic and the systems agents interact with -- whether MCP servers or SaaS applications -- monitoring what goes in and what comes out in real time. DSPM provides the baseline: know where sensitive data is and what risk it carries before any agent is given access to it. That distinction between sensitivity and risk is what allows organizations to make smart, dynamic decisions rather than blanket restrictions.

    This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

    GUEST

    Thyaga Vasudevan, EVP, Product, Skyhigh Security
    https://www.linkedin.com/in/thyaga12/

    RESOURCES

    Skyhigh Security: https://www.skyhighsecurity.com

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Thyaga Vasudevan, Skyhigh Security, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, hybrid security, SSE, Security Service Edge, DSPM, data security posture management, zero trust, browser security, data sovereignty, AI agents, agentic AI, cloud security, RSAC Conference 2026, cybersecurity


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    22 m
  • When Every Second Counts, Who Knew What and When? | A Brand Spotlight at RSAC Conference 2026 with Vaughan Shanks, Co-Founder and CEO of Cydarm Technologies

    When Every Second Counts, Who Knew What and When? | A Brand Spotlight at RSAC Conference 2026 with Vaughan Shanks, Co-Founder and CEO of Cydarm Technologies
    Apr 2 2026

    In the middle of a major incident, security teams face a brutal paradox: the faster things move, the harder it becomes to capture what's actually happening. Cydarm Technologies was built to solve exactly that. Vaughan Shanks, Co-Founder and CEO, describes the platform as a system of record for the SOC -- a purpose-built case management tool that captures who knew what, when, and why, in real time, throughout the lifecycle of an incident.

    Most of Cydarm's customers sit in government, defense, and critical infrastructure -- organizations where the pressure of regulatory compliance, legal accountability, and board-level reporting is highest. But the value extends well beyond compliance. Shanks draws a direct line from his time in Australian federal government to the philosophy behind Cydarm: good record keeping is good governance. When a capital-I incident is declared, legal, HR, communications, the C-Suite, and the board all need a view in. Cydarm's fine-grained, attribute-based access control makes it possible to give each stakeholder exactly the access they need -- and no more.

    What sets Cydarm apart from the ticketing systems most teams already have? Shanks puts it plainly: ITSM was built for IT service management, not adversarial cyber threats. The volume, velocity, and variety of SecOps are simply different. Cydarm is designed to feel more like WhatsApp and less like ITSM -- rich data format support, Easy Connect integrations, and a collaborative experience built specifically for high-frequency security operations. Teams that have built workarounds in existing tools know the maintenance burden that comes with it. Cydarm eliminates that mess.

    The post-incident dimension is where the system of record pays compounding dividends. Shanks outlines three paths: individual incident reports with adjustable significance levels for different audiences; longitudinal metrics capture that reveals the threat environment your controls aren't blocking; and resource justification data that gives security leaders the evidence to defend headcount and budgets. One customer -- a security leader at a major household brand -- had never experienced a breach, and had long struggled to justify the size of their team. With Cydarm's metrics, they finally had the data to make the argument.

    This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

    GUEST

    Vaughan Shanks, Co-Founder and CEO, Cydarm Technologies
    https://www.linkedin.com/in/vaughan-shanks/

    RESOURCES

    Cydarm Technologies: https://www.cydarm.com

    KEYWORDS

    Vaughan Shanks, Cydarm Technologies, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cyber incident response, SOC case management, security operations, incident management platform, system of record, RSAC Conference 2026, NIST incident response, playbook management, SecOps, ITSM alternatives, post-incident review, threat metrics, CISO accountability


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    19 m
  • Agentic AI, Bot Economics, and the New Arms Race | A Brand Spotlight at RSAC Conference 2026 with Kevin Gosschalk, Founder and CEO of Arkose Labs

    Agentic AI, Bot Economics, and the New Arms Race | A Brand Spotlight at RSAC Conference 2026 with Kevin Gosschalk, Founder and CEO of Arkose Labs
    Apr 1 2026
    A decade ago, Kevin Gosschalk was talking CAPTCHAs and bot mitigation with Marco Ciappelli at a security conference. Today, at RSAC Conference 2026, the conversation has shifted to agentic AI -- autonomous systems that browse, click, and transact on behalf of users. For Gosschalk, the Founder and CEO of Arkose Labs, the technology has changed but the challenge is familiar: how do you tell the difference between a legitimate automated actor and a malicious one? Gosschalk explains that the vast majority of agentic traffic today is not self-identifying. Rather than announcing themselves as AI agents, these systems impersonate real Chrome browsers on Mac OS -- choosing configurations with stronger privacy features to evade fingerprinting. There are two technical categories to contend with: headless browsers running in the cloud, which can be caught through device spoofing checks, and on-device agents that control a real browser instance, which require a deeper look at behavioral patterns and intent signals. Arkose Labs builds intent models around payment fraud, fake account creation, and account compromise to distinguish the good agents from the bad. The economic framing Gosschalk brings to this conversation is striking. He describes SMS toll fraud -- where bad actors acquire millions of premium phone numbers and trigger OTP messages from victim companies, earning three to six cents per message while costing those companies tens of millions of dollars annually. He walks through micro deposit fraud targeting fintechs. His core thesis: fraud is an economic activity, and the best defense is making attacks more expensive than they are worth. Arkose Labs builds challenge mechanisms designed to raise that cost through novel stimuli that ML models have not been trained to solve -- presenting something genuinely new forces a brute-force approach that is less effective than purpose-built attacks. The platform's consortium model is a key differentiator. Arkose Labs protects large enterprises including Expedia and Meta, and when an attack signature appears on one customer but nowhere else in the network, its uniqueness is itself a strong fraud signal. Customers can also feed labeled outcome data back into the system -- if something slips through and later proves malicious, that label sharpens the model for the entire consortium. Gosschalk is equally clear about the opportunity side of agentic AI. Blocking all automated traffic is no longer viable -- legitimate agentic commerce is coming, where consumers will delegate shopping, comparison, and purchasing to AI assistants. The future is not blanket blocking but granular, policy-driven enforcement: letting each customer define what kinds of agentic behavior they want to permit on their platforms. Integration is accessible -- a basic JavaScript deployment for web, SDKs for mobile, and extended support for IoT devices and CDN integrations. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Kevin Gosschalk, Founder and CEO, Arkose Labs LinkedIn: https://www.linkedin.com/in/kgosschalk/ RESOURCES Arkose Labs: https://www.arkoselabs.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Gosschalk, Arkose Labs, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand spotlight, agentic AI, bot detection, bot mitigation, fraud prevention, SMS toll fraud, micro deposit fraud, behavioral biometrics, intent detection, CAPTCHA, account takeover, synthetic identity, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    20 m
  • Closing the Exposure Window: From Vulnerability Management to Remediation Operations | A Brand Highlight at RSAC Conference 2026 with Sunil Gottumukkala, CEO & Co-Founder of Averlon

    Closing the Exposure Window: From Vulnerability Management to Remediation Operations | A Brand Highlight at RSAC Conference 2026 with Sunil Gottumukkala, CEO & Co-Founder of Averlon
    Apr 1 2026

    The cybersecurity industry is good at finding problems. What it has struggled with -- for decades -- is fixing them. Sunil Gottumukkala, CEO and Co-Founder of Averlon, calls this the exposure window: the gap between when a vulnerability is discovered and when it is actually resolved. That gap is where real risk lives, and closing it is the founding mission of Averlon.

    Speaking on location at RSAC Conference 2026, Gottumukkala draws on his experience as a security executive at Salesforce to explain why even the most well-resourced teams fall behind. More code, more acquisitions, and more attack surface means more findings -- but the capacity to remediate does not scale at the same rate. The answer, he argues, is not more people. It is better systems.

    Averlon approaches the problem by ingesting findings from across a customer's security stack, applying AI-driven analysis to determine what is actually exploitable in that specific environment, and eliminating noise. From there, rather than generating a ticket, the platform generates a fix -- actual code changes for application vulnerabilities, or compensating controls for situations requiring more time. The goal is not to manage vulnerabilities. It is to eliminate them.

    This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight

    GUEST

    Sunil Gottumukkala, CEO & Co-Founder, Averlon
    https://www.linkedin.com/in/sunilgottumukkala/

    RESOURCES

    Averlon: https://www.averlon.ai

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Sunil Gottumukkala, Averlon, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, vulnerability remediation, remediation operations, exposure window, cloud security, agentic AI, CVSS, vulnerability management, RSAC Conference 2026, RSAC 2026, cybersecurity


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    9 m