82% of enterprises are running AI agents they don't know about.

That number came out of #RSAC Conference 2026 — and it wasn't the most alarming stat on the table.

Sean Martin sat back down with Itamar Apelblat, Co-Founder and CEO of Token Security, to unpack what he heard walking the show floor and what the CSA data now makes impossible to ignore: 65% of organizations have already had an AI agent-related incident in the last twelve months. 82% found agents in their environment that nobody authorized. Only 21% have any formal process to retire an agent when it's done.

Discovery alone is not governance. Intent-based enforcement is. That's where this conversation lands — and it's worth your time.

A huge thank you to the team at Token Security for joining Sean Martin and Marco Ciappelli on this journey — both on the floor at #RSAC2026 and in the recap. We loved sharing your story and we're looking forward to many more conversations ahead. 🙌

📍 Where are we headed next? Glad you asked: Infosecurity Europe and Black Hat USA — see you there.

🎙️ Recap: https://youtu.be/ZeI5bSbQ070
🎙️ On Location: https://youtu.be/uWjCQC3LnaY
🌐 RSAC Coverage: https://www.itspmagazine.com/rsac
🌐 Next Coverages: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

#TokenSecurity #AIAgents #AgentSecurity #CyberSecurity #CISO #CloudSecurity #AIGovernance #IdentitySecurity #CSAReport #InfoSec #RSAC2026 #InfosecurityEurope #BlackHatUSA #CyberSecurityPodcast

After #RSAC Conference 2026, the vendors were louder, the booths were bigger, and the AI claims were everywhere.

So Sean Martin & Marco Ciappelli reconnected with Michael Parisi, Chief Growth Officer at Steel Patriot Partners, to ask what was actually happening beneath all that noise — and where the conversations that actually matter were taking place.

Mike's read from the floor is simple: the "fog of more" is winning. Not because the technology is bad, but because every vendor is saying nearly the same thing and CISOs are running out of ways to tell them apart.

The real conversations? Not in the keynote halls. They're happening in hallways, at dinners, in closed-door rooms where buyers can finally speak honestly.

A huge thank you to the team at Steel Patriot Partners for joining us on this journey — both on the floor at #RSAC2026 and in the recap. We loved sharing your story and we're looking forward to many more conversations ahead. 🙌

📍 Where are we headed next? Glad you asked: Infosecurity Europe and Black Hat USA — see you there.

🎙️ Recap: https://lnkd.in/ggGQtz2t
🎙️ On Location: https://lnkd.in/gYRuPaPe
🌐 RSAC Coverage: https://lnkd.in/gW-6ZtH
🌐 Next Coverages: https://lnkd.in/gaGVUjgg

#SteelPatriotPartners #CISO #CyberSecurity #RSACConference #FogOfMore #SecurityStrategy #VendorNoise #InfoSec #GRC #CyberSecurityLeadership #RSAC2026 #InfosecurityEurope #BlackHatUSA #CyberSecurityPodcast

🎯 FINAL POST FROM THE FLOOR: #BlackHatUSA 2025 Coverage!

Access Roulette: How to Stop Betting Your Security on Standing Privileges

This wraps up our on-location content from Las Vegas!

Next week we'll reconnect with our main event sponsors— BLACKCLOAK, Dropzone AI, Stellar Cyber, and Akamai Technologies—to bring you their post-event insights and feedback. Of course ThreatLocker's recap was already captured on the floor and published earlier today. Plus, watch for our closing reflection articles from me Marco Ciappelli and Sean Martin, CISSP!

Our final floor conversation comes thanks to our friends at Apono 🙏

Modern enterprises are gambling with security every day. Static permissions, manual approvals, and periodic audits create "privilege creep" that turns every over-privileged account into a potential breach waiting to happen.

At #BlackHat USA 2025, Ofir Stein from #Apono reveals how to break this dangerous cycle.

The stakes keep rising:
• Non-human identities (service accounts, #APIs, #AIagents) retain high-level privileges long after tasks complete
• Organizations discover risks during audits but lack scalable remediation
• #Business teams need rapid access while security teams battle expanding #attacksurfaces

Apono's Zero Standing Privilege model:
• Removes ALL permanent access by default
• Grants access dynamically based on business context
• Automatically revokes permissions when tasks complete
• Works for both human AND non-human identities
• Integrates with existing #identity providers—no rip and replace

Key capabilities:
• Context-based policy management aligned with business objectives
• Continuous discovery of identities, privileges
• Automated remediation of unnecessary privileges
• Real-time anomaly detection feeding #SOC workflows
• Scalable across centralized and decentralized environments

The result?
Engineers gain control over their access (building trust), security teams maintain tight governance, and organizations can finally stop betting their security on standing privileges.

📺 Watch the video: https://youtu.be/ciBsH84PVQU

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/access-roulette-how-to-stop-betting-your-security-on-standing-privileges-a-brand-story-with-ofir-stein-cto-and-co-founder-of-apono-a-black-hat-usa-2025-conference-on-location-brand-story-HD5Uq_kf

📖 Read the blog: https://www.itspmagazine.com/their-stories/access-roulette-how-to-stop-betting-your-security-on-standing-privileges-a-brand-story-with-ofir-stein-cto-and-co-founder-of-apono-a-black-hat-usa-2025-conference-on-location-brand-story

➤ Learn more about Apono: https://itspm.ag/apono-1034

✦ Catch more stories from Apono: https://www.itspmagazine.com/directory/apono

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #IdentityManagement #ZeroTrust #AccessControl #BlackHatUSA #BHUSA25 #PrivilegeManagement #IAM #SecurityAutomation #NonHumanIdentities

🎯 WRAPPING UP: #BlackHat USA 2025 Coverage Nearly Complete!
With nearly all our on-location content from Las Vegas now published, we're excited to share this recap story.

Stay tuned for the closing reflections (Newsletter Articles and Audio version) from Marco Ciappelli and Sean Martin, CISSP coming soon!

🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to catch those final insights when they drop!

This is an event recap from the expo floor with our friends at ThreatLocker 🙏

#ThreatLocker Unveils Configuration Defense & Achieves #FedRAMP Status at #BlackHat2025

#Zerotrust evolved from theory to practical business solution at Black Hat 2025, as Kieran Human from ThreatLocker revealed game-changing announcements that address real-world security challenges.

The standout:
Defense Against Configuration (#DAC)—a monitoring tool that solves a critical zero trust gap. Organizations invest heavily in security but often leave systems vulnerable through poor configuration management. DAC changes this by:
• Continuously monitoring configurations and alerting to potential issues
• Mapping findings to compliance frameworks including Essential 8
• Providing weekly executive reports to ensure oversight
• Preventing the "overly permissive rules" that compromise security

ThreatLocker's "denied by default, allowed by exception" approach fundamentally differs from traditional EDR solutions. With 10,000+ built-in application profiles and learning mode capabilities, deployment no longer means business disruption.

Major milestone:
FedRAMP certification opens government sector opportunities, answering strong customer demand from highly regulated environments that previously couldn't adopt their zero trust capabilities.

Real impact:
One customer reported preventing THREE breaches after implementing ThreatLocker's solution—proving that properly implemented zero trust delivers measurable security improvements.

The key insight? Security must enable business, not hinder it. ThreatLocker's least privilege implementation focuses on meeting business requirements with minimal necessary permissions—protecting assets without hampering productivity.

📺 Watch the video: https://youtu.be/AN5k5-aBwWc

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/event-recap-kieran-human-at-black-hat-usa-2025-threatlocker-unveils-configuration-defense-achieves-fedramp-status-more-brand-story-with-threatlocker-from-black-hat-usa-2025

📖 Read the blog: https://www.itspmagazine.com/their-stories/event-recap-kieran-human-at-black-hat-usa-2025-threatlocker-unveils-configuration-defense-achieves-fedramp-status-more

➤ Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974

✦ Catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlocker

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #BlackHatUSA #BHUSA25 #Compliance #SecurityAutomation #GovTech

Take a look back at Claroty's presence last week at 🎩 Black Hat USA 2025 in Las Vegas. We had such an awesome time and look forward to next year!

With the right cyber-physical security measures, commitment, budgets and partnerships in place, human safety, business continuity, operational uptime, consumer trust – and life itself – goes uninterrupted.

Are you ready for Life, uninterrupted? https://claroty.com/life-uninterrupted

#LifeUninterrupted #BHUSA #BlackHatUSA #LifeAtClaroty #BlackHat2025 #BlackHat #BlackHatUSA2025 #BHUSA25 #Claroty

🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!

#Cybersecurity Hiring Is Not Broken—Your Job Descriptions Are

We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!

🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!

We're thrilled to share this transformative Brand Story conversation thanks to our friends at CyberSN 🙏

Cybersecurity Hiring Is Not Broken—Your Job Descriptions Are

The cybersecurity #talentgap isn't just about finding people—it's about understanding who you have and what you actually need.

At #BlackHat2025, Deidre Diamond (CEO of #CyberSN) and Carraig Stanwyck (CEO of 3 Tree Tech) reveal why outdated job descriptions and static spreadsheets are sabotaging your security team's success.

The hidden problems killing your team effectiveness:
• Leaders manage complex teams with tools that can't capture real-time role changes or skill utilization
• Employees burn out doing work outside their job descriptions
• Strategic plans and budgets are built on incomplete or inaccurate information • Generic job postings create the "square peg, round hole" hiring problem
• Retention suffers when skills and roles don't align

CyberSN's workforce risk management platform changes the game by providing:
• Dynamic capability mapping—see how each capability is staffed and identify gaps
• Role realignment insights to match employees with work that fits their strengths
• Accurate job descriptions based on actual needs, not outdated templates
• Employee engagement data for better career planning and retention
• Data-backed insights that strengthen budget requests

The #business impact?
Improved retention, stronger budgets, reduced burnout, and teams that can proactively adapt to changing priorities. When you truly understand your #workforce, you can transform cybersecurity from a reactive function into a strategic force.

📺 Watch the video: https://youtu.be/TIIwtawhGFE

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/cybersecurity-hiring-is-not-brokenyour-job-descriptions-are-a-brand-story-with-deidre-diamond-founder-and-ceo-of-cybersn-and-carraig-stanwyck-ceo-and-former-fortune-200-ciso-a-black-hat-usa-2025-conference-on-location-brand-story-03Sh_Qc2

📖 Read the blog: https://www.itspmagazine.com/their-stories/cybersecurity-hiring-is-not-brokenyour-job-descriptions-are-a-brand-story-with-deidre-diamond-ceo-of-cybersn-and-carraig-stanwyck-a-black-hat-usa-2025-on-location-brand-story

➤ Learn more about CyberSN: https://itspm.ag/cybersn-476941

✦ Catch more stories from CyberSN: https://www.itspmagazine.com/directory/cybersn

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #TalentManagement #WorkforceRisk #CyberHiring #BlackHatUSA #BHUSA25 #SecurityTeams #CyberCareers #TeamBuilding

🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!

"Data Kidnapping: Because File Encryption Is So 2020" 🫢

We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!

🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!

We're excited to share this eye-opening Brand Story conversation thanks to our friends at Zscaler 🙏

#Ransomware has evolved. Attackers no longer need to encrypt your data—they're stealing it and threatening public exposure unless you pay.

At #BlackHat2025, Brett Stone-Gross from #Zscaler reveals how this shift changes everything about defense strategies.

The new reality organizations face:
• Stolen data moves slowly enough to avoid alerts—or quickly enough to overwhelm teams
• File transfer tools and other apps left exposed to the internet create easy entry points
• Advanced groups target single victims for multimillion-dollar payouts based on stolen data value
• The U.S. accounts for ~50% of ransomware incidents, making American companies prime targets
• Legacy systems in #healthcare, #manufacturing, and oil & gas amplify risks

Zscaler's #zerotrust approach tackles these challenges by:
• Eliminating internet-facing vulnerabilities—hiding applications from public view
• Advanced #threatprevention that blocks exploits before escalation
• Segmentation that prevents lateral movement from compromised accounts
• #DLP that detects and stops unauthorized data transfers
• Continuous monitoring that catches privilege escalation attempts

The business impact?
Reduced attack surface, faster threat containment, lower risk of repeated incidents, and better security #ROI.

When attackers can't see your applications, they can't exploit them.

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/data-kidnapping-because-file-encryption-is-so-2020-a-brand-story-with-brett-stone-gross-senior-director-of-threat-intelligence-at-zscaler-a-black-hat-usa-2025-conference-on-location-brand-story-X7hKwxG_

📖 Read the blog: https://www.itspmagazine.com/their-stories/data-kidnapping-because-file-encryption-is-so-2020-a-brand-story-with-brett-stone-gross-senior-director-of-threat-intelligence-at-zscaler-a-black-hat-usa-2025-conference-on-location-brand-story

➤ Learn more about Zscaler: https://itspm.ag/zscaler-327152

✦ Catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscaler

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #Ransomware #ZeroTrust #DataProtection #BlackHatUSA #BHUSA25 #ThreatIntelligence #DLP #CloudSecurity #DataKidnapping #infosec #infosecurity

🎉 Big week for the OpenSSF community at #BlackHatUSA + #DEFCON33!

From packed panels to big wins in the #AIxCC, our community showed what’s possible when open source security leaders, researchers, and innovators come together.

Read the full recap: https://openssf.org/blog/2025/08/14/openssf-at-black-hat-usa-2025-def-con-33-aixcc-highlights-big-wins-and-the-future-of-securing-open-source/

🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!

How to Automate #Cybersecurity Operations Without Coding, Crying, or Calling IT at 2 A.M.

We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!

🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!

We're delighted to share this game-changing Brand Story conversation thanks to our friends at BlinkOps 🙏

Traditional #SOAR platforms promise automation but deliver complexity—requiring extensive scripting, specialized skills, and weeks to implement new workflows. At #BlackHat2025, Mike Wayne from #BlinkOps reveals a better way.

The breakthrough: Micro agents instead of monolithic #AI. BlinkOps enables you to build small, focused #AI entities designed for specific tasks—minimizing hallucination risks while maximizing control and precision.

What makes this different:
• Describe automation goals in plain language—the system generates working automations
• Low-code/no-code accessibility lets citizen developers across HR, finance, and security build automations
• Smaller context windows = fewer AI mistakes and more predictable outcomes • Deploy as #SaaS, hybrid, or in #FedRAMP #GovCloud environments
Real-world results that matter:
• One customer saved $1.8M in 30 days automating endpoint deployments
• A triage agent processed 400 SOC alerts in 8 days with zero human intervention
• Reduced MTTR through agent-embedded workflows
• Automation extends beyond security into HR, finance, and operations

The message is clear: Instead of replacing humans, these micro agents work alongside them—taking on repetitive tasks so your team can focus on strategic initiatives. Just blink it!

📺 Watch the video: https://youtu.be/eohOpveUkCQ

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/how-to-automate-cybersecurity-operations-without-coding-crying-or-calling-it-at-2-am-a-brand-story-with-mike-wayne-vice-president-global-sales-at-blinkops-a-black-hat-usa-2025-conference-on-location-brand-story-_YpUbfOf

📖 Read the blog: https://www.itspmagazine.com/their-stories/how-to-automate-cybersecurity-operations-without-coding-crying-or-calling-it-at-2-am-a-brand-story-with-mike-wayne-vp-global-sales-at-blinkops-a-black-hat-usa-2025-on-location-brand-story

➤ Learn more about BlinkOps: https://itspm.ag/blinkops-942780

✦ Catch more stories from BlinkOps: https://www.itspmagazine.com/directory/blinkops

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #SecurityAutomation #SOAR #AI #NoCode #BlackHatUSA #BHUSA25 #SOC #AutomationPlatform #MicroAgents

🎯 NOW PUBLISHING: On-Location Coverage from #BlackHat USA 2025!

We're back in the office and excited to start sharing all the conversations we captured on location in Las Vegas with our amazing sponsors and editorial coverage!

🔔 Follow ITSPmagazine, Sean Martin, CISSP, and Marco Ciappelli to get this content fresh as it drops!

We're thrilled to share this critical Brand Story conversation thanks to our friends at ReversingLabs 🙏

Your Business Apps Are Bringing Friends You Didn't Invite

Every commercial software application is a complex assembly of first-party, contracted, open source, and third-party code. But when #SolarWinds, #Kaseya, and #Ivanti happened, we learned that vendor questionnaires and contractual assurances offer little protection against supply chain compromises.

At #BlackHat2025, Saša Zdjelar, Chief Trust Officer at ReversingLabs, reveals how organizations can finally verify the integrity of #software from outside vendors—without relying on blind trust.

The game-changer: Comprehensive binary analysis that deconstructs any file into its components to:

• Detect malware, tampering, and embedded secrets

• Identify #vulnerabilities and insecure practices

• Uncover undocumented network connections

• Flag #compliance risks from restricted regions

This isn't just another policy checkbox—it's a true technical control that inspects the software itself, regardless of size or complexity.

Real-world applications:

• Procurement: Auto-scan all software before deployment

• Version Monitoring: Detect unexpected behavior changes between releases

• Critical Environments: Verify integrity before software enters OT, ICS, or financial systems

• Risk Management: Assess COTS software as part of ongoing vendor reviews

With regulations like EO 14028 and the EU's #CyberResilience Act demanding transparency, the ability to technically validate every application delivers both strategic protection and measurable benefits.

📺 Watch the video: https://youtu.be/pU9bHYFND7c

🎧 Listen to the podcast: https://brand-stories-podcast.simplecast.com/episodes/your-business-apps-are-bringing-friends-you-didnt-invite-a-brand-story-with-saa-zdjelar-chief-trust-officer-at-reversinglabs-and-operating-partner-at-crosspoint-capital-a-black-hat-usa-2025-conference-on-location-brand-story-a2sfPy_B

📖 Read the blog: https://www.itspmagazine.com/their-stories/your-business-apps-are-bringing-friends-you-didnt-invite-a-brand-story-with-saa-zdjelar-chief-trust-officer-at-reversinglabs-a-black-hat-usa-2025-on-location-brand-story

➤ Learn more about ReversingLabs: https://itspm.ag/reversinglabs-v57b

✦ Catch more stories from #ReversingLabs: https://www.itspmagazine.com/directory/reversinglabs

🎪 Follow all of our #BHUSA 2025 coverage: https://www.itspmagazine.com/bhusa25

#Cybersecurity #SupplyChainSecurity #SoftwareIntegrity #BlackHatUSA #BHUSA25 #ThirdPartyRisk #SBOM #BinaryAnalysis #Compliance #ZeroTrust