Subscribe Share Full episode and show notes AI/ML , Endpoint/Device Security , EDR Visibility with EDR/MDR is still important, ‘the basics’ are impossible, and the news – Rob Allen – ESW #460 Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding ... May 25, 2026 Full Segment Notes Interview with Rob Allen from Threatlocker This week, Rob Allen from Threatlocker is with us to discuss the importance of EDR and MDR visibility. We discuss some real world attacks and anecdotes where EDR was able to save the day when threats were missed by other controls. Topic: Do the basics, they said. Easier said than done. Guillaume and Adrian discuss the futility of attempting to do all the foundational work standards, best practices, and regulations expect of organizations. Adrian has given up. Fortunately, Guillaume has some excellent advice and hope to share on this front. The weekly enterprise news Finally, in the enterprise security news, a really interesting vibe check funding acquisitions the verizon DBIR we give a tutorial on how to leak AWS keys on github OH NEVERMIND, SOMEONE AT CISA ALREADY MADE THE TUTORIAL agents versus agents exploitbench the vulnpocalypse robot dogs are SO EASY to take out, we don’t need to be too scared of them yet All that and more, on this episode of Enterprise Security Weekly. Guest Rob Allen Chief Product Officer at ThreatLocker Rob Allen, Chief Product Officer of ThreatLocker, is an IT Professional with three decades of experience assisting small and medium enterprises embrace and utilize technology. He has spent the majority of this time working for an Irish-based MSP, which has given him invaluable insights into the challenges faced by businesses today. Rob’s background is technical – first as a system administrator, then as a technician and an engineer. His broad technical knowledge, as well as an innate understanding of customers’ needs, made him a trusted advisor for hundreds of businesses across a wide variety of industries. Rob has been at the coalface, assisting clients in remediating the effects of, and helping them recover from cyber and ransomware attacks. Hosts Adrian Sanabria @sawaba https://adriansanabria.com Guillaume Ross List of Articles Adrian Sanabria FUNDING/M&A courtesy of the Security, Funded newsletter, issue #244 – AI Crisps VIBE CHECK Is AI having its "ransomware moment" with cyber insurance? 9% - Already here - AI exclusions/riders in our last renewal 27% - Coming soon - AI riders + validated controls by end of 2026 55% - Overblown - insurers will have to absorb AI risk into standard cyber coverage 9% - You guys have cyber risk insurance?! Wow, there aren’t many poll outcomes that I end up disagreeing with, but last week’s is an exception. I see no way out of a world where insurance coverage pays for when AI, either directly or indirectly, creates outages or data leakages that lead to fines. In my experience working for one of the world’s largest insurance companies, I've seen how they know how to do one thing very well: make money and keep it. Some of the top comments from last week’s vibe check: ???? “It’s only a matter of time that insurance abdicates responsibility from the onslaught of losses that are yet to come.” FUNDING ExaForce, a United States-based multi-modal AI agent security operations platform, raised a $125.0M Series B from AICONIC Ventures and others. Frame Security, a United States-based human risk management and security simulation platform, raised a $50.0M Venture Round from Index Ventures, Picture Capital, and Team8. White Circle, a United States-based application vulnerability detection platform, raised an $11.0M Seed from Hummingbird Ventures. ACQUISITIONS LayerX Security, an Israel-based user-first browser security platform, was acquired by Akamai Technologies for $205.0M. LayerX Security had previously raised $51.6M in funding. Driftnet, a United States-based threat intelligence and attack surface management platform, was acquired by SecurityScorecard for an undisclosed amount. Driftnet has not previously disclosed funding. REPORTS: The Verizon 2026 Data Breach Investigations Report A must read! Use your eyeballs, not Claude to read this one. At least the first 25 pages. Trust me. PATCHING: Rocky Linux Adds Security Repo for Urgent Fixes Folks are preparing for the vulnpocalypse in different ways. DUMPSTER FIRES: CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security Been a while since we had a dumpster fire. This one qualifies. AI: Chainalysis Launches AI Agents for Crypto Crime Investigations Remember Spy v Spy? Looking like we're going to have bot v bot very soon. RESEARCH: ExploitBench Cybersecurity is moving into the realm of repeatable benchmarks. It only has a v8 benchmark for now, but it's an interesting and necessary idea, as LLMs become a permanent ingredient in AppSec/vulnscan recipes. HUMOR: The Vulnpocalypse Humor making a point. I'm not sure how many people interpret the "vulnpocalypse" as something that destroys the Internet and leads to everything getting hacked. I personally define it as "too many patches and vulns to keep up with". By that definition, the vulnpocalypse began roughly around 2006. SQUIRREL: Robot dogs are a security nightmare Show More Stay in the Know, No Smoke and Mirrors – Join Our Newsletter Get expert insights and technical breakdowns straight to your inbox. Join Now You can skip this ad in 5 seconds