Enterprise Security Weekly (Audio)

Rethinking risk based vulnerability management, Black Hat expo insights, and the news - Snehal Antani - ESW #420

21 snips
Aug 18, 2025
Snehal Antani, CEO of Horizon 3 AI and former CIO at GE Capital, tackles the pitfalls of vulnerability management in organizations. He argues that traditional methods often lead to ineffective lists, suggesting a need for a more robust approach. The discussion also highlights insights from the recent Black Hat conference, focusing on innovative security tools and engagement strategies. Additionally, they touch on the role of AI in evolving cybersecurity, the skepticism around marketing claims, and the importance of risk-based management for better defenses.
Ask episode
AI Snips
Chapters
Books
Transcript
Episode notes
INSIGHT

Prioritize The Attacker's View

  • Attackers' perspective is the only one that truly matters for prioritization and defense.
  • Autonomous pen testing removes the pen-test bottleneck and exposes remediation as the new constraint.
ADVICE

Make Pen Tests Remediation-Focused

  • Focus pen tests on rapid remediation, not just discovery.
  • Use integrated workflows and guardrails so fixes happen fast and safely.
ANECDOTE

Five-Minute Compromise Example

  • An autonomous pen test gained access to an engineering firm's share with CAD drawings for aircraft carriers and submarines in five minutes.
  • The incident showed midsize suppliers often lack expertise despite holding critical secrets.
Get the Snipd Podcast app to discover more snips from this episode
Get the app