TCP #100: Walmart's CISO on AI Security; Detecting Face Morphs and Product News
What's hot in security🌶️ | August 21st - 27th, 2025
Welcome to The Cybersecurity Pulse (TCP)! I'm Darwin Salazar, Head of Growth at Monad and former detection engineer in big tech. Each week, I bring you the latest security product innovation and industry news. Subscribe to receive weekly updates!
🧘🏽♂️ AI-Powered Investigations, Zero Analyst Burnout 🧘🏽♂️
Drowning in noisy alerts and slow triage? Your analysts deserve better. Prophet Security’s Agentic AI SOC Analyst automates full-context alert investigations with machine speed and precision—cutting through the noise so your team focuses on real threats.
Free your analysts from alert fatigue. Speed up response. Catch what matters.
👉 Want to sponsor the TCP newsletter? Learn more here.
Howdy! 👋🏼 Welcome to issue #100 of The Cybersecurity Pulse (TCP)! What a ride it’s been.
I’ve learned and grown a ton from running TCP over the past two years. I get a lot of joy from preparing and shipping it every week. I get a lot of joy from the constant feedback I receive from peers and subscribers on how much it helps them stay in tune with the latest in security.
To everyone who tunes in every time TCP hits their inbox, to everyone who shares it with their network, to our sponsors, and to everyone who has provided feedback, a sincere thank you from the bottom of my heart! 🤗
Now let’s dive into this week’s news!
TL;DR 📰
🛒 Walmart's CISO reveals AI security strategy for tackling agentic AI risks, identity reboot with startup mindset, and "velocity with governance"
🔥 Cloudflare accelerates AI security sprint with Shadow AI detection and unsafe content guardrails using Llama Guard across 13 risk categories
🎭 NIST releases face morphing detection guidelines to combat deepfake threats that blend photos to trick recognition systems
💰 Netskope files for IPO at $5B valuation reporting $700M+ ARR with 33% YoY growth
🚔 INTERPOL's Operation Serengeti 2.0 nabs 1,209 cybercriminals across 18 African nations, seizing $97.4M
🔑 Okta acquires Axiom for $100M for PAM capabilities for Kubernetes and database access. They also reported $728M in quarterly revenue
🤦🏽♂️ Cyber insurers explore "CVE exclusions" potentially limiting payouts for unpatched vulnerabilities
🤝 CrowdStrike and Zscaler expand partnership with CrowdStrike becoming preferred endpoint in Red Canary's 1,000+ customer ecosystem
Let’s cyber 🕺🏽
⚒️ Picks of the Week ⚒️
Walmart is the world's largest retailer w/ over 10.5K stores across 20+ countries. They employ 2.1M associates. They are heavily embracing AI. When we talk about securing things at scale, Walmart is a great source of inspiration. Whenever folks from their security team decide to share insights publicly, I like to dissect + learn from what they're up to.
This time around, their CISO, Jerry R. Geisler III, sat down with VentureBeat for an interview and covered how Walmart is tackling:
Agentic AI risks: New autonomous threats bypass traditional controls via data exfiltration, API misuse, cross-agent collusion etc… AI-SPM + risk monitoring + data protection + compliance efforts play a big role here
Using AI/ML for improving security: Using adversary simulation, ML models for phishing detection, SOAR platforms for incident response.. "…Walmart’s scale means security must be both fast and frictionless."
"Velocity with governance": Element AI platform creates single development path (paved road) with security already baked-in.. Reduces complexity + accelerates AI development
Identity reboot: "Startup mindset" approach, implementing MCP/A2A protocols for granular access and Zero Trust
This is a gem of a post with many lessons for security leaders and product builders alike.
Kudos to Jerry and the VentureBeat folks for putting this together!
Flight canceled? That’s your cloud proxy during the next data center outage.
dope.security keeps you flying: policies live on the device, there’s no single point of failure, no onboarding delays, no buffering screens. Your users stay productive—even when the internet hits turbulence.
Drop the stopovers and go endpoint-first with your SWG.
NIST Unveils Guidelines to Help Spot Face Morphing Attempts
AI and deepfake tech has made some strong advancement in recent years and it poses national and organizational security risks. NIST's latest report (NISTIR 8584) provides a great intro to the topic and guidelines on how orgs can detect face morphing software.
"Face morphing is a type of deepfake technology that enables threat actors to blend the photos of two people into a single image. In doing so, it simplifies identity fraud by tricking face recognition systems into erroneously identifying an image as belonging to both original individuals." - Phil Muncaster, Infosecurity Magazine
You can read the full NIST report here (ungated).
Insurers May Limit Payments in Cases of Unpatched CVEs
It seems that some cyber insurers are exploring "CVE exclusions" that would limit or deny breach payouts when companies fail to patch known vulnerabilities within specific timeframes. This is a pretty slimey way to avoid payouts by insurers, in my opinion. The software industry is on track to report 46K vulns by EoY and this # will likely only increase year over year.
How can insurers possibly think security teams can get to every vuln? I think the CISOs at these insurance companies should be rallying against this. It's BS.
SASE Company Netskope Files for IPO
NetSkope has filed it's S-1 doc indicating it's gearing up to go public. The company reports $700M+ ARR (up 33% YoY)and is shooting for a $5 billion valuation.
Operation Serengeti 2.0: INTERPOL nabs 1,209 cybercriminals in Africa, seizes $97M
"INTERPOL announced the result of the second phase of ongoing law enforcement Operation Serengeti (June to August 2025) that led to 1,209 arrests across 18 nations in Africa. The authorities are aiding 88,000 victims, seizing $97.4M, and dismantling 11,432 cybercrime infrastructures" - Pierluigi Paganini, Security Affairs
The scale of this takedown is massive. Shoutout to everyone involved.
The real dilemmas of cybersecurity startup ideation, discovery, and validation
Any time Ross drops a post, you should bookmark it for reading. His most recent post is no different and it comes with great timing as many folks are in the startup ideation, discovery, and validation phases. In it, he discusses the echo chamber many founders find themselves in when validating a startup idea. Most security buyers and decision makers aren't easily accessible and by ignoring this, founders are subject to blind spots in their decision making process.
Check out Ross post here to find out how to avoid "The great cybersecurity echo chamber"
🔮 The Future of Security 🔮
AI Security
Cloudflare's AI Security Sprint Continues
Cloudflare has been cooking on the AI security front. They recently set their AI bot scraper blocker to 'On' by default for customers, launched their Firewall for AI, and they've now launches two more offerings to help combat AI security risks.
Shadow AI detection: By tapping into their network visibility, Cloudflare One can see application activity and detect unsanctioned AI use. This post dives into how they built it and how it works.
Unsafe content guardrails in AI: By using Llama Guard, their firewall solution can analyze prompts and detect 'unsafe' content across 13 categories including violence, hate, self-harm, etc. This post dives into how they built it and how it works.
I've been a big fan of Cloudflare lately. Velocity of execution + innovation has been next level.
These two product release posts provide an in-depth look at how they built the solutions which should be the norm for all product announcements.
Identity Security
Okta Acquires Axiom for $100M + Reports Strong Quarterly Performance
Okta recently announced that they'll be acquiring Axiom, a Tel Aviv-based, privileged access management (PAM) player for $100M. The solution will enable Okta to provide better PAM for Kubernetes and database access.
Okta also reported quarterly revenue at $728M (up 13% YoY).
More Identity Security news ⬇️
Security Operations
Zscaler and CrowdStrike Expand AI Partnership to Power Managed SOC Services
The expanded partnership essentially means that CrowdStrike is now the preferred endpoint solution in Red Canary's ecosystem. This is a massive blow to other endpoint solutions and a big signal that, despite CrowdStrike's 2024 meltdown, they are still the superior endpoint solution. Red Canary has over 1,000 customers so this is pretty significant and will only become amplified through Zscaler's reach.
Vulnerability Management
Seemplicity raises $50M to expand AI driven exposure management platform
Seemplicity raises $50M Series B led by Sienna Venture Capital. The funding, which brings total raised to $76M with participation from Essentia VC and existing investors Glilot Capital and S Capital.
Interested in sponsoring TCP?
Sponsoring TCP not only helps me continue to bring you the latest in security innovation, but it also connects you to a dedicated audience of ~7,300 CISOs, practitioners, founders, and investors across 100+ countries 🌎
Bye for now 👋🏽
That’s all for this week… ¡Nos vemos la próxima semana!
Disclaimer
The insights, opinions, and analyses shared in The Cybersecurity Pulse are my own and do not represent the views or positions of my employer or any affiliated organizations. This newsletter is for informational purposes only and should not be construed as financial, legal, security, or investment advice.