In this episode of CyberOXtales, host Neatsun Ziv, CEO of OX Security, sits down with Jim Manico, Founder of Manicode Security and legendary AppSec educator, to explore the rapid transition from manual coding to AI-driven orchestration. As the industry moves toward "vibe coding" and autonomous agents, they discuss the radical shift in how software is built, secured, and potentially compromised.

From a family legacy of teaching to the front lines of "OpenClaw," this conversation serves as a roadmap for leaders navigating the tension between hyper-productivity and the emerging risks of autonomous AI identities.

About Our Guest

Jim Manico is a third-generation educator and a foundational figure in the application security world. After realizing in the late 1990s that security was often an afterthought in web development, he dedicated his career to recording and teaching secure coding practices. Today, he is a professional educator and "PowerPoint jockey" who helps global organizations secure their development lifecycles while aggressively experimenting with the cutting edge of AI automation.

Connect with Jim Manico: LinkedIn

Key Takeaways

• The Orchestration Shift – Software development is evolving from manual coding to "vibe coding," where developers build engineering harnesses and machine-readable requirements for AI to execute.
• The Power of Autonomous Agents – Tools like Clawbot and Moltbot allow AI to automate entire projects and research tasks, including the ability for agents to establish private communication channels with one another.
• "Designed for Compromise" Security – Testing autonomous agents requires a zero-trust approach: utilize isolated hardware, limited-access OAuth tokens, and operate under the assumption that the agent identity will be fully compromised.
• Enterprise Readiness – CISOs should restrict broad company-wide use today while tasking security architects to develop the best practices needed to safely roll out agent fleets in the future.

Listen to this episode to learn how to bridge the gap between bleeding-edge AI productivity and the rigorous security architectures required to survive the "Wild West" of autonomous software engineering.

In this episode of CyberOXtales, host Neatsun Ziv leads a dynamic role-play exercise with cybersecurity leaders Heather Hinton, a four-time CISO, and Christopher Crummey, Global Director at Sygnia. Together, they walk through a simulated npm supply-chain compromise, revealing how CISOs, IR teams, and executives should respond in the first critical hours of a dependency attack.

The discussion dives into triage under pressure, defining crisis levels, onboarding IR partners in advance, the role of communication in limiting panic, and the importance of practice and culture in incident response. From establishing 'circles of trust' to managing business continuity tradeoffs, this episode is a blueprint for leaders who want to stay ahead of the next supply-chain shock.

Risk Rewired: Samir Sherif’s Cybersecurity Playbook for Executives
In this episode of CyberOXtales, Samir Sherif challenges executives to drop outdated boundaries and start thinking in systems. Drawing on years in both financial services and security operations, he outlines why integrating the Security Operations Center (SOC) and Network Operations Center (NOC) is no longer optional. It's essential for resilience.

Samir maps out how AI is doing more than just reducing noise in SecOps. It’s already making Level 1 decisions, and soon it’ll take on Level 2 logic, pushing organizations to rethink their human capital strategies. But the tech alone isn’t enough. Culture matters. He breaks down how shifting from a vulnerability-based mindset to a risk-centric language can unlock alignment across engineering, IT, and business functions.

This is a no-nonsense guide to breaking silos, choosing the right tools, and designing for continuity from the code layer to the C-suite. If you're leading a digital transformation, this episode belongs in your war room.

About Our Guest
Samir Sherif is a veteran Chief Information Security Officer with decades of experience across banking, enterprise software, and infrastructure. He has served as CISO at F5 Networks, Absolute Software, and Imperva, and previously spent over 20 years at Citigroup leading application security. Samir currently sits on multiple advisory boards including Mitiga, NetSPI, Secure Code Warrior, and others. His perspective blends technical expertise with board-level strategy to build integrated, resilient security programs.

Connect with Samir
LinkedIn

Key Takeaways

• SOC and NOC must merge both technologically and culturally to tackle today’s threats
• Focus on risk instead of vulnerabilities to drive better decision making
• AI is already reshaping Level 1 and Level 2 operations
• Business resilience depends on shared visibility across tech and security
• True integration requires cultural change, not just new tools

Listen to this episode of CyberOXtales to hear how Samir Sherif is helping organizations rethink security from the inside out.