Most security decisions fail when the people doing the work don’t have the information they need. Garrett Smith, Founder and CEO of Reveal Technology and a Marine Corps Reserve Lieutenant Colonel, explains how bottom-up product design changes defense outcomes—and what business leaders can learn about building technology people actually adopt. Listen to learn how compliance, procurement, and mission pressure shape what ships and what stalls.

Garrett: https://www.linkedin.com/in/wgarrettsmith/

Reveal Technology: https://www.revealtech.ai

Jon: https://www.linkedin.com/in/jon-mclachlan

Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich

YSecurity: https://www.ysecurity.io

AI agents can delete your production database and tell you everything is fine. Graham Neray, Co-Founder and CEO of Oso, breaks down why AI agents introduce a new level of risk for growing SaaS companies. If you’re adding AI to your product, moving upmarket, or selling into regulated industries, your authorization model is no longer a backend detail—it’s a growth dependency. Listen in to learn how automating least privilege protects your product, your customers, and your revenue.

Graham: https://www.linkedin.com/in/grahamneray/

Oso: http://www.osohq.com

Jon: https://www.linkedin.com/in/jon-mclachlan

Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich

YSecurity: https://www.ysecurity.io

The perimeter will fail. What matters is whether your business turns one incident into a disaster. Andrew Rubin, Founder and CEO of Illumio, explains how breach containment reduces blast radius, why category timing is “luck,” and what leaders must do as AI speeds up attackers and defenders. Listen for a founder-level playbook on building security that scales with growth.

Andrew: https://www.linkedin.com/in/andrewsrubin

Illumio: https://www.illumio.com

Jon: https://www.linkedin.com/in/jon-mclachlan

Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich

YSecurity: https://www.ysecurity.io

AI won’t save your startup. Unless it can ship changes safely. Venkat Thiruvengadam breaks down why the real value isn’t the model, it’s the orchestration: guardrails, permissions, context, and human-in-the-loop workflows that let agents do more than “read-only.” Tune in for a practical conversation on scaling DevOps, security, and compliance without slowing the business.

Venkat: www.linkedin.com/in/venkat-thiruvengadam

DuploCloud: www.duplocloud.com

Jon: www.linkedin.com/in/jon-mclachlan

Sasha: www.linkedin.com/in/aliaksandr-sinkevich

YSecurity: www.ysecurity.io

Trevor Hilligoss, Head of Security Research at SpyCloud and former FBI agent, joins the show to discuss why humans remain the biggest security risk facing organizations today. From reused credentials to commoditized cybercrime tools, Trevor breaks down how attackers actually gain access — and why focusing on real-world human behavior is more effective than worrying about sophisticated nation-state threats.

Trevor: www.linkedin.com/in/thilligoss/

SpyCloud: spycloud.com

Jon: www.linkedin.com/in/jon-mclachlan

Sasha: www.linkedin.com/in/aliaksandr-sinkevich

YSecurity: www.ysecurity.io

What if 90% of “secured” smart contracts were still exploitable? That’s the reality Olympix founder and CEO Channi Greenwall is seeing on-chain today. She breaks down why traditional audits are failing Web3 teams, why the attack surface is bigger than most founders realize, and how automated security is starting to close the gap.

You’ll learn:

• Why Web3 security is closer to medical devices and aviation than typical SaaS risk
• How one exploit can wipe out years of startup effort in seconds
• The hidden overlap between Web2 and Web3 attack surfaces that founders underestimate
• What it actually looks like to automate 60–80% of what human auditors do today

Listen to the full episode on your favorite platform.

Channi: www.linkedin.com/in/channi-greenwall Olympix: www.olympix.security/ Jon: www.linkedin.com/in/jon-mclachlan Sasha: www.linkedin.com/in/aliaksandr-sinkevich YSecurity: www.ysecurity.io

Code ships faster than anyone can review it. Jack Cable, CEO and Co-Founder of Corridor, explains what actually gets missed when teams stop reviewing every pull request, why most security tools surface noise instead of risk, and how Corridor approaches secure-by-design when speed is non-negotiable. Jack: https://www.linkedin.com/in/jackcable Corridor: https://www.corridor.dev Jon: https://www.linkedin.com/in/jon-mclachlan Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich YSecurity: https://www.ysecurity.io

What if your first security hire wasn’t a person, but a simple, guided program that made sense to everyone in your company? In this conversation, Sidekick founder and CEO Phil Howie breaks down how SMBs can build a security and privacy practice from the ground up—long before they can afford a full internal team. We cover the reality of compliance vs real security, working with MSPs, the role of design in security tools, and how founders should think about AI, governance, and future regulation. If you’re a founder trying to grow in regulated markets, this one’s for you.

Phil: https://www.linkedin.com/in/philhowie

Sidekick: https://www.sidekick.co

Jon: https://www.linkedin.com/in/jon-mclachlan/

Sasha: https://www.linkedin.com/in/aliaksandr-sinkevich/

YSecurity: https://www.ysecurity.io/