• The AI Control Loop: Detection is not Enough - with Tim Ebbers of Wallarm
    Jul 1 2026
    Today, we are dropping another episode in our series The AI Control Loop, How enterprises govern the AI they've already deployed - sponsored by our friends at Wallarm.Wallarm is the AI Control Platform for Enterprise AI, protecting every AI workload, API, and application in production, giving CISOs the governance they need and CIOs the speed they demand. Organizations choose Wallarm for a complete inventory of APIs, AI agents, and AI apps, patented AI/ML-based threat detection and blocking that operates at production traffic speeds.In his follow up appearance on the Code Story podcast, Tim Ebbers, Field CTO at Wallarm, discusses why detection alone is insufficient for AI-driven systems, what real enforcement looks like at the runtime level, and what accountability becomes possible once all four stages are in place.QuestionsSecurity teams are used to detecting incidents and responding after the fact. Why is that model insufficient for AI-driven systems?What does “enforcement” usually mean today, and why can actions like restarting pods or rotating credentials come too late?Why does AI behavior require controls that operate closer to runtime?What changes when enforcement happens at the kernel level rather than only at the network, identity, or application layer?Can you explain what it means to revoke or contain a compromised AI session without touching the broader deployment?How does real-time blocking change the risk equation for AI agents that access sensitive data, external services, or production workflows?What kinds of AI behaviors should organizations be able to stop immediately?How do teams balance strong enforcement with the need to avoid slowing down AI development and deployment? Once organizations can discover, observe, and enforce AI behavior, what does accountability look like at the enterprise level?Linkshttps://www.wallarm.com/https://www.linkedin.com/in/tebbers/Full AbstractTim Ebbers, Field CTO at Wallarm, discusses why detection alone is insufficient for AI-driven systems, what real enforcement looks like at the runtime level, and what accountability becomes possible once all four stages are in place.Detection tells you what happened. It does not stop it. For most security incidents, that tradeoff is manageable. For AI systems that can access sensitive data, call external services, and trigger downstream actions at machine speed, the gap between detection and response is where the damage happens.The enforcement model most security teams operate today was built for a slower threat. Restarting pods, rotating credentials, and updating policies are all responses to something that has already occurred. Against an AI agent that can exfiltrate data, invoke a production workflow, or violate a compliance boundary in the time it takes to page an on-call engineer, that response model is not enforcement. It’s cleanup.Closing that gap requires controls that operate at the layer where AI behavior actually executes, not at the perimeter, not at the identity layer, not at the application boundary. Kernel-level enforcement changes what is possible: a compromised session can be revoked by user identity or trace ID, connections can be terminated at the workload level, and enforcement can happen without a pod restart, a deploy cycle, or any impact to the broader environment. That is what it means to complete the AI control loop. Discover what is running, observe what it is doing, enforce what it should not be doing, and govern with evidence that the enforcement worked. Organizations that can only do the first two are solving half the problem.Our Sponsors:* Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.* Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.aiAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    13 minutos
  • S12 E25: From Processing $500B at Intuit to Building the Fraud-Proof Ledger: Eradicating Financial Misstatement with Ahikam Kaufman, Co-Founder & CEO of Safebooks AI
    Jun 30 2026

    Ahikam Kaufman spent most of his career in the Bay Area. After becoming a CPA, he started his career as CFO at a startup company. Over time, he has been giving multiple opportunities to not only serve finance, but serve business roles as well - which prepared him for his own entrepreneurial path. IE starting 3 companies and exiting one to Intuit. Outside of tech, he enjoys traveling the world, spending time with his family, and hiking. But, he notes that the demands of being a business owner limits the amount of time he spends in these things.

    Ahikam started to think about how automation can positively impact financial operations, specifically around managing data in the office of the CFO. After the first AI models were released, he got excited, realizing that these models would continue to get better and better, alongside operating with agency.

    This is the creation story of Safebooks.

    Sponsors

    • Unblocked
    • TECH Domains
    • Mezmo
    • Braingrid.ai

    Links

    • https://safebooks.ai/
    • https://www.linkedin.com/in/ahikam-kaufman-688310/


    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    27 minutos
  • S12 E24 P2: Why Off-the-Shelf APIs Fail Complex Web Workflows and the Blueprint for High-Velocity Product Engineering with Volodymyr & Vitalii Sydorenko, Co-Founders of Gearheart
    Jun 25 2026

    Volodymyr Sydorenko lives in London, and collects mechanical keyboards. His most unusual hobby is that he does clay sculptures of characters, or random people at times. He has 2 cats, and likes to spend time outdoors. In fact, in 3 weeks time from this recording, he will traveling to Switzerland to do the Via Ferrata. To add to all of this, he has started to write children's books and hopes to publish them someday.

    Vitalii Sydorenko currently lives in Lisbon, Portugal. He is into sports, loves to hit the gym and regularly tracks his calories. Last year he started playing tennis and finds that he can't stop. He enjoy hiking, which is great in Lisbon. And in the past, he spent many years building startups, exiting, and also in venture capital

    You may have noticed that Volodymyr and Vitalii have the same last name... that is because they are brothers. As kids growing up, they did a lot of boxing together, as well as cling to classic films like Back to the Future.

    Fourteen years ago, Volodymyr got interesting in building solutions, and realized he could only get so far by himself... so he decided to build a team to deliver these solutions. Two years ago, Vitalii and Volodymyr started to consider all the of the shifts in the SDLC, and what that meant for the current business. Vitalii decided to bring his prior startup and VC experience and join the team.

    This is the creation story of Gearheart.

    Sponsors

    • Unblocked
    • TECH Domains
    • Mezmo
    • Braingrid.ai

    Links

    • https://gearheart.io/
    • https://codestory.co/podcast/e6-jon-darbyshire-smartsuite/
    • https://www.linkedin.com/in/gearheart/
    • https://www.linkedin.com/in/vitalii-sydorenko-%F0%9F%92%AA%F0%9F%87%BA%F0%9F%87%A6-24b4ba35/


    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    15 minutos
  • The AI Control Loop: When AI Goes Rogue - with Craig Thomas of Wallarm
    Jun 24 2026
    Today, we are dropping another episode in our series The AI Control Loop, How enterprises govern the AI they've already deployed - sponsored by our friends at Wallarm.Wallarm is the AI Control Platform for Enterprise AI, protecting every AI workload, API, and application in production, giving CISOs the governance they need and CIOs the speed they demand. Organizations choose Wallarm for a complete inventory of APIs, AI agents, and AI apps, patented AI/ML-based threat detection and blocking that operates at production traffic speeds.In this episode, Craig Thomas, Sr. Solutions Engineer at Wallarm, examines what rogue AI actually means in practice, where the risk materializes, and what it takes to move from detection to control.QuestionsWhen we say "rogue AI," what do we actually mean? Is it only malicious AI, or can legitimate systems become risky too?What are the most common ways AI systems drift outside intended boundaries? Once an organization understands what rogue AI looks like, where does that loss of control typically begin, and who is responsible for preventing it?How do shadow LLMs, unsanctioned agents, and unmanaged AI workflows create risk even when no attacker is involved? If AI drift often starts with normal business activity, where do shadow AI systems fit into that picture?Why can an AI action look legitimate in isolation but still create serious business, security, or compliance risk when viewed as part of a larger sequence of actions? As these shadow systems become more embedded in everyday workflows, why is it so difficult to recognize risk in real time?How do APIs, integrations, and connected systems amplify the impact of those seemingly legitimate actions? What changes once those actions begin flowing across APIs, business applications, and interconnected systems?What kinds of unexpected outcomes worry CIOs and CISOs most today when AI systems are operating across those interconnected environments? As that connectivity expands, what are security and business leaders most concerned about?And given those concerns, what does meaningful oversight actually look like when AI systems can act at machine speed? How should organizations distinguish between the experimentation they want to encourage and the unmanaged AI behavior they need to control? One challenge is balancing governance with innovation. How do organizations avoid slowing down AI adoption while still maintaining control?We know that many organizations can detect risky AI behavior after the fact. But if they can't stop it in real time, what critical gap still remains? Even with governance programs in place, many organizations are still operating reactively. In closing, what's the key difference between detecting AI risk and actually controlling it?Linkshttps://www.wallarm.com/https://www.linkedin.com/in/cu-craigthomas/Full AbstractIn this episode, Craig Thomas, Sr. Solutions Engineer at Wallarm, examines what rogue AI actually means in practice, where the risk materializes, and what it takes to move from detection to control.Not every AI threat starts with an attacker. Some of the most consequential AI risks organizations face today come from systems that are working exactly as designed, just not quite as intended. An agent that calls an API it was never supposed to reach. A workflow that exposes PII because nobody mapped the data path before deployment. A shadow LLM standing up in an AWS account because a developer needed to move fast and approval processes were slow. None of these require malicious intent to create serious business, security, or compliance exposure.Rogue AI is a broader category than most governance frameworks account for. It includes the unsanctioned, the unmonitored, and the unpredictable: AI systems that drift outside intended boundaries, take actions that look legitimate in isolation but create risk in sequence, and operate at machine speed in ways that make after-the-fact detection feel like a consolation prize. The gap most organizations have is not in detecting that something went wrong. It's closing the loop fast enough to matter.Meaningful AI governance requires more than policy and discovery. It requires the ability to observe AI behavior at runtime, understand what triggered each action and what it touched, and enforce boundaries before consequences compound. That closed AI control loop, from knowing what is running to seeing what it does to stopping what it should not, is the operational standard AI transformation demands. Most organizations are not there yet.Our Sponsors:* Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and ...
    Exibir mais Exibir menos
    23 minutos
  • S12 E24 P1: Why Off-the-Shelf APIs Fail Complex Web Workflows and the Blueprint for High-Velocity Product Engineering with Volodymyr & Vitalii Sydorenko, Co-Founders of Gearheart
    Jun 23 2026

    Volodymyr Sydorenko lives in London, and collects mechanical keyboards. His most unusual hobby is that he does clay sculptures of characters, or random people at times. He has 2 cats, and likes to spend time outdoors. In fact, in 3 weeks time from this recording, he will traveling to Switzerland to do the Via Ferrata. To add to all of this, he has started to write children's books and hopes to publish them someday.

    Vitalii Sydorenko currently lives in Lisbon, Portugal. He is into sports, loves to hit the gym and regularly tracks his calories. Last year he started playing tennis and finds that he can't stop. He enjoy hiking, which is great in Lisbon. And in the past, he spent many years building startups, exiting, and also in venture capital

    You may have noticed that Volodymyr and Vitalii have the same last name... that is because they are brothers. As kids growing up, they did a lot of boxing together, as well as cling to classic films like Back to the Future.

    Fourteen years ago, Volodymyr got interesting in building solutions, and realized he could only get so far by himself... so he decided to build a team to deliver these solutions. Two years ago, Vitalii and Volodymyr started to consider all the of the shifts in the SDLC, and what that meant for the current business. Vitalii decided to bring his prior startup and VC experience and join the team.

    This is the creation story of Gearheart.

    Sponsors

    • Unblocked
    • TECH Domains
    • Mezmo
    • Braingrid.ai

    Links

    • https://gearheart.io/
    • https://beyondthewow.io
    • https://codestory.co/podcast/e6-jon-darbyshire-smartsuite/
    • https://www.linkedin.com/in/gearheart/
    • https://www.linkedin.com/in/vitalii-sydorenko-%F0%9F%92%AA%F0%9F%87%BA%F0%9F%87%A6-24b4ba35/


    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    23 minutos
  • S12 Bonus: The Microsoft File Trap: Moving Beyond Manual PowerPoint and Excel Workflows to Build an AI-Native "Consulting" Layer with Tim Lidman, Co-Founder & CEO of Clyde AI
    Jun 18 2026

    Tim Lidman lives in Denver, CO. He has had an unconventional path to being a Tech CEO. In fact, He moved from London to Sweden when he was 18... to try to be a heavy metal rock star, trying to make it big as a drummer. To earn extra income, he got into tech sales - which went really well. Eventually, he worked with WebEx (around the time it got bought by Cisco), for Success Factors (when they got bought by SAP), and then eventually, doing his own startup (which eventually got bought by Accenture). Outside of his professional life, he is married with 2 girls. From his music years, he extracts skills that drove his success to date, which is the ability to product development and execution down the same way you do music.

    In the days of his first startup, Tim's solution was used by consulting firms to power client engagement. Post exit, while overseeing things at Accenture, he noticed that the whole industry was powered by Microsoft files (PowerPoint, Excel, Word, etc.) - IE, driven manually. He started to wonder if he could codify the consulting process, to remove the manual burden.

    This is the creation story of Clyde.

    Sponsors

    • Unblocked
    • TECH Domains
    • Mezmo
    • Braingrid.ai

    Links

    • https://meetclyde.com/
    • https://www.linkedin.com/in/timlidman/


    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    28 minutos
  • The AI Control Loop: AI Discovery isn't just AI - with Tim Ebbers of Wallarm
    Jun 17 2026

    Today, we are dropping another episode in our series The AI Control Loop, How enterprises govern the AI they've already deployed - sponsored by our friends at Wallarm.

    Wallarm is the AI Control Platform for Enterprise AI, protecting every AI workload, API, and application in production, giving CISOs the governance they need and CIOs the speed they demand. Organizations choose Wallarm for a complete inventory of APIs, AI agents, and AI apps, patented AI/ML-based threat detection and blocking that operates at production traffic speeds.

    We all know that you can't secure what you can't see, which is why AI discovery is a first principle for AI security, but what's really required for AI discovery? It's more than just LLMs and agents. Today's episode is entitled AI Discovery isn't just AI, and joining us is Tim Ebbers, Field CTO at Wallarm. Tim and I discuss the real requirements for AI discovery, and why the connections between assets and infrastructure are part of the puzzle.

    Questions

    • Security teams often say, “You can’t secure what you can’t see.” In the context of AI, what exactly do they need to see?
    • What supporting infrastructure matters most when mapping AI risk, such as APIs, cloud services, Kubernetes workloads, data stores, identities, and external integrations?
    • Where does shadow AI typically appear first inside an enterprise environment? How can it be prevented?
    • How do relationships between assets change the risk picture? For example, why does it matter which API an agent can call or which data source a workflow can reach?
    • What makes AI discovery harder than traditional application or cloud asset discovery? What are the similarities and differences?
    • How should organizations prioritize what they find? Is every AI asset equally risky?
    • What does “continuous discovery” mean in a world where AI services can be deployed, connected, or changed in minutes?
    • Once an organization has visibility into its AI footprint, what’s next? What are the biggest gaps in today’s AI security programs?

    Links

    • https://www.wallarm.com/
    • https://www.linkedin.com/in/tebbers/

    Full Abstract

    Most security teams know that you can't secure what you can't see. In the context of AI, that rule turns out to be a lot harder to satisfy than it sounds.

    AI discovery isn't just a matter of cataloging your LLMs and agents. The real picture includes the APIs those agents call, the data sources they reach, the infrastructure they run on, and all the AI that got deployed without anyone telling security. Building that picture requires understanding relationships, not just inventories, because risk doesn't live in assets in isolation. It lives in what those assets can do together.

    In this episode, Tim Ebbers, Field CTO at Wallarm, examines what a complete AI control loop actually requires at the discovery stage: what needs to be visible, why the connections between assets change the risk calculation, where shadow AI tends to appear first and how it becomes unmanaged risk, and what makes AI discovery structurally different from traditional cloud or application discovery. It also looks at what organizations should do once discovery is in place, and where the biggest gaps remain in AI security programs today.

    If your team is building toward continuous AI governance, this is where that work starts.



    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    16 minutos
  • S12 E23: Why Traditional Enterprise Linux Starves Your Multi-Million Dollar AI Hardware and How to Reclaim Lost GPU ROI with Gregory M. Kurtzer, Founder & CEO of CIQ
    Jun 16 2026

    Gregory M. Kurtzer is a veteran open-source pioneer, technologist, and entrepreneur with over 25 years of experience in high-performance computing (HPC) and large-scale enterprise infrastructure. He first gained widespread industry prominence as the co-founder of CentOS Linux, which grew into one of the world's most ubiquitous enterprise operating systems, and he later created other foundational open-source projects like the Warewulf cluster management toolkit and the Singularity (now Apptainer) container system.

    In 2020, Gregory founded his current venture, with the goal of modernizing infrastructure stacks for the cloud and AI era. He and his team recognized that traditional enterprise infrastructure was too fragmented and ill equipped to handle the next generation of data intensive computing.

    This is the creation story of CIQ.

    Sponsors

    • Unblocked
    • TECH Domains
    • Mezmo
    • Braingrid.ai

    Links

    • https://ciq.com/
    • https://rockylinux.org/
    • https://www.linkedin.com/in/gmkurtzer/


    Our Sponsors:
    * Check out Cash App and use my code CASHAPP10 for a great deal: https://click.cash.app/ui6m/mt82fpxl #CashAppPod. Cash App is a financial services platform, not a bank. Banking services provided by Cash App’s bank partner(s). Prepaid debit cards issued by Sutton Bank, Member FDIC. See terms and conditions at https://cash.app/legal/us/en-us/card-agreement. Cash App Green, overdraft coverage, borrow, cash back offers and promotions provided by Cash App, a Block, Inc. brand. Visit http://cash.app/legal/podcast for full disclosures.
    * Check out Plaud AI and use my code CODESTORY for a great deal: https://plaud.ai


    Advertising Inquiries: https://redcircle.com/brands

    Privacy & Opt-Out: https://redcircle.com/privacy
    Exibir mais Exibir menos
    25 minutos