Sign up to save your podcasts
Or
Share From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks - with Tommy Perniciaro
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks - with Tommy Perniciaro
Episode Summary
Recorded live at HOU.SEC.CON, The Professional CISO Show welcomes Tommy Perniciaro, Director of Solutions Architecture at LayerX, to explore why the browser has become the least-instrumented layer in the modern security stack — and how CISOs can finally gain visibility and control over it.
David and Tommy discuss everything from malicious browser extensions and OAuth-based phishing to AI prompt leakage and the emergence of “AI browsers.” Listeners will walk away with a new appreciation for the browser as the enforcement point of the future — and practical insights on deploying LayerX to close this growing gap.
Key Takeaways
- The browser is now a primary attack surface for enterprise users.
- LayerX gives security teams visibility and control without replacing browsers.
- GenAI tools and prompts can leak sensitive data if not monitored at the DOM level.
- OAuth-based phishing is bypassing traditional email and network defenses.
- Secure enterprise browsers struggle with user adoption — LayerX works inside the browsers you already have.
- AI browsers are emerging as the next battleground for identity and data protection.
- Post-quantum cryptography will further challenge network-layer inspection.
Notable Quotes
“The browser is where all the work is happening — SaaS, AI, identity — but it’s the least instrumented control plane we have.” – Tommy Perniciaro“Without visibility at the DOM level, you’re flying blind to what extensions, prompts, and identities are doing inside your environment.” – David Malicoat
“Phishing doesn’t need your password anymore. OAuth grants and browser-based attacks are where it’s moving.” – Tommy Perniciaro
“LayerX turns the browsers your people already use into secure browsers — no new deployment, no friction.” – David Malicoat
“Post-quantum encryption will change inspection forever. The browser may become the new enforcement point.” – Tommy Perniciaro
Listener Benefits
- Understand why browser visibility is critical in today’s SaaS-driven enterprise.
- Learn how to prepare your organization for the age of GenAI and AI browsers.
- Get practical deployment and change management insights for LayerX and similar solutions.
- Discover how browser-level inspection complements your EDR and network security stack.
Call to Action
Subscribe to The Professional CISO Show on your favorite platform and join the movement to professionalize the CISO role.
🎧 Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673
🍎 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021
🌐 Website: www.thpc.co
View all episodes
By David MalicoatEpisode Summary
Recorded live at HOU.SEC.CON, The Professional CISO Show welcomes Tommy Perniciaro, Director of Solutions Architecture at LayerX, to explore why the browser has become the least-instrumented layer in the modern security stack — and how CISOs can finally gain visibility and control over it.
David and Tommy discuss everything from malicious browser extensions and OAuth-based phishing to AI prompt leakage and the emergence of “AI browsers.” Listeners will walk away with a new appreciation for the browser as the enforcement point of the future — and practical insights on deploying LayerX to close this growing gap.
Key Takeaways
- The browser is now a primary attack surface for enterprise users.
- LayerX gives security teams visibility and control without replacing browsers.
- GenAI tools and prompts can leak sensitive data if not monitored at the DOM level.
- OAuth-based phishing is bypassing traditional email and network defenses.
- Secure enterprise browsers struggle with user adoption — LayerX works inside the browsers you already have.
- AI browsers are emerging as the next battleground for identity and data protection.
- Post-quantum cryptography will further challenge network-layer inspection.
Notable Quotes
“The browser is where all the work is happening — SaaS, AI, identity — but it’s the least instrumented control plane we have.” – Tommy Perniciaro“Without visibility at the DOM level, you’re flying blind to what extensions, prompts, and identities are doing inside your environment.” – David Malicoat
“Phishing doesn’t need your password anymore. OAuth grants and browser-based attacks are where it’s moving.” – Tommy Perniciaro
“LayerX turns the browsers your people already use into secure browsers — no new deployment, no friction.” – David Malicoat
“Post-quantum encryption will change inspection forever. The browser may become the new enforcement point.” – Tommy Perniciaro
Listener Benefits
- Understand why browser visibility is critical in today’s SaaS-driven enterprise.
- Learn how to prepare your organization for the age of GenAI and AI browsers.
- Get practical deployment and change management insights for LayerX and similar solutions.
- Discover how browser-level inspection complements your EDR and network security stack.
Call to Action
Subscribe to The Professional CISO Show on your favorite platform and join the movement to professionalize the CISO role.
🎧 Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673
🍎 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021
🌐 Website: www.thpc.co