Detection at Scale

Vjaceslavs Klimovs on Why 40% of Security Work Lacks Threat Models

Listen Later

Vjaceslavs Klimovs, Distinguished Engineer at CoreWeave, reflects on building security programs in AI infrastructure companies operating at massive scale. He explores how security observability must be the foundation of any program, how to ensure all security work connects to concrete threat models, and why AI agents will make previously tolerable security gaps completely unacceptable. 

Vjaceslavs also discusses CoreWeave's approach to host integrity from firmware to user space, the transition from SOC analysts to detection engineers, and building AI-first detection platforms. He shares insights on where LLMs excel in security operations, from customer questionnaires to forensic analysis, while emphasizing the continued need for deterministic controls in compliance-regulated environments.

Topics discussed:

  • The importance of security observability as the foundation for any security program, even before data is perfectly parsed.
  • Why 40 to 50 percent of security work across the industry lacks connection to concrete threat models or meaningful risk reduction.
  • The prioritization framework for detection over prevention in fast-moving environments due to lower organizational friction.
  • How AI agents will expose previously tolerable security gaps like over-provisioned access, bearer tokens, and lack of source control.
  • Building an AI-first detection platform with assistance for analysis, detection writing, and forensic investigations.
  • The transition from traditional SOC analyst tiers to full-stack detection engineering with end-to-end ownership of verticals.
  • Strategic use of LLMs for customer questionnaires, design doc refinement, and forensic analysis.
  • Why authentication and authorization systems cannot rely on autonomous AI decision-making in compliance-regulated environments requiring strong accountability.
    • ...more
    View all episodesView all episodes
    Download on the App Store
    Detection at ScaleBy Panther Labs
    • 5
    • 5
    • 5
    • 5
    • 5

    5

    11 ratings

    More shows like Detection at Scale

    View all
    Risky Business by Patrick Gray

    Risky Business

    374 Listeners

    SpyCast by SpyCast

    SpyCast

    1,535 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    653 Listeners

    The Defender's Advantage Podcast by Mandiant

    The Defender's Advantage Podcast

    33 Listeners

    Science Vs by Spotify Studios

    Science Vs

    12,225 Listeners

    Smashing Security by Graham Cluley

    Smashing Security

    318 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    8,039 Listeners

    All-In with Chamath, Jason, Sacks & Friedberg by All-In Podcast, LLC

    All-In with Chamath, Jason, Sacks & Friedberg

    9,927 Listeners

    Dwarkesh Podcast by Dwarkesh Patel

    Dwarkesh Podcast

    511 Listeners

    Cyber Security Headlines by CISO Series

    Cyber Security Headlines

    138 Listeners

    Cloud Security Podcast by Google by Anton Chuvakin

    Cloud Security Podcast by Google

    40 Listeners

    Risky Bulletin by risky.biz

    Risky Bulletin

    44 Listeners

    The Economics of Everyday Things by Freakonomics Network & Zachary Crockett

    The Economics of Everyday Things

    1,654 Listeners

    Prof G Markets by Vox Media Podcast Network

    Prof G Markets

    1,427 Listeners

    Sources & Methods by NPR

    Sources & Methods

    798 Listeners