Off the Wire: A Play by Play on Cybersecurity and Technology Issues

The SaaSpocalypse: How AI Is Killing (and Reshaping) SaaS Tools

The SaaSpocalypse: How AI Is Killing (and Reshaping) SaaS Tools In this episode of Off The Wire, Anthony and Tanner discuss the “SaaSpocalypse”—how AI is disrupting and potentially replacing many SaaS products—citing examples like Figma being hit after Claude Design launched, reduced need for Canva due to AI tools, and vulnerable niche apps like Grammarly as Copilot and Google tools bake AI directly into core suites. They debate whether AI pricing is currently subsidized, noting high API, hardware, and power costs that could drive subscriptions much higher over time. They explore how AI could become the primary interface layer, reducing the need for traditional web UIs and even replacing documentation platforms by querying SharePoint-backed datasets through an agent. For IT leaders, they recommend evaluating SaaS at renewal time, starting with narrow tools, moving gradually, and prioritizing cost savings while accounting for change management and human behavior. 00:00 SaaSpocalypse Explained 00:14 Figma And Canva Wakeup Call 01:35 SaaS Vendors Racing To Add AI 02:53 Why AI Pricing Will Rise 07:25 Which Tools Are Most Vulnerable 11:20 AI As The New Interface Layer 16:47 Advice For CIOs And IT Leaders 25:10 LinkedIn And The AI Slop Problem 31:00 Final Takeaways And Wrap Up

Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown

Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown Hosts Tanner and Anthony discuss reports of Anthropic’s new “frontier” general-purpose model, Mythos (Mythos Preview), described as exceptionally strong at finding and exploiting novel security bugs and allegedly sitting on thousands of unpatched zero-days affecting major operating systems and browsers. They review examples cited, including decades-old FreeBSD and OpenBSD flaws and a Linux kernel issue, and note a separate security firm (Aisle) replicated parts of the findings using open-weight models, though Mythos appears better at moving from detection to exploitation. The episode explains how Mythos became public via leaks, then outlines Anthropic’s Project Glasswing: about 50 vendors received 90 days of access plus credits to patch systems, with Mozilla reportedly patching 271 Firefox issues. They close with preparation steps for lean IT teams: asset inventory, vendor outreach, risk-based prioritization, mitigation and isolation, patch validation, workload planning, governance and insurance review, stronger detection controls, least privilege/zero trust, and verifying backups. 00:00 Too Dangerous to Release 01:45 Meet Mythos Preview 02:25 Zero Days Found 05:19 Can Others Replicate It 06:46 Efficiency and Edge Models 08:17 Leaks and Access Blunders 10:42 Project Glasswing Explained 15:10 90 Day Clock and Fallout 16:24 Break and Subscribe 17:05 Prep Plan for IT Teams 19:05 Patching Priorities and Testing 21:00 Controls Backups and Wrap Up 24:02 Final Thoughts and Sign Off

Why OT Monitoring Is Now a Necessity (Tools, Baselines, and Incident Response): OT Security Part 4

OT Security Part 4: Why OT Monitoring Is Now a Necessity (Tools, Baselines, and Incident Response) In this Off the Wire episode, Tanner and Anthony wrap part four of their OT security miniseries by focusing on OT monitoring and why it’s needed, noting that over 90% of small and medium businesses with OT environments lack monitoring and that AI is lowering the time and effort required for attacks. They explain how legacy OT systems were built without security, often use unencrypted or proprietary protocols, and can’t run agent-based tools like EDR, making specialized monitoring essential. The discussion covers how monitoring complements preventive controls, helps establish a communications baseline, flags anomalies (like unexpected east-west traffic), supports forensics and log retention, integrates alerts with email and SIEMs, and validates segmentation and documented exceptions. They also debunk the “air-gapped OT” myth, stress mapping all IT/OT bridges, recommend an OT-specific incident response plan, and list tool options including Malcolm, Security Onion, Dragos (free under $100M revenue), and vendors like Darktrace, Tenable OT, Cisco Cyber Vision, Nozomi, and SCADAfence, alongside drivers like NERC CIP, CMMC, mandates, and cyber insurance. 00:00 Recording The Intro 00:02 Why OT Monitoring Matters 00:31 Small Targets AI Threat 02:31 OT Risks Real World Impact 05:39 OT Is A Different Animal 08:35 Baselines For Segmentation 10:03 Air Gap Myth Bridges 12:09 SCADA Migration Opportunity 13:21 Realistic OT Attack Chain 15:47 What to Monitor in OT 16:11 Five Key Visibility Signals 19:21 OT Incident Response Planning 20:27 Picking Monitoring Tools 22:41 Compliance and Budget Levers 24:13 OT Security Checklist 26:52 Final Thoughts and Next Episode

Managing Third-Party Remote Access: Tools, Risks, and Practical Tips (Off the Wire Part 3)

Managing Third-Party Remote Access: Tools, Risks, and Practical Tips (Off the Wire Part 3) In part three of Off the Wire’s four-part miniseries, the hosts discuss third-party remote access risks and why VPNs with MFA alone are insufficient, citing major breaches like Target and Toyota and a 2023 vendor compromise as wake-up calls. They review third-party access tools (BeyondTrust/Bomgar, SecureLink, ManageEngine PAM360, and OT-focused options like Claroty and Slo), explaining benefits such as role-based access control, detailed logging and session recording, layered approvals, session time limits, vendor-managed user provisioning, automatic deprovisioning, individual accountability, passwordless access, and rapid access shutdown when relationships end. They describe these tools as proxy-based “airlocks” that prevent lateral movement and enable oversight. Implementation advice includes treating it as non-negotiable while documenting exceptions, requiring ticket numbers, routing requests via chat, ensuring multiple approvers, sending logs to a SIEM, updating incident response plans, auditing access annually, and providing vendors a setup one-pager. 00:00 Third Party Access Intro 01:19 Why VPN Is Not Enough 01:51 Real World Breach Examples 02:44 Wake Up Call Story 04:33 Tool Options Overview 06:11 Key Features And Benefits 14:39 How These Tools Work 16:51 Vendor Pushback And Compliance 21:49 Implementation Tips Checklist 26:59 Wrap Up And Final Tip

Securing the Browser to Protect IT and OT Networks: Part 2 in OT Mini Series

OT Security Miniseries: Securing the Browser to Protect IT and OT Networks In this Off the Wire Podcast OT miniseries episode based on the Dragos OT report, the hosts explain how OT environments are often compromised through IT networks and focus on the browser as a major attack target alongside email. They discuss practical ways to harden browser security, including DNS filtering (with examples like blocking newly registered domains and improving visibility), CIS browser hardening benchmarks and policies (updates, extension restrictions, disabling built-in password saving, limiting browsers), and the role of secure web gateways/web proxies with SSL inspection and DLP considerations. They also cover enterprise password managers, passkeys, and new enterprise browser tools that provide granular controls and DLP for web apps (including AI use cases), plus how EDR and SIEM telemetry support detection and response. They close with a recommended rollout order and preview upcoming episodes on third-party vendor management and OT network monitoring. 00:00 Mini Series Setup 00:43 Why Browsers Are Targeted 03:43 DNS Filtering Basics 06:41 Remote Protection Benefits 09:06 CIS Browser Hardening 11:30 Locking Down Extensions 14:11 Secure Web Gateway Proxies 16:56 Subscribe and Share 17:43 Enterprise Password Managers 19:23 Password Manager Benefits 20:22 Hosting and Vendor Risks 21:12 Passkeys and Unique Logins 23:37 KeyPass and Offline Vaults 24:05 Enterprise Browser Overview 25:53 DLP and Download Controls 26:40 BYOD Visibility and AI Policies 30:21 AI Extensions and Control 32:14 EDR and SIEM Telemetry 35:37 Layering Tools Before EDR 36:54 Practical Rollout Roadmap 40:55 OT Tie In and Next Episodes