
#277 - From SaaS to AI Agents: Gone in 60 Seconds
From CISO Tradecraft® by G Mark Hardy & Ross Young
March 30, 2026 · 40 min · Episode 277
About this episode
The episode discusses the transformation of software development and cybersecurity through large language models and AI agents.
In this CISO Tradecraft episode, co-hosts G Mark Hardy and Ross Young discuss how large language models are transforming software development and shifting cybersecurity from buying Software as a Service to “Service as Software,” and ultimately to "Systems of AI agents". They explain how writing code in English enables rapid prototyping, changing cost models by reducing labor hours and increasing speed and scale, with metrics like shrinking a 40-hour threat model effort to a 10-minute agent output. Ross outlines three generations, SIEM (SaaS), SOAR (services as software), and systems of agents (AI SOC), highlighting broader, evolving detection coverage. They cover risks including underestimated maintenance, scope creep, automating bad processes, and insecure AI-generated code, and demo a prompt-built software composition analysis/SBOM tool using CycloneDX and OSV. Ross also introduces his company, Clear Capabilities, focused on agentic workforce automation for governance, privacy, architecture, and compliance. Cybersecurity's Dirty Secret: Why Most Budgets Go To Waste - https://www.amazon.com/Cybersecuritys-Dirty-Secret-Budgets-Tradecraft%C2%AE/dp/B0G26WHVTG/ Ross Young…
People in this episode
Hosts: G Mark Hardy, Ross Young
Topics covered
- large language models
- software development
- cybersecurity
- AI agents
- automation
- risk management
Keywords
- SaaS
- Service as Software
- AI SOC
- threat modeling
- automation
- software composition analysis
- governance
- privacy
- compliance
Mentioned in this episode
Organizations: Clear Capabilities, CycloneDX, OSV, Backslash Security
Books & works: Cybersecurity's Dirty Secret: Why Most Budgets Go To Waste
More episodes of CISO Tradecraft®
- #287 - Cybersecurity Insights You'll Want to Hear (with Michael Hammer) · June 8, 2026 · 45 min
- #286 - AI-Native Security (with Nishant Doshi & Saro Subbiah) · June 1, 2026 · 46 min
- #285 - Passwordless Authentication (with Nishant Kaushik) · May 25, 2026 · 42 min
- #284 - Lessons Learned from SQL Slammer to AI Agents (with Aaron Turner) · May 18, 2026 · 46 min
- #283 - Leadership Lessons and the Art of the Performance (with Chris Brogan) · May 11, 2026 · 48 min
- #282 - Top 10 Agentic AI Attacks (with Rock Lambros) · May 4, 2026 · 45 min
Explore listener stats, chart rankings, contacts and more on the CISO Tradecraft® podcast page.