
From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks - with Tommy Perniciaro
From The Professional CISO by David Malicoat
October 27, 2025 · 20 min · Episode 89
About this episode
Tommy Perniciaro discusses the security risks associated with browsers and how LayerX can help CISOs gain visibility and control.
Episode Summary Recorded live at HOU.SEC.CON, The Professional CISO Show welcomes Tommy Perniciaro , Director of Solutions Architecture at LayerX , to explore why the browser has become the least-instrumented layer in the modern security stack — and how CISOs can finally gain visibility and control over it. David and Tommy discuss everything from malicious browser extensions and OAuth-based phishing to AI prompt leakage and the emergence of “AI browsers.” Listeners will walk away with a new appreciation for the browser as the enforcement point of the future — and practical insights on deploying LayerX to close this growing gap. Key Takeaways The browser is now a primary attack surface for enterprise users. LayerX gives security teams visibility and control without replacing browsers. GenAI tools and prompts can leak sensitive data if not monitored at the DOM level. OAuth-based phishing is bypassing traditional email and network defenses. Secure enterprise browsers struggle with user adoption — LayerX works inside the browsers you already have. AI browsers are emerging as the next battleground for identity and data protection. Post-quantum cryptography will further challenge…
People in this episode
Host: David Malicoat
Guest: Tommy Perniciaro
Topics covered
- browser security
- OAuth phishing
- GenAI risks
- enterprise security
- visibility and control
Keywords
- browser extensions
- AI prompt leakage
- OAuth phishing
- enterprise browsers
- post-quantum cryptography
Mentioned in this episode
Organizations: LayerX
More episodes of The Professional CISO
- Why CISOs Are Rethinking Managed Security: Check Point’s Open Garden Approach | Lenny Krol · December 16, 2025 · 20 min
- Practical Zero Trust, Apprenticeships, and Learning to Learn in the Age of AI | Larry Woods · December 12, 2025 · 50 min
- HOU.SEC.CON Live: Merging Physical & Cyber Security + The Future of Threat Intelligence · December 10, 2025 · 20 min
- How CISOs Must Lead the Next Generation | Moses Bulus on AI, Data Security & Hybrid IT (Ep. 91) · December 8, 2025 · 44 min
- 🎙️ Episode 90 | GPSEC DFW: The Modern CISO, AI, and the OT Frontier · November 10, 2025 · 25 min
- Surviving Ransomware—and the Wilderness—with Zach Lewis · October 31, 2025 · 46 min
Explore listener stats, chart rankings, contacts and more on the The Professional CISO podcast page.