What you'll learn
Loris Degioanni argues that embedding AI inside security products is already the wrong architecture — the right move is building headless security that runs natively inside coding agents like Claude Code, where security data integrates with everything else in a practitioner's workflow.
The exploit window collapsing to minutes means security leaders who can't operate close to the codebase will structurally lag threat actors, making the coding CISO — not the manager-of-managers CISO — the model that survives.
Skills, as a concept distinct from simple MCP integrations, let security vendors encode years of domain expertise into a portable package that a practitioner can install with a slash command and immediately have an onboarded expert in runtime security or vulnerability management.
Description
Loris Degioanni is the co-founder of Wireshark, founder and CTO of Sysdig, and the creator of Falco — the open source standard for cloud-native runtime threat detection. He has spent his career building the foundational instrumentation layer that modern cloud security runs on, and he has been putting real resources behind agentic AI since GPT-3. This conversation is about Sysdig's new bet on headless security: a structural argument that the dashboard era of security tooling is ending, and that the right place for security capability to live is inside the coding agent harness where practitioners already work.
The core claim is that having an AI inside your security product is not the same thing as having your security product available inside your AI. Degioanni walks through why that distinction matters enormously — for response speed, for workflow integration, for the compounding value that comes when threat data, Slack, Kubernetes tooling, and open source response libraries all share the same context window. He also makes a specific prediction about the security workforce: unlike most industries where AI contracts headcount, cybersecurity will see attack volume scale faster than defensive automation can absorb it, which means the demand for skilled practitioners goes up, not down. This episode is for security leaders and practitioners who are trying to figure out where to place their bets right now — on tooling, on skills, and on their own careers.
What we cover
"Security teams don't need more dashboards. They need better outcomes" — the founding thesis behind Sysdig's headless security bet and what it actually means for how security operations get structured.
"I don't want to go to my tools anymore" — Degioanni on the moment Cloud Code became his operating system and why any security product that requires a separate UI is now legacy by definition.
"Skill is essentially a way to encode expertise so that it's effectively consumable by an AI" — the distinction between MCP integrations (plumbing) and skills (packaged domain knowledge), and why that difference is the heart of the agentic shift.
"The coding CISO" — why Degioanni believes security leadership will select for technical depth rather than away from it, and what flatter security organizations actually look like.
"As our defensive capabilities will become better and better through the use of AI, the attackers will do the same" — the case for why cybersecurity is the one industry where AI increases headcount demand rather than destroying it.
"I can essentially give you somebody that really understands runtime security for Kubernetes in a package that you install with a slash command in Cloud Code, and you're ready to go" — a concrete example of what headless security unlocks that a product-embedded agent cannot.
"What would you build?" — the question Degioanni says every security leader should be asking right now, framed as a first-principles shift from procurement thinking to engineering thinking.
Thank you to our Sponsors:
→ Hampton North is the premier US based cybersecurity search firm. Start building your security team with Hampton North.
→ Sysdig is the leader in AI-powered real-time cloud defense; stop watching and start defending.
The conversation
Why having AI inside your product is the wrong answer
Degioanni has been building toward agentic security longer than most — Sysdig shipped Sage in 2023 when most vendors were still debating whether to add a chat window. That head start gave him time to watch the model evolve and eventually reach a conclusion that cuts against where most of the industry is heading: putting your AI inside your product is building in the wrong direction.
The argument is straightforward. When a security tool's AI lives inside that tool's UI, its value is bounded by what that tool can give you. When the same capability runs inside Cloud Code or a comparable coding agent harness, it immediately inherits everything else that lives there — Slack channels, Kubernetes tooling, open source response libraries, spreadsheet data, whatever else is in the practitioner's environment.
"By leveraging a headless security solution, all of this kind of stuff is unlocked. If you give me your agents to run inside your product, their value is only limited to what themselves they can give me as value."
He also makes a point about privacy that is easy to miss. When the security stack integrates at the coding agent layer inside a company's own hosted model, those conversations stay inside the perimeter. Adoption goes up, token costs stay internal, and the security team stops being the group that forces practitioners to context-switch out of where they're already working.
The exploit window doesn't wait for dashboards
The urgency behind headless security isn't just about developer experience. It's about clock speed. Sysdig's threat research has been tracking the collapse of the exploit window — from days, to hours, to minutes. A detection-to-influence gap measured in minutes is not a workflow that accommodates clicking through a UI.
Degioanni's view is that this dynamic makes the practitioner's location in the stack a security property, not just a productivity question. If your detection fires and the path to response runs through a dashboard, through ticketing, through a team handoff — the threat actor is already ahead of you. The coding agent harness matters because it puts detection data, response tooling, and infrastructure access in the same place, with context already loaded.
"As our defensive capabilities will become better and better through the use of AI, the attackers will do the same. And we'll do the same probably even more aggressively than us, defenders."
This is also where the security workforce argument gets its teeth. Degioanni is not saying AI will do defensive work more cheaply. He's saying AI will drive attack volume and sophistication high enough that defenders will need to absorb dramatically more signal and take action faster than any human operating through a traditional tool interface can manage. The math on headcount demand in cybersecurity doesn't look like any other industry.
The coding CISO isn't a metaphor
One of the most direct things Degioanni says in the conversation is that he has gone back to contributing actively to Sysdig's source repositories — not as a symbolic gesture, but because the tools now make it practical for someone with an hour or two a day to produce something useful.
"Even if I have an hour or two a day, now I can do something useful, while before I couldn't."
He extends this to what he thinks a CISO should look like in three to five years. The people who will lead security organizations, in his view, are the ones who can combine architectural judgment and organizational leadership with actual hands-on contribution — what he calls the coding CISO. This isn't nostalgia for the days when CISOs came up through pen testing. It's a specific claim about what the job requires when your defensive posture depends on shipping workflows, automating responses, and building tooling faster than your adversaries can adapt.
"We will see more, less and less managers of managers or people whose only purpose is, let's say, running the organization. And more and more at any level, including the CISO probably, we will see coding CISOs, know, get their hands dirty."
The counterintuitive piece of this is that AI doesn't reduce the need for technical depth — it amplifies what someone with genuine depth can do. An experienced security leader who understands the architecture and knows what needs to be built can now execute on that faster than a large team could have five years ago. The army of one becomes real.
Skills are encoded expertise, not fancy prompts
Degioanni draws a careful distinction between two things that get conflated in vendor announcements: MCP integrations and skills. The integration layer — connecting your security tool to a coding agent via MCP — is table stakes. It's plumbing. It lets you query a tool from inside your agent harness. That's useful, but it doesn't differentiate.
Skills are different. When Degioanni first encountered the concept, he dismissed it: just a renamed prompt. Then he thought about it more carefully.
"Skill is essentially, especially in cybersecurity, a way to encode expertise so that it's effectively consumable by an AI."
What that means in practice: Sysdig has years of operational knowledge about how Kubernetes runtime security incidents unfold, how vulnerability prioritization decisions get made, what the right response sequence looks like in a given environment. That expertise has historically lived in documentation, in support teams, in the heads of senior engineers. A skill is a mechanism for compressing that into a deployable package — a plugin in Cloud Code that a practitioner installs and immediately has access to, without needing to prompt-engineer their way to good judgment.
"I can essentially give you somebody that really understands runtime security for Kubernetes in a package that you install with a slash command in Cloud Code, and you're ready to go. And it immediately is with quite a lot of expertise in that field."
The implication for CISOs thinking about vendor selection: the right question is no longer whether a tool has an AI. It's whether the vendor's domain expertise is encoded in a form that can run inside your agent harness and compound with the rest of your environment.
What would you build?
The framing Degioanni keeps returning to is a question every security leader should be sitting with: given that you now have something close to an army of one — agents that can code, automate, and execute — what would you actually build?
This is a departure from how security organizations have typically operated. The procurement cycle has been the default answer to capability gaps for a long time. You identify a problem, you find a vendor who solves it, you buy it and integrate it. That model is slow, expensive, and produces a stack full of tools each with their own UI, their own AI, and their own context silo.
The alternative Degioanni is pointing toward: start from the problem, identify what needs to exist to solve it, and build it — either from scratch or by starting from open source and adapting to your specific edge cases. This isn't a call to fire your vendors. It's a call to stop treating procurement as the only answer and start treating your security team as an engineering organization with the mandate and the capability to ship.
"Imagine in the past, you know, if a CSO had the luxury of having, you know, a team of Android developers that will support the initiatives in her or his organizations, that would have been like the dream. So imagine now having this army of entities, they are not people, you know, but they can do that."
The security leaders who are already there — running Claude Code, building internal tooling, integrating their detection stack at the agent layer — aren't waiting for the industry to catch up. The gap between them and the teams still navigating dashboards is already measurable, and the exploit window is not going to widen while everyone gets comfortable.
Show notes
Guests — Loris Degioanni, Co-founder of Wireshark; Founder and CTO of Sysdig; creator of Falco, the open source standard for cloud-native runtime threat detection.
Books mentioned — None named in the conversation.
Frameworks / models / tools named — Headless Security (Sysdig); Falco; Sysdig Secure; Sage (Sysdig's embedded AI); Claude Code; Cursor; MCP (Model Context Protocol); AutoGPT; BabyAGI; OWASP Top 10 for Agentic Applications; GPT-3; GPT-5; Claude Opus; Kubernetes; Slack; Google Slides; Google Docs.
Other people / shows / resources referenced — Crystal (prior Zero Signal guest, 2026 Cloud Native Security and Usage Report); Anthropic; RSA Conference; GDPR.
Hosted by Conor Sherman and Stuart Mitchell.