From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/f1/9b/29/f19b2933-5499-f644-fc86-f183dfb1ba50/mza_213283215122529406.jpg/600x600bb.jpg

The Professional CISO

David Malicoat

90 episodes

3 days ago

Shaping Cybersecurity Leadership: Today, Tomorrow, Together.

All content for The Professional CISO is the property of David Malicoat and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Shaping Cybersecurity Leadership: Today, Tomorrow, Together.

Technology

Business,

Management

From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks - with Tommy Perniciaro

The Professional CISO

20 minutes

1 week ago

From GenAI Prompts to OAuth Phishing: The Hidden Browser Risks - with Tommy Perniciaro

Episode Summary

Recorded live at HOU.SEC.CON, The Professional CISO Show welcomes Tommy Perniciaro, Director of Solutions Architecture at LayerX, to explore why the browser has become the least-instrumented layer in the modern security stack — and how CISOs can finally gain visibility and control over it.

David and Tommy discuss everything from malicious browser extensions and OAuth-based phishing to AI prompt leakage and the emergence of “AI browsers.” Listeners will walk away with a new appreciation for the browser as the enforcement point of the future — and practical insights on deploying LayerX to close this growing gap.

Key Takeaways

The browser is now a primary attack surface for enterprise users.
LayerX gives security teams visibility and control without replacing browsers.
GenAI tools and prompts can leak sensitive data if not monitored at the DOM level.
OAuth-based phishing is bypassing traditional email and network defenses.
Secure enterprise browsers struggle with user adoption — LayerX works inside the browsers you already have.
AI browsers are emerging as the next battleground for identity and data protection.
Post-quantum cryptography will further challenge network-layer inspection.

Notable Quotes

“The browser is where all the work is happening — SaaS, AI, identity — but it’s the least instrumented control plane we have.” – Tommy Perniciaro

“Without visibility at the DOM level, you’re flying blind to what extensions, prompts, and identities are doing inside your environment.” – David Malicoat

“Phishing doesn’t need your password anymore. OAuth grants and browser-based attacks are where it’s moving.” – Tommy Perniciaro

“LayerX turns the browsers your people already use into secure browsers — no new deployment, no friction.” – David Malicoat

“Post-quantum encryption will change inspection forever. The browser may become the new enforcement point.” – Tommy Perniciaro

Listener Benefits

Understand why browser visibility is critical in today’s SaaS-driven enterprise.
Learn how to prepare your organization for the age of GenAI and AI browsers.
Get practical deployment and change management insights for LayerX and similar solutions.
Discover how browser-level inspection complements your EDR and network security stack.

Call to Action

Subscribe to The Professional CISO Show on your favorite platform and join the movement to professionalize the CISO role.

🎧 Spotify: https://open.spotify.com/show/2C7JojNZPdg1g6AXvpKDfn?si=a7ac3172bb414673

🍎 Apple Podcasts: https://podcasts.apple.com/us/podcast/the-professional-ciso/id1731138021

🌐 Website: www.thpc.co