Loris Degioanni: Headless Security and the Coding CISO

Welcome back to Zero Signal! In this episode, Conor Sherman and Stuart Mitchell are joined by cybersecurity royalty: Loris Degioanni, the co-founder of Wireshark, founder and CTO of Sysdig, and the creator of Falco, the open-source standard for cloud-native runtime threat detection. Loris steps up to break down a revolutionary new architectural paradigm: Headless Cloud Security. Following the release of Sysdig's brand new model for agentic defense, Loris explains why the era of security teams staring at dashboards and clicking through complex UIs is dead. With exploit windows rapidly collapsing down to mere minutes, the interface must entirely disappear into the environment where coding agents live. In this conversation, Conor, Stu, and Loris discuss the shift toward flattening security organizations and the rise of the "Coding CISO". They challenge the failing legacy strategy of baking checklists into standalone agents, arguing instead for injecting security and hard-coded expertise directly into the substrate of development tools via open-source communities, MCPs, and plugins. Continued Reading & Resources: Sysdig Cloud Native Security and Usage Report (2026): https://sysdig.com/resources/papers/2... Falco Open Source Project: https://falco.org/ Wireshark Foundation: https://www.wireshark.org/ Loris Degioanni’s Headless Security Founder's Letter: https://sysdig.com/blog/headless-secu... About the Guest: Loris Degioanni is a foundational pillar of modern computer networking and cloud security. He is the co-founder of Wireshark, the world's most widely used network protocol analyzer, and the founder and CTO of Sysdig. An open-source pioneer, Loris also created Falco, the CNCF graduated standard for cloud-native runtime threat detection. He holds a PhD in Computer Engineering from Politecnico di Torino and actively contributes to re-architecting cybersecurity for the agentic era. Key Topics: 01:17 Rebuilding the Operating Model Around Coding Agents 01:54 Defining Headless Security: Moving Beyond Dashboards 03:34 The Disappearing UI: Consuming Software Inside the Agent 06:53 Prioritizing Outcomes Over Problems: The Death of Point-and-Click 08:18 Shifting Beyond Traditional Vulnerability Prioritization 09:55 Tech Layoffs and Flattening Organizations: Everyone Becomes a Contributor 11:31 Rise of the "Coding CISO": Why Executives Must Get Hands-On 12:38 Building GRC and Security Tooling in Hours with Claude Code 13:46 Blending Architectural Vision with Agent Management Skills 15:21 The Defensive Paradox: Why AI Will Increase Cyber Headcount 18:04 The Three Technical Pillars of 2026 Tech Stacks 20:32 Rediscovering the "Love of the Game" Through Prompt-Driven Creativity 24:12 The Timeline of Failing Strategies: Trying to Bake Security Into the Agent 25:34 The Evolution of Substrate Security: From AutoGPT to 4.6 Models 28:44 The Friction of Tool Fragmentation vs. Centralized Ecosystems 31:37 Private Enterprise LLMs: The Safe Way to Handle Token Costs 34:11 Democratizing Software Development: The Marginal Cost of Code Hits Zero 37:40 Overcoming the Enterprise Fear of Open-Source Foundation Integration 40:20 Defining "Skills" in the Headless Architecture (Integrations, Skills, Facilitation) 41:38 Encoding True Engineering Expertise into AI Plugins Meet our Sponsors: Hampton North is the premier US based cybersecurity search firm. Start building your security team with Hampton North: https://hamptonnorth.com/?utm_source=... Sysdig is the leader in AI-powered real-time cloud defense; stop watching and start defending: https://www.sysdig.com/?utm_source=we...