How AI-driven attacks demand visibility and proactive defense across identities.
Watch the Fireside Chat
Kevin Hanes, CEO at Reveal Security, sits down with Mike Melo, CISO of TMX Group, to discuss how AI is changing the threat landscape and what it means for the future of identity-based defense.
AI Is Changing the Game for Defenders
AI has rapidly become both an enabler and an accelerator for attackers. As Mike puts it,
“We’re starting to see a level up in the attack space with the AI attacks… script kiddies are going to be way more powerful than what they used to.”
For security leaders, this shift expands the threat surface faster than human teams – or traditional tools – can keep up. Kevin notes that to counter this, “you’ve got to have the ability to detect IOCs…but we’re moving into a world where you’re going to have to look at the behavior and discern what’s good from bad.”
That evolution, from static indicators to dynamic identity behavior, is the foundation of extended ITDR (Identity Threat Detection and Response). It’s no longer enough to detect identity threats at access based on rules; defenders must understand how identities act inside their environments.
Seeing Beyond Authentication
Both leaders agree that visibility after authentication remains one of the most dangerous blind spots in enterprise security. Hanes explains,
“You can’t defend what you can’t see… what happens after authentication, when the identity has the token – what is it actually doing in the applications?”
Melo reinforces that idea:
“If you look at what the attack vector is in an organization, the anchor point is an identity… getting visibility across the entire post-authentication application landscape is going to be massive for any company.”
That’s where modern identity threat detection must expand – beyond login events into near real-time activity across SaaS and cloud environments.
From Detection to Preemption
The conversation also explores how automation and remediation can help security teams act faster without disrupting business operations. As Melo vividly describes,
“The security industry was always this: we were chasing the person who’s walking down the sidewalk. And we’ve been doing it for 30 years and still haven’t caught them. Now, we’re chasing an Olympic sprinter with AI and NHI, and so we need tools to be able to intervene.”
In other words, the speed of attacks now requires preemptive action – using ML- and AI-native behavioral analytics to predict next steps and automation to stop suspicious identity behavior before it can cause serious damage.
The Path Forward
Extended ITDR is not just another acronym; it’s a strategic shift for CISOs and detection leaders. By focusing on post authentication identity behavior, organizations can move from chasing alerts to truly defending the modern perimeter – where every identity, human or non-human, becomes both a potential risk and the key to resilience.
Watch the full fireside chat to hear Kevin Hanes and Mike Melo dive deeper into AI-driven threats, automation, and the next phase of identity-first defense.
