Behind the Shield

InfusionPoints
  • 0.0 (0)
  • Technology
  • Updated Daily

 Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences. 

  1. 1d ago

    FedRAMP, 20x, and the Future of Federal Cloud Security with Michael Schroeder

    What happens when someone who helped shape FedRAMP from inside a federal agency joins the conversation from the industry side? In this episode of Behind the Shield, Gary Daemer sits down with Michael Schroeder, Director of FedRAMP Strategy and Market Development at Excentium, to discuss the evolution of FedRAMP, the impact of FedRAMP 20x, and what the future of cloud security and compliance could look like across the federal government. Michael shares insights from his time supporting FedRAMP efforts within the Department of Veterans Affairs Digital Transformation Center, where he worked closely with OIT and OIS leadership teams, Federal business owners, and Cloud Service Providers, in close alignment to the agency authorization process, before transitioning to Excentium to focus on strategy, market development, and industry engagement. The conversation explores the shift from traditional compliance-driven approaches toward outcome-based security, the growing role of automation and machine-readable evidence, and why increased transparency is changing how government agencies, assessors, and CSPs work together. Gary and Michael also discuss agency adoption, the relationship between FedRAMP and CMMC, the challenges of scaling assessments, and why collaboration across the cybersecurity community may be one of the most important developments in recent years. Beyond compliance frameworks, Michael shares his perspective on leadership, continuous learning, cybersecurity for nonprofits, and the importance of building solutions that make security more accessible and effective for organizations of all sizes. Whether you're a Cloud Service Provider, federal agency stakeholder, cybersecurity practitioner, or simply interested in where federal compliance programs are headed, this episode offers a thoughtful look at the opportunities and challenges shaping the next generation of government cloud security. Chapters:  0:10 - Meet Michael Schroeder: Career Journey and FedRAMP Background 7:38 - Public Discourse and FedRAMP 10:17 - FedRAMP Process and Challenges 16:25 - Security vs. Compliance 22:49 - Transparency and Public Trust 28:44 - Operational Security Practices 36:36 - Monitoring and Reporting 43:15 - Adoption of 20X and Future Predictions 55:54 - Closing Thoughts, Leadership, and Community Impact What You'll Learn • Michael Schroeder's transition from the VA to Excentium and the lessons learned along the way • How FedRAMP 20x is reshaping federal cloud security • The difference between compliance and operational security • Why Trust Centers are changing how agencies evaluate cloud services • The impact of machine-readable evidence and continuous validation • Common challenges CSPs face when adopting FedRAMP 20x • Where FedRAMP and CMMC may align in the future • How automation can help agencies improve security oversight • Michael's predictions for FedRAMP and agency adoption • Why collaboration is becoming a competitive advantage in cybersecurity • How security can drive business growth, not just compliance • Supporting nonprofits through practical cybersecurity initiatives • Balancing speed, security, and innovation in modern cloud environments Guest Links: https://www.linkedin.com/in/mjschroeder1/ https://www.linkedin.com/company/excentium/ https://excentium.com/ Learn more about InfusionPoints: https://www.linkedin.com/company/infusionpoints/ Gary Daemer: https://www.linkedin.com/in/infusionpoints/ Request a Demo: https://xbu40.com/ FedRAMP 20x Quick Look Assessment: https://xbu40.com/assessment InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    1h 6m

  2. Jun 9

    Built to Last: Christian Hyatt on Entrepreneurship, AI, and the Future of Cybersecurity

    In this episode of Behind the Shield, Gary Daemer sits down with Christian Hyatt, Founder and CEO of risk3sixty, for a conversation that goes far beyond cybersecurity. Together, they explore what it means to build an evergreen company in an industry often driven by venture capital, rapid growth expectations, and short-term outcomes. Christian shares the story behind risk3sixty's culture-first philosophy, lessons learned from more than a decade of entrepreneurship, and why focusing on customers, team members, and craftsmanship can create a lasting competitive advantage. The conversation also dives into the evolving cybersecurity and compliance landscape, including AI governance, GRC engineering, automation, workforce transformation, and the changing skills security leaders need to succeed. As organizations navigate unprecedented technological change, Gary and Christian discuss how business leaders can balance innovation, risk management, and long-term sustainability. Whether you're a cybersecurity practitioner, business leader, entrepreneur, or simply interested in how great companies are built, this episode offers practical insights on leadership, growth, and building something designed to last. Chapters: 0:09 - Introduction and Guest Introduction 0:38 - Building a Lasting Company 1:10 - Unique Approach to Business 2:26 - Personal Business Journey 3:35 - Evergreen Company Concept 7:31 - Team Building and Culture 10:17 - Customer and Market Insights 22:16 - AI and Compliance Challenges 39:20 - Future Skills and Industry Trends 51:55 - Conclusion and Final Thoughts What You'll Learn:  • Why some founders choose to build evergreen companies instead of pursuing outside investment • How culture and customer focus become long-term competitive advantages • The lessons Christian learned while growing risk3sixty from a startup into a thriving cybersecurity business • Why many CISOs are being asked to do more with fewer resources • How AI is transforming governance, risk, and compliance programs • What organizations are getting wrong about AI governance and adoption • The shift from traditional GRC work to GRC engineering and systems thinking • How automation is changing the future of compliance and security operations • Why business acumen is becoming just as important as technical expertise • What the next generation of cybersecurity professionals can teach us about AI adoption • Emerging trends shaping the future of cybersecurity, compliance, and technology • The books, experiences, and philosophies that have influenced both Christian and Gary as leaders Book Links:  Another Way by Dave Whorton with Bo Burlingham: https://www.tugboatinstitute.com/anotherway/ The EOS Life by Gino Wickman:  https://www.amazon.com/EOS-Life-Live-Ideal-Entrepreneurial/dp/1637740131/ref=tmm_hrd_swatch_0?_encoding=UTF8&qid=1632761524&sr=8-1-spons Guest Links:  Christian Hyatt: https://www.linkedin.com/in/christianhyatt/ https://risk3sixty.com/ Guest's Books: Security Team Operating System: How to Run an Unstoppable Team The Good Business: How to Bootstrap a Business to $10m and Beyond For the kiddos (or adults!)- Chief Information Security Officer: CISO the Dog Saves Secure City  What Is a Good Business Made Out Of (The Good Business) Find Christian's Books Here: https://www.amazon.com/stores/author/B0D7D6HKS9?ccs_id=75ab130f-9913-4b4e-b057-dd798be408dc Learn more about InfusionPoints: https://www.linkedin.com/company/infusionpoints/ Gary Daemer: https://www.linkedin.com/in/infusionpoints/ Request a Demo: https://xbu40.com/ FedRAMP 20x Quick Look Assessment: https://xbu40.com/assessment InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    52 min

  3. Jun 2

    FedRAMP 20x, GRC Engineering, and the Future of Compliance Automation with Eric Beasley

    What happens when compliance, engineering, cloud operations, and auditing all converge? In this episode of Behind the Shield, Gary Daemer sits down with Eric Beasley, Director of Compliance and Engineering at Earthling Security, for an in-depth conversation on the evolution of FedRAMP, the emergence of GRC engineering, and why automation is becoming a foundational requirement for modern compliance programs. Drawing from nearly a decade of experience across FedRAMP, FISMA, auditing, engineering, and cloud operations, Eric shares practical lessons learned from helping Cloud Service Providers navigate authorization challenges while balancing security, compliance, and operational efficiency. The discussion explores how the FedRAMP ecosystem has evolved from manual evidence collection and screenshots to automation-driven approaches enabled by cloud-native services, particularly within AWS environments. Gary and Eric also dive into continuous monitoring, compliance telemetry, AI's role in security operations, and what the future may hold for FedRAMP 20x, cloud service providers, and government cybersecurity programs. What You'll Learn • Why manual screenshots became the standard in traditional FedRAMP assessments • How FedRAMP 20x is changing the way compliance evidence is collected and validated • What GRC engineering actually means and why it is becoming a critical discipline • How AWS-native services enable scalable compliance automation • The difference between collecting compliance data and proving security controls are actually working • Why continuous monitoring requires more than simply verifying that tools are running • The challenges of extending FedRAMP 20x concepts beyond SaaS into PaaS and IaaS environments • Where AI can help compliance teams—and where it can create new risks • Why the next generation of cybersecurity professionals still needs strong engineering fundamentals • How automation, cloud architecture, and security operations are converging to shape the future of compliance This episode is packed with real-world stories, practical insights, and honest opinions from two industry veterans who have spent years building, assessing, securing, and operating cloud environments in some of the most highly regulated sectors. Chapters: 0:10 - Introduction 0:35 - Eric's Background 1:32 - GRC Engineering and Automation 4:57 - Challenges and Efficiency 7:15 - Auditing and Compliance Themes 13:50 - Cloud Services and FedRAMP 22:09 - Data Center Transformation 32:16 - Future of Compliance and AI 48:49 - Training and Skills for the Future 54:14 - Personal Insights and Closing Guest Links: Linkedin: https://www.linkedin.com/in/ericbeasley33w/ https://www.linkedin.com/company/earthling-security/ https://earthlingsecurity.com/ Learn more about InfusionPoints: https://www.linkedin.com/company/infusionpoints/ Gary Daemer: https://www.linkedin.com/in/infusionpoints/ Request a Demo: https://xbu40.com/ InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    1h 4m

  4. May 26

    From FedRAMP to the Future of AI: Tony Bai on Compliance, Cybersecurity, and What’s Next

    In this episode of Behind the Shield, Jason Shropshire sits down with Tony Bai, Chief Solutions Officer at RISCPoint, for a wide-ranging conversation on cybersecurity, compliance, emerging technology, and the future of the workforce. Tony shares his journey from serving in the U.S. Air Force and supporting cyber operations at the Pentagon to becoming a leader in the federal cybersecurity and compliance space. Along the way, the conversation dives into the evolution of FedRAMP, RMF, CMMC, cloud security, and the realities of helping organizations navigate increasingly complex regulatory environments. Jason and Tony discuss the balance between real security and “check-the-box” compliance, why over-reliance on tools and outsourced accountability can create risk, and how organizations can build sustainable security programs that actually support business operations. The episode also explores common pitfalls in FedRAMP and CMMC journeys, the importance of tailored security engineering, and why mentorship and workforce development matter now more than ever. The conversation then shifts to one of the biggest topics shaping the industry today: AI. From AI-assisted coding and automation to concerns about losing foundational technical skills, Tony and Jason unpack both the opportunities and risks that come with rapid technological acceleration. They also reflect on how today’s cybersecurity leaders can help develop the next generation of engineers and practitioners in an increasingly AI-driven world. The episode wraps with lighter conversation around mentorship, career growth, sci-fi fandoms, Legos, and what life after cybersecurity might look like. Links to things we talked about: The 1969 Apollo guidance computer - https://www.youtube.com/watch?v=B1J2RMorJXM Running Doom on a pregnancy test - https://www.popularmechanics.com/science/a33957256/this-programmer-figured-out-how-to-play-doom-on-a-pregnancy-test/ What You’ll Learn Tony Bai’s path from the Air Force into cybersecurity and compliance leadership How FedRAMP, RMF, CMMC, and cloud security have evolved over time Why “real security” goes beyond compliance checklists Common mistakes organizations make when outsourcing security responsibilities The balance between automation, AI, and human expertise Why foundational technical knowledge still matters in the age of AI How companies can better mentor and grow the next generation of cybersecurity talent The importance of long-term trusted partnerships in compliance and advisory work Chapters: 0:11 - Introduction and Guest Welcome 1:05 - Tony's Background in Cybersecurity 3:45 - Jason's Path in IT 7:45 - Evolution of Technology 9:33 - Transition to Compliance and Advisory 13:58 - Compliance, Security Engineering, and FedRAMP 19:22 - Challenges in Compliance 24:38 - Over and Under Investment in Security 35:59 - Rapid Changes in AI and Technology 49:58 - Personal Interests and Hobbies Guest Links: https://www.linkedin.com/in/williamtbai/ https://www.linkedin.com/company/riscpoint/ https://www.riscpoint.com/ Learn more about InfusionPoints: https://www.linkedin.com/company/infusionpoints/ Jason Shropshire: https://www.linkedin.com/in/shrop/ Request a Demo: https://xbu40.com/ InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    59 min

  5. May 19

    Breaking Into Def Tech: The Top 5 Challenges Facing Modern Companies

    The Defense Tech market is full of opportunity, but getting into the space is far from simple. In this episode of Behind the Shield, InfusionPoints COO Jason Shropshire and CEO Gary Daemer each share their perspectives on the top 5 challenges companies face when trying to break into the Defense Tech and Department of Defense market. The conversation highlights how technical, operational, and business challenges can look very different depending on where companies are in their federal journey. From navigating FedRAMP and the DoD Cloud Computing Security Requirements Guide (DoD CC SRG) to finding sponsorship, securing IL4/IL5 authorizations, and surviving long ATO timelines, this conversation offers a candid look at the operational, technical, and business realities of entering the federal and defense markets. The discussion also explores: • Why sponsorship is one of the biggest barriers to entry • The difference between FedRAMP and DoD authorization pathways • Challenges around IL4 and IL5 environments • The impact of RMF, DISA, BCAP, and eMASS processes • Why predictability and automation matter for modern compliance • Hardening requirements, STIGs, and securing cloud environments • The business realities of getting a second and third government customer • How FedRAMP 20x and automation could reshape the future of Defense Tech compliance Whether you're a startup trying to break into Defense Tech, a cloud service provider pursuing federal business, or an established company navigating DoD requirements, this episode provides practical insight from a team actively helping organizations operate in regulated federal environments. What You’ll Learn: • The biggest mistakes companies make entering Defense Tech • Why compliance alone does not guarantee success • The hidden complexity of IL4/IL5 authorizations • How authorization delays impact business growth • Where the Defense Tech market may be headed next Learn more about InfusionPoints: https://www.linkedin.com/company/infusionpoints/ Gary Daemer: https://www.linkedin.com/in/infusionpoints/ Jason Shropshire: https://www.linkedin.com/in/shrop/ Request a Demo: https://xbu40.com/ Blogs:  SWFT, cATO, 20x and the Rev. 4 Drag Still Inside DoW Cloud Authorization: https://infusionpoints.com/blogs/swft-cato-20x-and-rev-4-drag-still-inside-dow-cloud-authorization The Quiet Convergence: why DoD DevSecOps, SWFT, and FedRAMP 20x are Starting to Rhyme: https://infusionpoints.com/blogs/quiet-convergence-why-dod-devsecops-swft-and-fedramp-20x-are-starting-rhyme Subscribe for more conversations on FedRAMP, Defense Tech, cybersecurity, cloud compliance, and the future of continuous authorization. InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    47 min

  6. May 12

    Understanding Minimum Assessment Scope (MAS) in FedRAMP 20x

    In this episode of Behind the Shield, InfusionPoints’ Chad Spears and Tanner Bailey break down one of the most important concepts shaping the future of FedRAMP 20x: the Minimum Assessment Scope (MAS). As organizations begin preparing for the transition toward continuous validation and automated security evidence, understanding what actually belongs in scope has become critical. Chad and Tanner unpack how MAS is designed to help organizations focus on the systems, resources, and validations that truly matter to the security of the environment instead of wasting time, engineering effort, and budget on unnecessary complexity. The conversation explores how FedRAMP 20x is pushing organizations toward a more operational, automation-first mindset. Rather than treating compliance as a one-time documentation exercise, the discussion highlights how continuous validation, reusable checks, and machine-readable evidence are changing the way cloud providers approach authorization readiness. Throughout the episode, the team connects the technical realities of Minimum Assessment Scope back to real business outcomes. From reducing engineering overhead and controlling costs to accelerating authorization timelines and improving operational maintainability, MAS is positioned as a foundational starting point for organizations pursuing a modernized FedRAMP strategy. Whether you’re a security engineer, cloud architect, compliance lead, executive stakeholder, or CSP trying to understand what FedRAMP modernization actually means in practice, this episode provides practical insight into where the ecosystem is heading and how to prepare. Chapters: Introduction and Overview - 0:08 Understanding MAS (Minimum Assessment Scope) - 0:56 Importance of MAS in FedRAMP 20X - 4:52 Defining the Scope and Its Impact - 7:29 Challenges and Considerations - 11:33 Business Impact of MAS - 26:46 Conclusion and Resources - 28:21 What You’ll Learn: • What Minimum Assessment Scope (MAS) actually means in FedRAMP 20x • How MAS can reduce complexity, cost, and engineering effort • Why continuous validation changes the way compliance is approached • How reusable KSI validation checks improve operational efficiency • Why automation and machine-readable evidence are central to FedRAMP modernization • The connection between MAS, speed-to-authorization, and long-term maintainability • Updates on Consolidated Rules 2026 (CR2026) and evolving FedRAMP terminology • What organizations should be doing now to prepare for the future of FedRAMP InfusionPoints Links: FedRAMP 20x Quick Look Assessment: https://xbu40.com/assessment https://infusionpoints.com/ LinkedIn: https://www.linkedin.com/company/infusionpoints/ Chad Spears: https://www.linkedin.com/in/chad-spears007/ Tanner Bailey: https://www.linkedin.com/in/tanner-b-37a50a132/ InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    31 min

  7. May 5

    From Acceleration to ATO: Navigating Defense Tech, Divestitures, and the Future of FedRAMP

    In this episode of Behind the Shield, we sit down with Phil Hickson alongside InfusionPoints’ Jackson Gorman and Jason Shropshire for a deep dive into the evolving world of Defense Tech and federal compliance. Phil shares a behind-the-scenes look at navigating a complex FedRAMP ATO journey during a major divestiture, including standing up a new authorization boundary while maintaining compliance and customer continuity. The conversation explores the challenges of scaling secure cloud services across federal and DoD environments, from BCAP connections and IL4/IL5 considerations to managing risk at scale. We also unpack what modernization looks like today. With FedRAMP 20x gaining momentum, the group discusses how Defense Tech companies can balance legacy requirements with continuous validation and automated evidence. The result is a candid look at where compliance is headed and what it means for companies building for mission-critical environments. If you’re working in Defense Tech, selling into federal or DoD markets, or trying to make sense of where FedRAMP is going next, this episode offers practical insight from people actively navigating the shift. Chapters: 00:08 Introduction and Guest Welcome 00:31 Phil's Experience with CSPs 02:34 Divestiture and Omnissa's Origin 05:20 Challenges with FedRAMP and DOD 15:22 Navigating DOD Authorization 33:45 Modernization and 20X Discussion 49:18 Phil's Origin Story in Compliance 55:44 Lighthearted Questions and Wrap-up Guest Links:  Phil Hickson- https://www.linkedin.com/in/philhickson/ Omnissa- https://www.linkedin.com/company/omnissa/ Omnissa trust center | Cloud security & compliance- https://www.omnissa.com/trust-center/ Omnissa Products and Platform Services- https://www.omnissa.com/products/  https://www.omnissa.com/ About Omnissa:  Omnissa provides an industry-leading digital workspace platform of services that simplifies the delivery, management, and security of devices, apps, and services to employees and IT teams alike. Explore Omnissa - the digital work platform leader- https://www.omnissa.com/about-us/ InfusionPoints Links:  Jason Shropshire- https://www.linkedin.com/in/shrop/ Jackson Gorman- https://www.linkedin.com/in/jacksonagorman/ https://www.linkedin.com/company/infusionpoints/ https://infusionpoints.com/ https://xbu40.com/ FedRAMP 20x Quick Look Assessment for CSPs: https://xbu40.com/assessment 'SWFT, cATO, 20x and Rev 4 Drag Still Inside DoD Cloud Authorization' Blog: https://infusionpoints.com/blogs/swft-cato-20x-and-rev-4-drag-still-inside-dow-cloud-authorization InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    1h 3m

  8. Apr 29

    The Agentic SOC Shift: Smarter Security, Human-Led Decisions

    What happens when your SOC doesn’t just respond to threats but actively thinks, prioritizes, and takes action? In this episode of Behind the Shield, we break down the rise of the Agentic SOC and what it means for the future of cybersecurity operations. As organizations face an overwhelming volume of alerts, evolving threats, and increasing pressure to move faster, traditional SOC models are being pushed to their limits. Enter agentic systems. These are AI-driven, decision-capable frameworks designed to augment or even transform how security teams operate. We explore how agentic capabilities are shifting the SOC from reactive monitoring to proactive, intelligent defense. From automated triage to adaptive response workflows, this conversation dives into the real-world impact of bringing autonomy into security operations and what teams need to consider before adopting it. Whether you're leading a SOC, building security architecture, or trying to understand how AI is reshaping cyber defense, this episode offers a grounded look at where things are headed and what it takes to get there. What You’ll Learn: • What an Agentic SOC actually is and how it differs from traditional SOC models • How AI agents can triage, prioritize, and respond to threats in real time • The role of human analysts in an increasingly autonomous environment • Key benefits and risks of adopting agentic security operations • How organizations can begin preparing their SOC for this shift • Where agentic approaches align with modern frameworks like continuous monitoring and validation InfusionPoints Links:  Alex Erhardt: https://www.linkedin.com/in/charles-e-7a2b8016a/ Nicholas Whitley: https://www.linkedin.com/in/nicholas-whitley-511085213/ https://www.linkedin.com/company/infusionpoints/ https://infusionpoints.com/ Get continuous security without building your own SOC: https://app.hatchbuck.com/OnlineForm/93633624292 About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.

    22 min
See All (38)

About

 Behind the Shield is InfusionPoints’ podcast where we sit down with partners, customers, and industry leaders to talk about FedRAMP, compliance, and cybersecurity in today’s government landscape. Each episode offers laid-back, insightful conversations that blend expertise with real-world experiences. 

Information

  • Creator
    InfusionPoints
  • Years Active
    2025 - 2026
  • Episodes
    38
  • Rating
    Clean
  • Copyright
    © 2026 Behind the Shield
  • Show Website
    Behind the Shield