No Priors Ep. 38 | With Material Security Co-Founder Ryan Noon

Elad Gil and Ryan Noon on aI Supercharges Cybersecurity: Material Security’s Ryan Noon On Defense.

Elad GilhostRyan Noonguest

Oct 26, 202336mWatch on YouTube ↗

Origin and core products of Material SecurityDefense-in-depth approach to email and account securityPractical applications of LLMs in cybersecurity operationsEmerging AI-driven cyber threats (phishing, voice cloning, automation)Nation-state, infrastructure, and national security implications of AIEconomics of the cybersecurity industry and incumbent vs. startup dynamicsFounder advice on markets, team formation, and AI startup pitfalls

AI-generated summary based on the episode transcript.

In this episode of No Priors, featuring Elad Gil and Ryan Noon, No Priors Ep. 38 | With Material Security Co-Founder Ryan Noon explores aI Supercharges Cybersecurity: Material Security’s Ryan Noon On Defense Ryan Noon, co-founder and chairman of Material Security, explains how the company protects cloud email (Google Workspace, Office 365) by assuming accounts will be compromised and limiting the damage through “defense in depth.”

WHAT IT’S REALLY ABOUT

AI Supercharges Cybersecurity: Material Security’s Ryan Noon On Defense

Ryan Noon, co-founder and chairman of Material Security, explains how the company protects cloud email (Google Workspace, Office 365) by assuming accounts will be compromised and limiting the damage through “defense in depth.”
He describes how generative AI, especially LLMs, has become a powerful tool for security operations, from interpreting messy signals to reading code and analyzing logs, while also amplifying attackers’ capabilities.
Noon argues that AI represents a step-function shift—like moving from bronze to iron weapons—creating an arms race in which intelligence itself becomes commoditized and nations, companies, and attackers all must adapt.
He also discusses the structure of the cybersecurity market, the dominance and acquisition patterns of incumbents, and offers candid advice to founders on markets, teams, and avoiding overcomplicated “shovel-selling” in AI.

IDEAS WORTH REMEMBERING

5 ideas

Design security assuming attackers will eventually get in.

Material’s philosophy is “defense in depth”: treat account compromise as inevitable, then constrain what attackers can access (e.g., redacting stored sensitive email and requiring extra authentication to rehydrate it).

Use off-the-shelf LLMs before over-investing in custom models.

Noon argues that even baseline models like GPT‑3.5 already contain substantial embedded security knowledge and reasoning, so teams should exploit this capability first rather than rushing into fine-tuning or building elaborate AI moats.

LLMs excel at noisy, text-heavy security tasks.

From parsing raw email headers to reading code and scanning for sensitive data leaks, LLMs act like a cheap, partial security analyst that can filter signals, explain patterns, and handle previously hard automation problems.

AI amplifies attackers by lowering skill and scale barriers.

Even simple uses—like grammar-correcting phishing emails or automating social engineering at scale—materially increase threat effectiveness, letting “one jerk with a for loop” do what used to require a roomful of attackers.

Open, liberal societies are structurally more exposed online.

Because Western systems are open, deeply networked, and largely privatized, they adopt digital tech quickly but leave a broad “soft underbelly” in cyberspace, unlike authoritarian regimes that can tightly control platforms and information flows.

WORDS WORTH SAVING

5 quotes

We used to call the company seat belts for email.

— Ryan Noon

It turns out if you feed precisely one internet to precisely a million GPUs, it picks up a thing or two about cybersecurity.

— Ryan Noon

You know that you have like 90% of a human that you can use for like a penny and a half, right? Start there.

— Ryan Noon

Intelligence is now a commodity that we can arms race.

— Ryan Noon

Play the game on easy if you possibly can.

— Ryan Noon

QUESTIONS ANSWERED IN THIS EPISODE

5 questions

How should security teams practically integrate LLMs into their existing SOC workflows without overhauling everything at once?

Ryan Noon, co-founder and chairman of Material Security, explains how the company protects cloud email (Google Workspace, Office 365) by assuming accounts will be compromised and limiting the damage through “defense in depth.”

What new classes of security products become possible if we fully assume that intelligence at “90% of a human” is cheap and ubiquitous?

He describes how generative AI, especially LLMs, has become a powerful tool for security operations, from interpreting messy signals to reading code and analyzing logs, while also amplifying attackers’ capabilities.

How can open societies mitigate their inherent cyber exposure without sacrificing the openness that drives innovation and free expression?

Noon argues that AI represents a step-function shift—like moving from bronze to iron weapons—creating an arms race in which intelligence itself becomes commoditized and nations, companies, and attackers all must adapt.

Given the acquisition-heavy nature of cybersecurity, what strategies can startups employ if they aim to remain independent and build large standalone companies?

He also discusses the structure of the cybersecurity market, the dominance and acquisition patterns of incumbents, and offers candid advice to founders on markets, teams, and avoiding overcomplicated “shovel-selling” in AI.

Where is the real line between overhyped AI “shovel-selling” and genuinely transformative AI-native security products?

EVERY SPOKEN WORD

Install uListen for AI-powered chat & search across the full episode — Get Full Transcript

Get more out of YouTube videos.

High quality summaries for YouTube videos. Accurate transcripts to search & find moments. Powered by ChatGPT & Claude AI.