Skip to main content

CISO Executive Review — Round 2 (SecurityV0 Platform, v0.2-dev)

Verdict: NEEDS WORK

Overall CISO Readiness: 68% (down from 70% Round 1 baseline)

This is a regression, not a progression. While specific improvements landed (remediation now names objects, impact scores removed, visual path diagrams added), new defects have appeared and critical Round 1 gaps remain unaddressed. The platform has moved sideways: some things are better, some are worse, and the net position has not materially improved toward the 85% target.

Five-Second Test: FAIL

What I see on the Overview page (overview.png) in 5 seconds:

  • Title: "Observed Autonomous Execution (30d)" -- good, unchanged from Round 1.
  • Two hero metrics: "769 TOTAL EXECUTIONS (30D)" with a red delta badge, and "29 ACTIVE AUTHORITY PATHS" with a delta badge. These are readable and the execution count leads. Good.
  • Four secondary stat cards below the hero metrics: "5 ACTIVE AUTONOMOUS", "2 DORMANT AUTHORITY", "7 AUTONOMOUS", "3 OPERATOR-ASSISTED". These are still identity inventory counts -- not business-impact metrics. Round 1 explicitly called this out. The action plan (Phase 1.6) says replace these with "Sensitive Domains Reached", "Departed Owners Unresolved", "LLM Endpoints Invoked". This has not been done.
  • "Top Risk Clusters" section shows four cluster cards: "Orphaned + Sensitive" (13 Paths), "Orphaned + Sensitive + LLM" (9 Paths), "Unbound + Sensitive" (4 Paths), "LLM Egress" (17 Paths).

What fails the 5-second test:

  1. Cluster cards still lead with path counts as the dominant visual element. "13 Paths" is the largest, boldest text on each card. The verdict sentence below it is smaller body text. Round 1 P0 item #1 was "Invert visual hierarchy on cluster cards: verdict sentence should be the dominant text element, not the path count." The action plan (Phase 1.1) restated this. It has not been done.

  2. Secondary stat cards remain identity-management vanity metrics. "5 ACTIVE AUTONOMOUS" and "2 DORMANT AUTHORITY" mean nothing to a CISO in 5 seconds. This was Round 1 finding #4 in the Signal vs Noise section and Phase 1.6 of the action plan. Not addressed.

  3. No global "top risk" callout on the Overview. The action plan (Phase 1.5) called for surfacing top 3 absolute risks across all clusters on the Overview page. Not present.

  4. The 838% delta badge is still a small red number. Round 1 called for alarm framing when deltas exceed 200% (Phase 1, item #7 in the original review; action plan did not explicitly carry this forward as it was P1). Still just a small badge.

What improved: The cluster cards do show verdict text below the path count -- sentences like "13 autonomous paths exercised customer/finance/hr/identity/it_operations-scoped authority and invoked endpoints 681 times in the last 30 days -- all under orphaned ownership." That sentence is strong. But it is visually subordinate to "13 Paths", which inverts the information hierarchy.

"So What?" Test: PASS (with reservations)

What the platform communicates about business risk:

The cluster detail pages (e.g., cluster-orphaned_sensitive.png, cluster-orphaned_sensitive_llm.png) now show a structured layout with clear column headers: AUTHORITY PATH, DATA, SENSITIVITY, LAST EXECUTION, EXECUTION COUNT, DRIFT TYPE, FINDING COUNT, and a "View in Authority Paths" link per row. Each row names specific workloads (Agent Ascribe_Summarizer, Foundry Agent701), specific destinations (Billing_Payment_Methods, GP_Clinical_Notes, Psych_Consult_Records), data domains (finance, customer, hr), and sensitivity levels (restricted, confidential). This is concrete and maps to business units.

The cluster verdict sentences on the Overview and Clusters pages (clusters.png) answer "so what" effectively:

  • "Orphaned + Sensitive": "13 autonomous paths exercised...scoped authority and invoked endpoints 681 times...all under orphaned ownership"
  • "LLM Egress": "17 paths exercised...invoked endpoints 770 times...17 lack valid ownership"

These tell me: uncontrolled automation is actively accessing sensitive business systems without human oversight.

What is still missing:

  1. No regulatory/compliance framing. The action plan (Phase 1.3) called for OWASP ASI tags on cluster cards. Data domains "customer" + sensitivity "restricted" should map to compliance implications. Not visible anywhere in the screenshots.

  2. No business-impact sentence. "Agent Ascribe_Summarizer accessed GP_Clinical_Notes 127 times" still does not say "This represents unauthorized LLM access to patient health records." The platform has all the data domain and sensitivity information to compose this, but does not assemble it. This was the single most important suggestion in Round 1's "Business-Risk Reframing" section.

  3. No "what changed since last time" filter. Phase 1.7 of the action plan called for a ?changed_since filter and a "New since last visit" section. Not present. For a CISO returning to the platform daily, there is no way to see only what changed.

"What Do I Do Now?" Test: PARTIAL PASS

Major improvement: The Authority Path Detail page now has a "Top Risk Reducers" section.

Visible in path-active-detail.png and path-active-middle.png, the Authority Path Detail page for "Agent Ascribe_Summarizer -> svc-foundry-ascribe-prod -> Billing_Payment_Methods" now shows:

  • A visual execution-derived authority path diagram (workload -> identity -> destination with role labels). This is new and excellent -- a CISO can see the chain at a glance.
  • "Active risk conditions" displayed as colored badges: Scope drift, Invalid owner, Sensitive data, Arbitrage/sharing, LLM egress. These are visible, color-coded, and immediately scannable.
  • "Top Risk Reducers" section with numbered remediation actions that NOW NAME SPECIFIC OBJECTS:
    1. "Assign owner and invalidate expanded scope -- Invalid owner + Scope drift"
    2. "Remove role granting LLM endpoint access -- Scope drift + LLM egress"
    3. "Assign owner and restrict LLM egress -- Invalid/owner + LLM egress"
    4. "Restrict scope to exercised authority only -- Scope drift"
    5. "Assign a valid owner to this workload -- Invalid owner"

This is a significant improvement over Round 1, where remediation was generic ("Restrict LLM endpoint access" with no specifics). The actions now reference the specific risk conditions they address.

Ownership section (path-active-middle.png, path-active-bottom.png):

  • Shows "Ownership" with "Maria Lopez" named as the owner
  • "Not assigned" for the current state with note "No active principal owner designated"
  • "Automation metadata" section with source system details
  • "Identity binding" section with identity, protocol, and source system

This is real progress -- a CISO can see who was responsible (Maria Lopez), that nobody currently is (Not assigned), and the specific technical identity involved.

What still does not work:

  1. Remediation actions still lack the specific technical objects. "Remove role granting LLM endpoint access" does not say WHICH role (foundry_ai_executor? sql_clinical_reader?), WHICH endpoint (Azure OpenAI Endpoint? OpenAI API Gateway?), or WHERE to make the change (Entra ID app registration? ServiceNow role assignment?). Phase 0.1 of the action plan was explicit: "Path remediation applies_to includes named entities/roles from the path. No generic terms." The labels are better than Round 1 but still not actionable without opening another tool.

  2. Cross-cluster remediation deduplication is not visible. The action plan (Phase 0.1) called for: "When the same action appears in 3 clusters, show once with 'Applies across 3 clusters.'" I cannot verify this from cluster detail pages because remediation is shown at the path level now, but the same "Assign owner" and "Remove LLM access" actions appear in every path across multiple clusters without cross-referencing.

  3. "Create Ticket" button is still absent. Round 1 flagged the disabled "Coming soon" button. In the Round 2 screenshots, I see no "Create Ticket" button at all on the path detail pages. Phase 5.2 of the action plan noted this was deferred, but its absence still breaks the CISO-to-analyst handoff.

Credibility Test: PARTIAL PASS (regression from Round 1 PASS)

What earns credibility:

  • The visual authority path diagram on the path detail page (path-active-detail.png) is a strong new addition. It shows the exact chain: workload "Agent Ascribe_Summarizer" -> identity "svc-foundry-ascribe-prod" -> destination "Billing_Payment_Methods" with VIA ROLES labeled. This is verifiable, concrete, and would stand up in a board presentation.
  • The finding detail page (finding-detail.png) shows a "Dormant Authority" finding with structured sections: Explanation, Recommended Actions (with Immediate/Short-term/Ongoing tiering), and Evidence Completeness (Current Roles: N/A, Role History: N/A). The tiered action structure (Immediate/Short-term/Ongoing) is new and useful.
  • Risk condition badges (Scope drift, Invalid owner, Sensitive data, LLM egress) on path detail pages provide at-a-glance evidence categorization.

What damages credibility:

  1. BROKEN PAGES. Two detail pages show error states:

    • exposure-detail.png: "Entity not found" error with a pink error banner and Retry button. The breadcrumb reads "Overview > Exposures > EXP-322c2c81". A CISO clicking into an exposure from the Exposures list lands on a dead page. This is a demo-killer.
    • cluster-scope_drift_sensitive.png: "Risk cluster is disabled: scope_drift_sensitive" error with a pink error banner and Retry button. A cluster that appears in navigation leads to an error page. This is a demo-killer.

    These broken pages did not exist in Round 1 (which was API-based, not visual). They represent a regression in production quality.

  2. Breadcrumb still shows hash IDs. The entity detail page (entity-detail.png) breadcrumb reads "Overview > Entities > 01c9ad87...". The finding detail page (finding-detail.png) breadcrumb reads "Overview > Findings > eval:05d2c303428d60df3a7c9e9d61f8fae9". Phase 2.3 of the action plan called for replacing hash IDs in breadcrumbs with display names. Not done.

  3. Execution confidence labels not present. Phase 1.2 of the action plan called for plain English labels: "Execution Confirmed", "Previously Active", "Standing Authority Only". These would replace the ABC grades from Round 1's recommendation. Not visible anywhere in the screenshots.

  4. The Findings page (findings.png) still shows hash IDs in descriptions. The Description column contains entries like "Authority path from workload 'Compliance Audit Exporter' to '811063c8..." with truncated hex IDs. Phase 2.4 of the action plan specifically flagged this: "Replace entity IDs in finding description strings with display names." Not done.

Noise vs Signal: PARTIAL PASS

What improved:

  • The Clusters page (clusters.png) now shows 7 clusters with clear naming: "Orphaned + Sensitive", "Orphaned + Sensitive + LLM", "Unbound + Sensitive", "LLM Egress", "Orphaned + External Egress", "Dormant + External". The names are more human-readable than the internal IDs (orphaned_sensitive, etc.) -- the plus signs and simplified terms help.
  • The Authority Paths page (authority-paths.png) now shows a clean table with columns: AUTHORITY PATH (with named workload, identity, and destination), DATA, SENSITIVITY, OBSERVED EXECUTIONS (30D), FINDING TYPES, DRIFT STATUS, and FINDING COUNT. Paths are named: "Agent Ascribe_Summarizer, Foundry -> Billing_Payment_Methods", "Agent Ascribe_Summarizer, Foundry -> GP_Clinical_Notes". This is signal-dense and correctly structured.
  • The path detail pages show "Active risk conditions" as a curated set of badges rather than dumping all finding data. Good noise reduction.
  • Impact scores have been removed (Phase 0.3, confirmed done). Remediation actions are now displayed as an ordered list. This follows Sergey's directive.

What creates noise:

  1. Findings page (findings.png) is still a flat table with 51+ rows. Filter dropdowns are visible (All severities, All types, All Workloads, All sources) which is an improvement, but the table itself shows no visual hierarchy between critical, high, and medium findings. Every row looks the same. Phase 5.1 (Findings Summary Strip with bySeverity/byType counts) is not implemented, though that was deferred to the Polish phase.

  2. The Exposures page (exposures.png) lists workloads with severity badges and identity counts. The severity column shows a mix of "Critical", "High", "Medium" badges -- but the page itself has minimal explanatory context. What does "1 Identity, 2 Paths, 1 Finding" mean as an exposure summary? The word "Exposure" in the SecurityV0 context has not been defined for the user.

  3. Seven clusters may be too many for the Overview. The Overview shows 4 clusters (two rows of two). The Clusters page shows 7 total, including "Dormant + External" (low priority, 2 paths). The dormant cluster is correctly deprioritized visually. However, "Orphaned + Sensitive" vs "Orphaned + Sensitive + LLM" vs "Orphaned + External Egress" could confuse a CISO: are these three separate problems or three facets of one governance failure?

  4. The disabled/error cluster (scope_drift_sensitive) appears in navigation but shows an error page. This is worse than noise -- it is a broken link that erodes confidence. Either hide disabled clusters from navigation or show them with a clear "disabled" state that explains why.

Delta vs Round 1

What Improved

Round 1 GapCurrent StatusEvidence
Remediation actions were generic and repetitiveImproved -- Path-level "Top Risk Reducers" now reference specific risk conditions (scope drift, invalid owner, LLM egress). Actions are named and sequenced.path-active-middle.png
Impact scores were confusing (0, 1, 10 with no legend)Fixed -- Impact scores removed entirely per Sergey's directive. Remediation is now an ordered list.path-active-middle.png (no scores visible)
No visual execution path diagramNew -- Authority Path Detail now shows a visual chain: workload -> identity -> destination with VIA ROLES labeled. Color-coded node types.path-active-detail.png
Ownership section was incompleteImproved -- Ownership section now names "Maria Lopez" as departed owner, shows "Not assigned" for current state, includes Automation metadata and Identity binding sections.path-active-middle.png, path-active-bottom.png
Risk condition badges not visible at path levelNew -- "Active risk conditions" badges (Scope drift, Invalid owner, Sensitive data, LLM egress) on path detail. Clear and scannable.path-active-detail.png
Finding detail lacked action tieringImproved -- Finding detail now shows Immediate/Short-term/Ongoing action tiers with distinct badges.finding-detail.png

What Regressed

New IssueSeverityEvidence
Exposure detail page broken -- "Entity not found" errorCritical (demo-killer)exposure-detail.png
Scope drift cluster broken -- "Risk cluster is disabled" errorCritical (demo-killer)cluster-scope_drift_sensitive.png
Finding descriptions still contain hash IDsMediumfinding-detail.png ("to '811063c8..."), findings.png
Breadcrumbs still show hash IDsMediumentity-detail.png ("01c9ad87..."), finding-detail.png ("eval:05d2c303...")

What Remains Unaddressed from Round 1

GapAction Plan ReferenceStatus
Visual hierarchy on cluster cards inverted (path count dominant, verdict sentence subordinate)Phase 1.1Not done
Secondary stat cards show inventory counts, not business metricsPhase 1.6Not done
No execution confidence labels ("Execution Confirmed" / "Standing Authority Only")Phase 1.2Not done
No OWASP/compliance tags on clustersPhase 1.3Not done
No global top-3 risk ranking on OverviewPhase 1.5Not done
No "what changed since last visit" filterPhase 1.7Not done
Remediation does not name specific technical objects (which role, which endpoint, where to change)Phase 0.1 (partial)Partially done -- risk conditions named, but specific roles/endpoints/systems still missing
Cross-cluster remediation deduplicationPhase 0.1Not visible

Scores (1-5)

DimensionRound 1Round 2DeltaNotes
Immediate executive clarity3.53.0-0.5Visual hierarchy inversion persists. Broken pages are a new negative. Stat cards unchanged.
Trustworthiness of evidence4.54.0-0.5Evidence engine still strong, but broken detail pages (exposure, cluster) undermine trust. Hash IDs in breadcrumbs/descriptions hurt perceived quality.
Relevance to CISO priorities4.03.5-0.5No compliance tags, no business-impact sentences, no "what changed" filter. Path-level detail improved but CISO-level summary did not.
Demo effectiveness3.02.5-0.5Two broken detail pages (exposure-detail, scope_drift_sensitive cluster) are demo-killers. The path detail with visual diagram demos well, but a CISO clicking through the product WILL hit a broken page.
Prioritization quality3.03.00Still no global risk ranking. Cluster ordering exists. Within-cluster path ordering by execution count is visible in the tables. No "shut this down first" promotion.
Remediation defensibility3.03.5+0.5"Top Risk Reducers" with risk-condition cross-references is a genuine improvement. Still lacks specific object names. Tiered actions (Immediate/Short-term/Ongoing) on finding detail is new and good.

Composite: 19.5/30 (65%) vs Round 1: 21/30 (70%)

Action Items for Round 3

P0 -- Fix Before Any Demo (Demo Blockers)

#IssueEvidence
1Fix exposure detail page -- "Entity not found" error when navigating to EXP-322c2c81. Either the route is broken or the entity lookup is failing.exposure-detail.png
2Fix scope_drift_sensitive cluster page -- "Risk cluster is disabled" with no graceful handling. Either enable the cluster or remove it from navigation. Do not show error pages for known states.cluster-scope_drift_sensitive.png
3Replace hash IDs in breadcrumbs with display names. "01c9ad87..." and "eval:05d2c303..." are unacceptable in any page a human sees.entity-detail.png, finding-detail.png
4Replace hash IDs in finding descriptions. "Authority path from workload 'Compliance Audit Exporter' to '811063c8..." must resolve to the destination display name.findings.png, finding-detail.png

P1 -- Fix This Sprint (CISO Clarity)

#IssueCarried From
5Invert visual hierarchy on cluster cards. Verdict sentence dominant, path count secondary badge.Round 1 P0 #1, Action Plan Phase 1.1
6Replace secondary stat cards with business metrics. "Sensitive Domains Reached", "Departed Owners Unresolved", "LLM Endpoints Invoked" instead of identity inventory counts.Round 1 P1 #6, Action Plan Phase 1.6
7Add execution confidence labels ("Execution Confirmed" / "Standing Authority Only") to authority path rows.Round 1 P0 #2, Action Plan Phase 1.2
8Name specific technical objects in remediation. "Remove role granting LLM endpoint access" must say which role (foundry_ai_executor), which endpoint (Azure OpenAI Endpoint), and where to revoke (Entra ID).Action Plan Phase 0.1
9Add OWASP ASI compliance tags to cluster cards. The mapping exists in the action plan.Action Plan Phase 1.3

P2 -- Next Sprint

#Issue
10Add "What changed since last visit" filter (Phase 1.7)
11Add global top-3 risk ranking on Overview (Phase 1.5)
12Enable "Create Ticket" or equivalent handoff mechanism

Bottom Line

The platform improved in depth (path detail pages are genuinely better -- the visual chain diagram, risk condition badges, tiered remediation, and named ownership are real progress) but regressed in surface quality (two broken detail pages, persistent hash IDs, unchanged stat cards, unchanged cluster card hierarchy). A CISO evaluating this product will see the broken pages before they see the improved path detail. The improvements are below the fold; the regressions are at click distance.

At 68%, this is further from the 85% target than it was at Round 1's 70%. The gap is not in the data engine or the evidence model -- those remain strong. The gap is in the presentation layer and in basic production quality. Fix the four P0 items (broken pages, hash IDs) to get back to 70%. Then execute Phase 1.1 (cluster card hierarchy), Phase 1.6 (stat cards), and Phase 1.2 (confidence labels) to reach 80%+. The path to 85% requires compliance tags, global risk ranking, and the "what changed" filter.

Would I present this to my board today? No. Would I demo it to a design partner? Only if I controlled the click path and avoided the Exposures detail and scope_drift_sensitive cluster. The path detail page is the strongest screen in the product -- lead with that in any demo.