< Back
Episode #
114

Two Minds. One Reframe. A Shift That Won't Wait.

Vincent Passaro, Engineering Manager of Security at Stripe, didn't get there through a slide deck or a company mandate. He got there through a shower thought that followed a conversation with a friend, and it broke how he'd been thinking about building, leading, and even measuring his own team.

The reframe was simple and did not start with "we're all going to be software developers. Rather, "we're going to be product owners." That single pivot changed everything downstream, including how he approached prototyping, how he set success criteria for agents, and how he coached his team out of chasing bugs and into defining outcomes.

In this episode, Will and Vince trace both of their "pin drop" moments: the specific conversations that shifted their mental models, then try to articulate what that shift actually means for CTI analysts and security engineers working real problems today.

They talk about what it felt like to stop asking "how do I wire this" and start asking "what does success look like," and how fast things moved once that happened. They're honest about what breaks, like the siloed tools that don't talk to each other, the governance vacuum that opens when every analyst is shipping products, and the dopamine trap of adding features instead of finishing work. And they're equally direct about what becomes possible when outcome velocity: not headcount or tooling budget, and what becomes the competitive edge.

This isn't a conversation about AI hype. It's about what happens when two practitioners who've spent years operating the plumbing realize the plumbing has been commoditized and what that means for where human judgment actually matters now.

If you've been waiting for the right moment to pay attention, this is probably the episode where you stop waiting.

Topics discussed:

  • How the mental reframe from "software developer" to "product owner" changes how analysts build agentic workflows and intelligence tooling
  • Why defining outcome criteria and success conditions upfront is the core discipline for effective AI-assisted development from chaos
  • How AI collapses the cost of experimentation, enabling rapid prototyping of intelligence outcomes without procurement cycles, resource allocation fights, or dev team dependency
  • The emergence of analyst-owned toolkits and what "outcome velocity" means as a competitive advantage for small, elite security teams
  • The governance challenge created by analyst-led rapid development: individual product silos, duplicated tooling, and inconsistent standards 
  • FT3 as an open-source framework designed to lower the community contribution barrier and make collaborative fraud taxonomy viable
  • Why CISOs and boards that resist AI adoption on security grounds will fall behind, and how to reframe around people enablement 
  • Threat actors are applying the same agentic AI capabilities to scale their operations, making analyst adaptation a necessary response

Key Takeaways: 

  • The unlock isn't learning to code: it's learning to think backwards from the outcome. 
  • Define what success looks like, set the criteria the agent has to meet before it moves on, and stop micromanaging the implementation. That's the product owner shift.
  • Slow down before you build. Spend more time in planning than in execution using deep research across multiple models, comparing outputs, stress-testing the concept before a single line gets written.
  • Drop the subscription and treat the model like a teacher, not a tool. Start with a problem you already understand. Ask it to walk you from zero to fluent. It will tell you to stop thinking like a developer and start thinking like a product owner. 
  • If you have a backlog of problems you gave up on because they weren't staffable, go find them. The feasibility question that used to take months to answer now takes an afternoon. Start there.
  • Before your next team planning cycle, map what everyone is building. The duplicate tools are already being written in parallel by people who don't know about each other. Get ahead of it now, because it only compounds.
  • If you're involved in open-source threat intel frameworks, the contribution problem was never motivation, it was friction. The tooling gap is closable. Build the on-ramp and the community will use it.

Listen to more episodes: 

Apple 

Spotify 

YouTube

Website