Piyush Sharma, Co-Founder and CEO of Tuskira – Interview Series

Piyush Sharrma  is a seasoned cybersecurity and product leader with over 18 years of experience building and scaling enterprise-grade security platforms. He previously co-founded Accurics, a cloud-native security company acquired by Tenable, where he played a key role in integrating infrastructure-as-code security into broader enterprise ecosystems. With a background from the Department of Management Sciences (PUMBA), Piyush is known for his people-first leadership style and thought leadership in areas like shift-left security, DevSecOps, and AI-driven threat detection.

He is currently the CEO and Co-founder of Tuskira, an AI-powered cybersecurity platform designed to unify telemetry from over 150 security tools into a cohesive security mesh. Tuskira uses GenAI-based agents and a dynamic digital twin to simulate real-world attack paths, validate exploitability, prioritize actionable risks, and autonomously improve defenses in real time. By reducing alert fatigue and increasing the effectiveness of existing tools, the platform helps enterprises shift from reactive to proactive, exposure-driven security operations.

Let’s start with your founding vision—what inspired you to launch Tuskira, and what fundamental security problem were you determined to solve from the outset?

AI’s strength lies in doing huge amounts of data analysis, and cybersecurity traditionally has been a data problem. The environments are dynamic, your customer applications are dynamic, and there are lots of big moving parts. The goal with Tuskira was to leverage AI to solve the complex problems that arise in these environments, while reducing the amount of human intervention required.

You’ve built and exited multiple cybersecurity ventures before this. How did your experiences at Accurics, Tenable, and Symantec shape your approach to building an AI-native security platform from day one?

My experiences with Accurics, Tenable, and Symantec gave me a deep, firsthand understanding of where new threats will emerge and how they will evolve. In cybersecurity, anticipating the future isn’t guesswork, it’s pattern recognition grounded in years of exposure to how attackers think and adapt. That level of insight only comes from spending a significant amount of time immersed in the domain.

Cybersecurity is not a traditional software engineering field where you can jump in with no experience and somehow be able to make something out of it. It’s been said that you don’t have to have experience in cybersecurity to be a cyber founder.The truth is more nuanced. While strong product instincts are important, truly effective cybersecurity platforms require more than product-market fit,they demand a deep understanding of the threat landscape and how it’s shifting in real time.

Cybersecurity is about solving a customer problem, rather than building a narrative that fits what people want to hear. That kind of insight only comes from domain depth, and it’s what ultimately enables you to build solutions that work not just in theory, but in the unpredictable, adversarial environments our customers face every day.

Sebuah baru-baru ini Studi Gartner predicts that 40% of AI-related data breaches by 2027 will stem from misuse. In your view, what are the most common ways security teams are currently misusing AI?

The most common way that I’ve seen security teams misusing AI is using public versions of AI, such as ChatGPT, Anthropic, or Microsoft Copilot, to analyze organizational data. This can result in confidential information being unintentionally leaked.

Companies need fine-grained, private LLMs in order to ensure sensitive information does not escape from the organization. These private models provide much greater control over where the information is going, and who has access to it. Additionally, the validity of public models are much harder to determine than private ones, potentially compromising the information being returned.

What types of data inputs are most critical for AI to generate meaningful and secure outcomes in cybersecurity, and how can teams ensure they’re providing the right context?

AI requires distilled and well-labeled security data to generate meaningful outcomes. It’s hard to bring data from hundreds of tools used in an enterprise into a unified taxonomy, and then distill it even further so the AI can truly understand what it is absorbing. However, without proper data filtration, AI will not be able to function properly.

AI requires data from all security controls, IT controls, and infrastructure tools. Security teams need a comprehensive data strategy to make sure the fine data set is prepared, labeled, and distilled so the AI has the proper context behind the information it’s presented with. Mindless data dumping is not enough.

Tuskira describes itself as “agentic AI.” Can you explain what that means in practical terms for a security team? How is this different from traditional automation or even GenAI-powered tools?

Tuskira is an AI-native platform that leverages AI SOC-agents to detect, assess, and respond to deep buried threats under large amounts of data. Your security tools create lots of data every day. Making sense of that data is a machine-level problem. Agentic AI delivers AI agents that can mine, harvest, and produce the right value from that data, and that is what Tuskira provides as a native platform.

Security teams can use these AI agents for their own customized desired outcomes. The agents are outcome driven and have the real-time context of customers and security teams. In traditional automation, any sort of automation required humans to write the playbook, including the steps to be followed by the automation scripts. AI agents change this notion, since they have their own mind and fine-tuned models that allows them to create, execute and validate their own playbook, recreating the playbook if the prior one did not work.

Tuskira’s platform has the ability to reason, identify its own plan, and deliver the outcome without any human intervention. This is not possible in traditional automation.

Tuskira’s platform simulates real-world attacks in a digital twin. How does this simulation process help in proactively identifying threats that may otherwise go undetected?

At Tuskira, we’ve built a platform that doesn’t wait for threats to surface, it actively seeks them out. Our digital twin technology creates a real-time replica of your environment, allowing our AI agents to simulate a wide range of attacks, from API and DNS exploits to supply chain intrusions, before they ever reach production.

This simulation isn’t hypothetical. It mirrors your actual systems, configurations, and data flows, enabling us to uncover not just exploitable vulnerabilities, but those that are also indefensible, issues traditional scanners routinely miss. By validating which weaknesses could be used to bypass existing controls, we turn unknown risks into known, actionable insights.

That’s the shift from reactive defense to proactive resilience. And it’s only possible when your platform can think, test, and act ahead of the threat. That’s what we’ve built with Tuskira.

You’ve unified telemetry from over 150 tools into a single security mesh. What were the biggest technical challenges in building a truly interoperable system at that scale?

Collecting the data from over 150 tools is not the challenge; being able to distill and properly label the data so the AI can understand it all is the challenge. Tuskira has built an AI native semantic layer that can ingest data across multiple formats, hundreds of security controls, and MCP servers to unify data in a structure that AI models can understand. This all runs autonomously, where AI agents are curating and re-normalizing the data into the structure that is most conducive for extreme amounts of analysis.

Most security solutions today are reactive—waiting for threats to appear. How does Tuskira shift the industry toward a proactive model, and what measurable outcomes does this unlock for organizations?

Most modern solutions only act when an attempt to breach a system has been alerted. Tuskira preemptively identifies where the most susceptible areas for potential breaches are in an organization’s defenses, and fills these gaps to reduce further chances of exploitation from an attack.

Tuskira’s AI SOC agents are constantly analyzing the alerts coming in from various security tools, correlating them with the most exploitable vulnerabilities, and taking an appropriate action by optimizing your defense layer instead of constantly reacting to it. In case of an attack, Tuskira can measure whether action needs to be taken, or if the attacker does not have the means to breach the defenses in place.

You hold over a dozen cybersecurity patents. Can you share one recent innovation within Tuskira that you're particularly proud of, and the problem it solves?

There are multiple problems being solved with Tuskira. The first is: how can you build an AI-native platform that can analyze terabytes of data at enterprise scale? Through our innovations revolving around data management and distillation, we are able to conduct data analysis in a highly scalable fashion.

Tuskira has dozens of patents that determine how to fine tune models around a cybersecurity domain. We’ve created a swarm of LLMs models to produce the most effective and highest efficacy outcome.

By creating in-house guard rails around detection and assessment, Tuskira can create agents that produce a predictable outcome over a period of time.

Looking ahead five years, what role do you believe AI will play in security operations centers (SOCs)? Will the human analyst become obsolete—or something more powerful?

Five years from now, AI will take over L1, L2 and L3 roles. The majority of the functions will be delivered through AI agents, and humans will focus on making sure the AI is making the right decision and helping augment the automation of that decision.

AI will not replace humans; they will augment what humans can do on a larger scale. It is AI’s job to make attackers’ jobs harder. Humans’ focus will shift to the decisions the AI is making and automating those decisions, rather than all of the muckwork that they have to take care of on a day-to-day basis.

If you had to give one piece of advice to CISOs trying to future-proof their security architecture in the age of AI, what would it be?

There’s a fundamental shift happening in cybersecurity. You have platforms that were built before AI and are now retrofitting it, and platforms that were purpose-built with AI at their core. That distinction matters more than ever. 

If I had one piece of advice for CISOs, it’s this: don’t just ask if your tools use AI, ask how deeply AI is embedded in their architecture. Is the platform AI-native, or is it relying on superficial integrations to check a box?

The threats we’re facing now, and the velocity at which they evolve, demand systems that are not only intelligent but inherently adaptive. Security architecture must be built for the AI age from the ground up, with the ability to continuously learn, simulate, and respond in real time. Anything less will leave gaps you won’t see until it’s too late.

 Terima kasih atas wawancaranya yang luar biasa, pembaca yang ingin belajar lebih banyak harus berkunjung Tuskira.