I use the LOCK framework to decide which AI risks we address first and how we deliver immediate, enterprise-grade control.
Josh, can you tell us about your professional background and your current role at Unseen Security. Also tell us how Unseen Security differentiates itself from other companies in the same space?
I started my career deep in the infrastructure world, building and operating high-stakes networks and security systems for global enterprises. Over the last fifteen years I moved from hands-on engineering to product leadership, and eventually into AI security and governance. That blend of engineering, product strategy, and enterprise transformation set the foundation for Unseen Security.
As Founder and CEO of Unseen Security, we are focused on securing the most important and least protected layer in the AI era. The natural language layer. Every modern enterprise is now communicating with machines through natural language. Traditional firewalls and DLP tools were never built to inspect or govern this type of traffic.
Unseen Security delivers Natural Language Protection across the full spectrum of AI adoption. We govern and secure every interaction across chat, files, and APIs before any data touches an AI model. Unlike tools that only scan outputs, wrap a single API, or sit in narrow parts of the workflow, we provide complete visibility, full policy enforcement, and AI-native control across the entire enterprise.
We are building the AI firewall for the next decade, designed to secure every path an organization uses to connect to AI.
Your experience spans deep technical roles, from Network Engineer to AI Product leader. Which leadership and operational lessons shaped your systematic approach to bridging technology, data, and business outcomes?
Two core lessons shaped my approach.
First, infrastructure teaches discipline. When you run global networks, there is no tolerance for half-built systems or unclear ownership. Every decision creates downstream consequences. That trained me to think in systems, not features. AI requires the same thinking. You are not deploying a tool. You are rewiring how a company works.
Second, product leadership taught me that technology only matters when it delivers measurable outcomes. Enterprises do not buy models. They buy control, safety, and growth. My job is to connect those outcomes to secure, scalable AI capabilities so organizations can innovate without fear.
This combination created the operating system for Unseen Security. A company built to link safe AI usage directly to business velocity, compliance, and trust.
Early in your career, you managed enterprise networks and complex security systems. How do those lessons in resilience and accountability influence your strategy for securing the AI-first enterprise today?
When you are the person responsible for keeping a global network online, you learn one truth fast. You cannot patch your way out of systemic risk. You need the right architecture.
AI introduces a new perimeter that lives inside language. If you cannot inspect the words leaving your organization, you cannot control the risk. Managing high-stakes networks taught me to design for failure, build for visibility, and enforce policy before problems occur. Those principles map directly to AI security today.
My strategy is simple. Give enterprises the same level of visibility and control for AI interactions that we spent two decades building for network traffic. That requires a firewall for language, not another alerting tool. That is the foundation of Unseen Security.
The AI era brings new attack surfaces. What insight led you to found Unseen Security, recognizing language itself as the critical security gap?
The insight came from watching how quickly AI moved from a novelty to a core business workflow. People began sending source code, contracts, customer data, and financial information into conversational systems that were never designed for compliance or governance.
It became clear that the real vulnerability was not the model. It was the communication path between people and AI systems. No firewall, DLP, or CASB could inspect natural language or enforce policy in real time. The enterprise was blind at the moment of greatest risk.
I founded Unseen Security because AI created a new perimeter, and no one was protecting it. Natural Language Protection is the missing layer for the modern enterprise.
As an architect of large-scale AI adoption, how do you balance innovation with security and compliance across tools like Microsoft 365, Salesforce, and internal systems?
The balance starts with a simple principle. Security should enable innovation, not restrict it. To achieve that at scale, you need three things.
First, consistent control across every AI entry point. Enterprises use chat tools, agents, copilots, workflow engines, and custom AI integrations. A patchwork of point solutions cannot govern that surface area.
Second, real-time inspection before data leaves the enterprise. Once sensitive language hits an external model, compliance issues have already begun.
Third, seamless user experience. If you force employees to change how they work, shadow AI wins immediately.
We designed Unseen Security as an architecture that supports all three. One control plane that secures every path to AI, without slowing people down.
Also Read: AITech365 Interview with Malte Kosub, CEO & Co-Founder of Parloa
Unseen Security translates complex risks into enterprise solutions. What is your framework for prioritizing which AI risks to tackle first and ensuring solutions deliver immediate control?
I use the LOCK framework to decide which AI risks we address first and how we deliver immediate, enterprise-grade control. It is a model I introduced in my book “AI Firewall Essentials,” and it has become a practical guide for organizations starting their AI security journey.
L – Limit Exposure.
We begin by reducing the most common and highest-impact risks. That includes data leakage, prompt injection, jailbreaking, and the spread of hallucinated or misleading information. The goal is to prevent sensitive language from ever reaching an external model and to block malicious input before it can trigger downstream harm.
O – Observe Continuously.
AI adoption moves fast and often happens outside formal security oversight. We focus on full visibility across chat, files, and APIs so teams know who is using AI, what data is leaving the enterprise, and which patterns signal emerging threats or attempted attacks.
C – Control Compliance.
Enterprises need to prove safe AI usage under frameworks like HIPAA, GDPR, and SOC 2. By enforcing policy at the language layer, compliance becomes built in, not bolted on. If a prompt violates policy, we block it, redact it, or route it to a secure internal model before it leaves the environment.
K – Keep Evolving.
AI risks shift weekly. New jailbreaks, new agent behaviors, and new regulations require continuous adaptation. Our platform updates as the ecosystem evolves so that enterprises stay ahead of the threat landscape instead of chasing it.
The LOCK framework keeps our roadmap centered on risks that matter right now, and it ensures our protection model is simple, actionable, and repeatable. That is why I captured it in “AI Firewall Essentials” for leaders who need a structured approach to secure AI adoption.
Many enterprises experiment with AI but few achieve safe, scaled deployment. What are the most common points of failure, and how does Unseen Security close the gap?
There are two consistent gap areas.
One. Lack of real visibility and control.
Most organizations cannot see who is using AI, what data is leaving the enterprise, or which tools and agents are in play. Even when policies exist, they cannot be enforced consistently across chat, file interactions, and API workflows. This creates a blind spot at the exact moment sensitive language is leaving the organization.
Two. Using the wrong tools for the job.
Enterprises often rely on network firewalls, CASBs, or Legacy DLP systems that were never designed for natural language. These tools cannot detect prompt injection, prevent data leakage in conversational interfaces, or enforce policy before a prompt reaches an LLM.
Unseen Security closes both gaps by securing the communication layer itself. We classify, inspect, and govern every word sent to an AI system. We provide full audit trails, real-time redaction, and policy enforcement before data touches any model. This gives enterprises the ability to scale AI safely without slowing down innovation.
With AI in cybersecurity growing rapidly, how does Unseen Security keep its Natural Language Protection platform ahead of the threat landscape and enterprise maturity curve?
We stay ahead of the evolving AI threat landscape by focusing on where enterprises are right now and where they are clearly headed. Even though private LLMs are on the roadmap for many organizations, most enterprises are still early in their journey. They are adopting AI across a mix of public models, internal pilots, and emerging agentic systems, and they need unified visibility and protection across all of it.
Our strategy is to secure the entire language layer rather than any single model. Whether a prompt is sent to a public LLM, a private deployment, a Microsoft 365 Copilot workflow, or an autonomous agent, the real risk lives in the natural language that flows through the system. By classifying, inspecting, and governing that language before it reaches any model, we give enterprises consistent protection no matter how their AI stack evolves.
This approach lets organizations start with immediate safeguards for public AI use, expand into private LLMs when they are ready, and adopt agents with confidence. It keeps the platform aligned with the actual maturity curve of the enterprise while staying ahead of the threats introduced by new model architectures and new ways of interacting with AI.
What emerging technology or regulatory shifts do you expect to redefine enterprise AI security in the next 18 to 24 months?
Three major forces will reshape the landscape.
First, data sovereignty and region-specific AI workflows. Countries and industries will demand that prompts, outputs, and model hosting remain within strict geographic boundaries. Enterprises will need control over the entire AI communication path to remain compliant.
Second, the rise of internal and industry-specific LLMs. These will require consistent enforcement, auditing, and governance regardless of where the model runs.
Third, formal regulatory frameworks. The EU AI Act, NIST AI RMF, and sector-specific rules will push organizations to adopt transparent AI logging, real-time risk controls, and full auditability.
These trends make the AI firewall not a convenience but a requirement.
For the next generation of leaders working at the intersection of AI, security, and product management, what skills or mindset should they prioritize?
Three qualities matter most.
One. Systems thinking. AI is no longer a feature. It is an interconnected ecosystem. Leaders must understand how policy, data, identity, architecture, and workflow design work together.
Two. Respect for risk. Innovation without guardrails breaks trust and slows adoption. Security is not the enemy of progress. It is the foundation of sustainable progress.
Three. Curiosity with accountability. AI evolves daily. Leaders must be willing to experiment, learn fast, and adjust quickly while still delivering secure, compliant, enterprise-grade solutions.
The next generation will succeed by building products that accelerate innovation while keeping organizations safe. That is the mission we live every day at Unseen Security.
Thanks, Josh!
About Josh Cridlebaugh,
Josh Cridlebaugh is the Founder & CEO of Unseen Security, a pioneering company focused on protecting the natural-language layer of AI interactions. With over 15 years of deep technical experience, Josh began his career managing global network infrastructure and security systems, later transitioning to product leadership and AI governance. At Unseen Security, he leverages that unique blend of engineering, strategy, and enterprise transformation to secure every conversation across chat, files, and APIs before it reaches an AI model.
About Unseen Security,
Unseen Security is redefining enterprise AI protection by guarding the most vulnerable and often overlooked layer of modern systems: natural language. As organizations increasingly rely on AI for conversation, content generation, and automation, traditional security tools fall short. Unseen Security’s AI Firewall sits between your users and AI services, delivering real-time threat prevention, data loss protection, and governance before any sensitive information reaches a model. Built specifically for the AI era, their platform detects and redacts personally identifiable information (PII), blocks prompt injection attacks, enforces compliance with regulations like GDPR, HIPAA, and SOC 2, and provides full auditability.
