The AppSec Founders Are All Building UEC

uecappsecai-securitycontext-engineeringmiessler

If you read Miessler’s member interviews from 2025 in order, something weird happens around the fourth one. The accents change. The products change. The venue changes. The underlying move stops changing.

Every serious AppSec and AI-security founder on the show in 2025 was independently building the same thing. One called it a unified data lake. One called it a living world model. One called it behavioral risk rating. One called it “agents that know which vulns actually matter.” One, off the RSA floor in a bar, called it “just unified context and taste.”

They were all building UEC. Unified Entity Context, Miessler’s decade-old framing — a single living model of the organization, with AI as the lens on top. None of the founders borrowed the term. They didn’t need to. They’d arrived at the shape from inside their own problem.

That convergence is the story. Five smart builders, five slices of the same industry, all independently deciding the next product wasn’t a better scanner — it was a better model of the company itself.

The Move, In Five Different Accents

Let me put them next to each other on purpose, because the shape only shows up when they’re adjacent.

Harry Wetherald, Maze (UL Member, 2025-09-22). Maze’s premise is that most of the vulnerabilities on your backlog are not actually exploitable. Agents investigate every one, the way a senior engineer would, using the environment context around it. The output is a 90-plus-percent smaller list. Harry’s framing: “we’ve been shuffling a pack of cards where most of the cards should never be in there.” What he’s actually selling is an agent that builds a living model of your environment and cross-references every finding against it. Without that model, prioritization is astrology.

Sarit Tager, Prisma Cloud / Palo Alto Networks (UL Member, 2025-07-29). Palo Alto merged Prisma Cloud and Cortex into a single unified data lake. Code findings, cloud posture, runtime, identity, and SOC signals all coexist in the same graph. The pitch isn’t “more scanners.” It’s “one queryable substrate where you can finally ask: is this thing actually in production, exposed, and reachable?” Sarit noted that non-security users will come asking the graph questions it wasn’t designed for — inventory, ownership, criticality — and that’s the signal the abstraction is right. She also named Miessler’s UEC thesis from the other side: attackers are building unified context on their targets, and defenders must build a better one on themselves.

Jason Haddix, off the RSA 2025 floor (UL Member, 2025-05-08). The most honest one, because it happened in a bar. Jason and Daniel did a two-hour review and kept landing on the same observation: the vendor floor was desperate, but the off-sites were where real builders talked, and the real builders were all converging on the same architecture. Sam Altman, asked on stage what security scenario kept him up at night, spontaneously described Miessler’s UEC nightmare — a fully-contextual assistant with your telos, journals, preferences, relationships, getting compromised. The AIxCC cyber reasoning system teams told the same panel that model upgrades helped them less than fixing their own scaffolding. And the VM rebuild Adobe, Google, and OpenAI had independently converged on: strip CVSS and CVE ratings entirely, pull only raw advisory text, then rate everything against your own company’s context layered on top of rock-solid asset management. Context is the rating function.

Bar-El Tayouri, Mend AI (UL Member, 2025-05-06). Bar-El’s one-liner: AI security is AppSec with a fuzzy interface, and most companies have ten times more AI components than they realize. The first job of his product isn’t mitigation — it’s discovery. An honest map of every model, prompt, MCP server, agent, and tool in the org. Then “behavioral risk rating” on top: the combination of system prompt plus model plus retrieval plus tools gets a single context-aware score, because the combination is the vulnerability. Individual pieces can each be safe while the graph leaks. Same move. You cannot defend what you haven’t modeled as one connected thing.

Grant Lee, Gamma (UL Member, 2025-09-18). The outlier — the non-security one. Gamma makes slide decks. And yet: Grant’s whole pitch is that the product is not a slide editor, it’s a design partner that infers the right format from who you are, who your audience is, what your idea is, and what medium they’re receiving it in. A UEC of the presenter, sitting behind the canvas. Even in a category this far from security, the move is the same: don’t build a better canvas, build a better model of the entity using it.

Five interviews. Five founders who have never read each other’s whiteboards. Five versions of the same architecture.

Why They All Arrived Here Independently

This is the part I want to sit with.

Convergence at this scale means one of two things. Either everybody is reading the same blog post (they’re not — none of them quoted Miessler’s UEC essay), or the shape is being forced by the ground.

I think it’s the ground.

Vertical software was an artifact of pre-AI tooling. Every vertical existed because you needed a specific UI on a specific schema to answer a specific set of questions. SOC software existed because security questions needed a security-shaped app. The vertical was the compromise you made because you couldn’t just ask.

The moment strong models plus large context arrive, that compromise stops being necessary. You don’t need the vertical app if the underlying entity is modeled well enough to answer the question directly. Sarit said it out loud: users quickly outgrow the security product because the graph is the best inventory in the company, and operations, legal, and business owners all want to query it. The abstraction eats its own category.

Once you feel that happen in one vertical, you cannot un-feel it. Every founder who felt it concluded the same thing: the product surface is not the scanner, the canvas, or the dashboard. The product surface is the quality of the entity model underneath. Everything else is a view.

That’s why they all sound like each other without having coordinated. They’re all staring at the same forced move.

The Builder Identity Update

I run PAI, my Personal AI Infrastructure. Isidore — my digital assistant — sits on top of it. For months I thought of PAI as a collection of scaffolding: skills, hooks, routing, memory. A good pipeline.

Reading these five interviews in sequence made me re-describe my own work. PAI is not scaffolding. PAI is a UEC — specifically, a UEC of me. Telos is the living model of my goals, beliefs, projects, constraints. Memory is the delta layer. Retrieval is the lens. The algorithm is the action engine. The whole thing is the same architecture the AppSec founders are racing to build at the company scale, just aimed at a single person.

That reframe is load-bearing for how I position myself going forward. I’m not an “AI tinkerer.” I’m a builder who picked the same shape Miessler named in 2016, the same shape Palo Alto is betting a reorg on, the same shape Maze is productizing, the same shape Mend is scanning for. That is a strong position. It is what the frontier is actually doing.

For anyone wondering whether to build UI, model wrappers, or infrastructure — the five interviews answer the question. Build the entity model. Everything else is downstream.

What This Predicts For 2026 And 2027

A few things follow directly.

Security spend flows toward the graph, not the scanners. The scanners become inputs. The graph becomes the product. Vendors still selling siloed findings will watch their renewal conversations collapse into “we just ingest your data into our lake, we don’t need your dashboard.” Palo Alto is already there. Microsoft is the obvious next one — the Graph API is already a pre-UEC.

AppSec and AI security merge into one category. Bar-El is explicit about this. Every AI component is an AppSec component with a fuzzy interface. There is no separate “AI security” industry in 2027. There is AppSec, and it covers the full graph, including the probabilistic nodes.

Attackers ship their UEC first, because they have no governance. The most uncomfortable point across all five conversations. Attackers are businesses. Businesses adopt the architecture that lowers their cost. Harry’s line — imagine your attackers now have twenty thousand employees instead of twenty — is the ground truth. The defender’s graph has to exist before the attacker’s graph is polished, or the window closes.

Personal UEC follows within two years of corporate UEC. This is the bet I’m living. What Palo Alto is doing for a Fortune 500 is what PAI is doing for one person. Same architecture, different blast radius. The AppSec founders just gave us a preview of what it looks like at enterprise scale. The personal version won’t look different. It’ll look like Isidore, with a cleaner installer.

The Short Version

Five founders, five product categories, five accents, one architecture. They called it different things because they built it from different angles. But they built the same thing — a living model of the entity, with AI as the lens on top, and everything else as a view.

If you’ve been waiting to see where AI security, personal AI, and enterprise context engineering converge, stop waiting. They already converged. Gartner just hasn’t named it yet, so it doesn’t feel real.

It will. And when it does, the people who were already building UEC-shaped systems in 2025 will have a two-year head start on everyone who reads about it in a report. I’d rather be in the first group.

Sources: Harry Wetherald on Maze (UL Member, 2025-09-22), Sarit Tager on Prisma Cloud / Cortex (UL Member, 2025-07-29), Jason Haddix and Daniel Miessler reviewing RSA 2025 off-floor (UL Member, 2025-05-08), Bar-El Tayouri on Mend AI (UL Member, 2025-05-06), Grant Lee on Gamma (UL Member, 2025-09-18). UEC framing anchored in Miessler’s “Unified Entity Context” member essay (2025-05-15).