In the latest episode of Detection at Scale, I sat down with James Nettesheim, CISO at Block. James’ career spans the U.S. government, including various overseas deployments; a master’s degree in computer security; computer forensics work at the United Nations; leading high-profile incident response at Mandiant; and running incident response worldwide at Google before joining Block. His background in detection, response, and forensics, combined with his experience securing large-scale technology organizations, positions him to discuss the intersection of agentic AI, security operations, and open source principles.

Our conversation explores Block’s journey building Goose, a general-purpose AI agent used across the company, and co-designing the Model Context Protocol with Anthropic. James discusses Block’s “democratizing detections” principle, where nearly half of all new detections in 2025 were created with AI, and how the company balances principled risk-taking with security rigor through data safety levels and AI security principles. His emphasis on human accountability for agent actions, the development of Binary Intelligent Triage, which achieves 99.9% efficacy, and Block’s commitment to open source provide concrete guidance for security leaders navigating AI adoption while maintaining high security standards.