Redefining Signal, Value, and Resilience
Signal to Noise: A Conversation with David Seidman, Head of Platform Security at Plaid
Welcome back to Signal to Noise, where we distill meaningful conversations with security leaders into practical takeaways. This week, I sat down with David Seidman, Head of Platform Security at Plaid.
David brings battle-tested experience from high-stakes incident response at Microsoft (including the Stuxnet response team) to building modern detection programs at Robinhood and now Plaid. Beyond their security credentials, they're an ultramarathoner with seven 100+ mile races completed, including a 50-mile ruck race carrying a 30-pound pack. If you want to understand resilience in human form, look no further.
On Signal to Noise: Stop Wasting Human Cycles
David's definition of signal to noise cuts straight to the point:
"Humans should only be doing things that are worth their time. If a detection rule is noisy, turn it off."
They challenge the common industry fear that turning off alerts makes you liable, while never creating them somehow absolves you. This mindset, they argue, is fundamentally backwards. "We don't hold ourselves accountable for not writing detections, but we do for disabling them. It's a fallacy."
Their message is clear: Don't waste human cycles on what a machine can do — or worse, on what no one should be doing at all.
On AI: Demand More Than Just a Buzzword
David describes themself as an AI believer, but a skeptical buyer:
"Everyone has AI. The question is: what value does it actually deliver?"
They categorize AI usage in security products into four types:
1. UI/Interaction-Level: Natural language to DSL translation — useful, but incremental.
2. Embedded in the Product: AI is the actual engine (e.g., auto-triage, alert clustering).
3. Decorative Add-on: A widget that doesn't meaningfully impact the core experience.
4. Marketing Veneer: AI mentioned because it sells, not because it works.
Buyers, they insist, must ask critical questions: Does this AI reduce toil, improve fidelity, or accelerate value?
They're refreshingly honest about the gap between vendor claims and reality:
"A lot of vendors don't mention when the AI is laughable. And we're not great as an industry at holding them to real performance metrics."
Their practical stance? They don't care if a detection is powered by an LLM, a regex engine, or trained monkeys—just that it works with high fidelity. Show your false positive and false negative rates, and let the customer decide.
On Time Management: From Triage to Strategy
When it comes to prioritizing their own time, David approaches it with operational clarity:
Unblock others: "If someone's waiting on me, that's my top priority."
Invest in the team: Coaching, approvals, removing blockers.
Think strategically: "Six months of work that never ships is failure. I make sure our roadmap adds up to something meaningful."
Personal growth: Admittedly last on the list—but still essential.
This prioritization framework reflects their broader belief in purposeful execution over reactive cycles. "A treadmill that rises with the tide," as they put it, still represents progress.
On Security Investments: Finish Something
David's approach to prioritizing security investments is elegantly straightforward:
"I've never seen a quant framework that couldn't lead you to the wrong decision."
Rather than over-optimizing complex impact models, they rely on expert judgment and forward momentum:
Pick one of N equally important projects.
Finish it completely.
Then move to the next.
Their point is clear: Half-built security doesn't reduce risk. Finished systems do.
When evaluating those investments, he focuses on:
Red team success/failure rates
Defense coverage against known attacker techniques
Alignment with industry frameworks like CSF/NIST ("documentation's cheap")
It's pragmatic decision-making with an ROI mindset—even when precise measurement isn't always possible.
On Vendor Relationships: Be Useful or Be Gone
This segment offers invaluable advice for security vendors:
"Don't offer me a $100 gift card. That's not marketing. That's corruption."
David wants vendor conversations anchored in:
Clear understanding of the problem
Honest assessment of solution fit
Transparent pricing ("Don't hide it behind four calls")
They express frustration with pitches that assume their problems or waste their time with misaligned personas. Technical depth is non-negotiable — if your representative can't explain how the product works, you're not ready for the conversation.
"If your product solves a real problem and fits my org model and budget, I'll buy it. Just make it easy."
Their most pointed question for sales leaders:
"Do you know if your team is scheduling worthless meetings or worthwhile ones?"
On Resilience: The Foundation
We concluded with our favorite recurring question. David's definition of resilience is elegant in its simplicity:
"The ability to tolerate unexpected and adverse events without negative impact to the things you care about."
This encompasses infrastructure, workflows, and people. It's the difference between chaos and continuity, and ultimately the foundation of what security exists to protect.
Conversations like this remind us why we started Signal to Noise. In a landscape dominated by buzzwords and marketing speak, voices like David's ground us in what truly matters: purposeful security, high-signal tooling, and leadership that values team execution over vendor noise.
Stay curious and stay secure,
Damien
About David Seidman: Prior to leading Platform Security at Plaid, David built and led security teams at Google, Microsoft, Robinhood and Salesforce. Their experience spans incident response, security architecture, and detection engineering. Connect with them on LinkedIn to continue the conversation.