Risky Business

Russel Van Tuyl, VP of Services at SpecterOps and red teaming expert behind BloodHound, discusses AI red teaming and testing whole systems. He covers chatbots, RAG integrations, prompt injection risks, non-determinism and logging, explosion of machine identities, AI agents breaking least privilege, and using attack-path tooling across hybrid stacks.

Braden Rogers, Chief Customer Officer at Island, helps companies govern employee use of AI while preventing data leaks. He discusses browser-based DLP, tenancy challenges with AI providers, and routing the right model to the right user. Short, sharp takes on preventing sensitive data from being pasted into chatbots and balancing executive access with data safety.

A fast-paced dive into recent cyber attacks, from an Intune-based wiper hitting medical device firm systems to supply-chain tricks using invisible Unicode payloads. They unpack a vendor accidentally leaking a wildcard SSL key and debate AI agents acting like insider threats. Other highlights include Instagram dropping E2EE DMs, Moscow’s mobile internet controls, and wild hardware hacks on consoles and forensic tools.

Daniel Schell, Airlock Digital co-founder and CTO, builds deep endpoint controls. David Cottingham, co-founder and chief product officer, drives deny-by-default execution control. They discuss AI's role in allowlisting and why deterministic, customer-scoped automation beats LLMs for recommendations. They cover autotrust, assembly reflection, hardening UIs, and making allowlisting operationally practical.

Toni de la Fuente, founder and CEO of Prowler, a cloud security scanner creator. He discusses Prowler’s enterprise features while keeping it open source. Conversation touches on the Karuna iOS exploit toolkit and its clever JS-to-payload chaining. They also cover exploit signing bypasses and the role of unusual tool choices and LLMs in modern malware development.

Sydney Maroney, Head of threat hunting at Nebulock and creator of an open-source Agentic Threat Hunting Framework, discusses AI-driven threat hunting and her framework. She covers agent design, session memory and documentation. She explains how AI speeds hunts while stressing verification and shows where to find the framework on GitHub.

Brian Dye, CEO of Corelight, explains network detection and AI for defenders. James Wilson, security analyst, provides technical context on AI risks. Adam Boileau, security practitioner, gives hands-on analysis of incidents and tooling. They cover AI-augmented mass Fortinet compromises, model distillation accusations, AI agents causing outages and mailbox deletions, exploit-selling prosecutions, and legacy-product breaches.

Josh Devon, co-founder of Sondera and cybersecurity builder, explains the “lethal trifecta” of AI risks. He talks about private data exposure, untrusted content, and agents communicating externally. Short, punchy takes on behavioral controls, policy-as-code harnesses, adversarial testing, and deploying protections across enterprise environments.

Adam Poynton, CEO of Knock Knock, a maker of SSO-firewall integration and legacy OS agents. He discusses building agents for Solaris/SPARC and HPUX, a new Windows agent, and self-defending hosts. The conversation also covers orchestration across cloud and SaaS allow-lists, vendor trust and supply-chain tradeoffs, and why old-school platforms still matter.

Brandon Dixon, founder and CEO of Ent.AI and serial security entrepreneur, joins to discuss AI’s role in protecting endpoints. He digs into endpoint-centric world models and embeddings. Short takes cover contextual detection, AI-generated explanations, and neurosymbolic autonomous defenses. The conversation sketches how language-based understanding and deterministic safeguards could reshape security.