AI Security Ops

Black Hills Information Security
  • 2.1 (13)
  • Education
  • Updated Weekly

Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).

  1. Agentic Security: The Maturity Model — From Wild West to Locked Down | Episode 58

    2d ago ·  Video

    Agentic Security: The Maturity Model — From Wild West to Locked Down | Episode 58

    In this episode of BHIS Presents: AI Security Ops, the team tackles one of the most urgent — and misunderstood — problems in modern security: How do you actually secure AI agents? Not hypothetically. Not in theory. But in the real world — where agents have access to your filesystem, your credentials, your network… and are making decisions on their own. The answer isn’t a single control or tool — it’s a maturity model. From “YOLO agent with full access” to fully instrumented, controlled, and observable systems, this episode walks through a five-level maturity model for agentic security — and what it actually takes to move up each stage. We dig into:• Why agentic AI introduces a completely different security model• What “Level 0” chaos looks like in real organizations• The risks of giving agents unrestricted access to systems• Why containment is the first real step toward security• How sandboxing changes the risk equation• The importance of logging, monitoring, and visibility• Where most organizations are actually operating today• Why skipping steps in maturity creates hidden risk• How to think about blast radius in agent design• What “fully enforced” agentic security actually looks like This episode explores a critical shift in AI security: you’re not just securing models anymore — you’re securing autonomous systems. ⸻ 📚 Key Concepts & Topics Agentic Security• AI agents with system-level access• Autonomous decision-making and execution• Expanding attack surface beyond prompts Security Maturity Model• Level 0 → Level 4 progression• Incremental risk reduction strategies• Why maturity matters more than tools Containment & Sandboxing• Limiting blast radius• Isolating agent execution environments• Preventing lateral movement Monitoring & Observability• Logging agent actions and decisions• Detecting misuse or unexpected behavior• Building visibility into autonomous systems Defensive Strategy• Designing for least privilege• Avoiding “full access by default”• Treating agents like untrusted users #AISecurity #CyberSecurity #AIAgents #LLMSecurity #ArtificialIntelligence #InfoSec #BHIS #AppSec #AgenticAI----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ (00:00) - Intro: The Reality of Unsecured AI Agents (00:24) - The Agentic Security Maturity Model Explained (07:20) - Level 0: Total Chaos (Unrestricted Agents) (11:24) - Level 1: Containment and Basic Guardrails (13:24) - Level 2: Controlled Execution (20:32) - Level 3: Monitoring, Logging, and Visibility (27:00) - Level 4: Fully Enforced Agent Security (28:00) - Final Takeaways: Maturity Over Hype Click here to watch this episode on YouTube. Creators & Guests Bronwen Aker - Host Brian Fehrman - Host Derek Banks - Host Ethan Robish - Guest Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com ☯️ Introducing BHIS Fusion Penetration Testinghttps://www.blackhillsinfosec.com/fusion-penetration-testing/ Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    30 min
  2. Introducing Fusion AI Pentest | Episode 57

    3d ago ·  Bonus Video

    Introducing Fusion AI Pentest | Episode 57

    In this episode of BHIS Presents: AI Security Ops, the team introduces a new approach to offensive security: Fusion AI Pentesting.https://www.blackhillsinfosec.com/fusion-penetration-testing/ As AI continues to reshape cybersecurity, one question keeps coming up — is AI replacing pentesters, or just changing how they work? This episode answers that directly. Rather than replacing human expertise, Fusion combines AI-driven discovery with human-led validation and exploitation, creating a workflow that’s faster, more scalable, and far more effective than either approach alone. The result isn’t just more findings — it’s better findings, faster, with real-world impact. We dig into:• What “Fusion AI Pentesting” actually means in practice• Why AI alone isn’t enough for real security testing• How human + AI collaboration outperforms either independently• The difference between finding vulnerabilities and proving impact• Where AI excels in offensive security workflows• Where human intuition and experience still matter most• How this approach scales continuous testing and red teaming• Why traditional pentesting models are starting to break down• How organizations should think about integrating AI into security testing• What this means for the future of offensive security This episode highlights a key shift in cybersecurity: AI doesn’t replace the pentester — it changes what a great pentester looks like. ⸻ 📚 Key Concepts & Topics Fusion AI Pentesting• Combining AI discovery with human validation• Augmenting—not replacing—pentesters• Faster, more scalable offensive workflows AI in Offensive Security• Automated vulnerability discovery• Pattern matching vs real-world exploitation• Limits of AI-only approaches Human + AI Collaboration• Human intuition and domain expertise• Chaining vulnerabilities for real impact• Validating and prioritizing findings Security Testing Evolution• Continuous testing vs point-in-time pentests• Red teaming with AI-assisted workflows• Changing expectations for coverage and speed Defensive Implications• Better signal vs noise in findings• Faster identification of real risk• Preparing for AI-augmented attackers #AISecurity #CyberSecurity #Pentesting #ArtificialIntelligence #LLMSecurity #InfoSec #BHIS #RedTeaming #AIAgents ----------------------------------------------------------------------------------------------About Melisa Wachs - https://www.blackhillsinfosec.com/team/melisa-wachsAbout Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ (00:00) - Intro: A Different Kind of AI Sec Ops Episode (01:59) - Introducing Fusion AI Pentesting (03:34) - Why AI Alone Isn’t Enough (05:59) - Human vs AI: Strengths and Limitations (09:12) - Finding vs Exploiting Vulnerabilities (11:43) - How Fusion Improves Speed and Coverage (15:06) - Scaling Offensive Security with AI (18:12) - Final Takeaways: The Future of Pentesting Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Derek Banks - Host Melisa Wachs - Guest Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    22 min
  3. Open Weight Models and Open Source Harnesses | Episode 56

    Jun 13 ·  Video

    Open Weight Models and Open Source Harnesses | Episode 56

    In this episode of BHIS Presents: AI Security Ops, the team looks at what it actually means to own your AI stack. Open-weight models and open-source harnesses are no longer just lab toys. They are becoming practical options for security teams that care about where their prompts, code, client data, findings, and tooling actually live. The core question: when your work depends on AI, how much control are you willing to give away? We dig into:- What data sovereignty means for security teams- Why token sovereignty matters in agentic workflows- How provider terms can become a business risk- Open-weight models vs. truly open-source AI- Why harnesses like Hermes and OpenCode matter- Where cloud providers may apply fewer restrictions- The tradeoff between local control and hosted capability- Supply chain risk in models, harnesses, and plugins- Running local models with Ollama, VLLM, and similar tools- Why “local” does not automatically mean “safe”- How to start experimenting without buying expensive hardware- The next risk frontier: local prompt injection Owning your AI stack does not magically eliminate risk. It moves the risk. Hosted models create exposure around data, terms, pricing, and availability. Local models create exposure around maintenance, supply chain, permissions, and prompt injection. The security win is not blindly choosing local or cloud — it is knowing which layer you need to control, and why. ⸻ 📚 Key Concepts & Topics Data & Terms Risk- Prompts can contain code, client data, findings, and operational context- Hosted providers may inspect, retain, or restrict usage- Terms changes can affect entire security workflows- “Allowed yesterday” does not guarantee “allowed tomorrow” Token Sovereignty- Agentic workflows burn far more tokens than simple chat- Rate limits, usage windows, and pricing changes become operational dependencies- Local hardware shifts the constraint from API quota to compute capacity- Cost control is part of architecture, not just procurement Models vs. Harnesses- Open-weight models provide downloadable weights, not always full training transparency- Harnesses provide the tool loop, permissions, memory, and provider adapters- Hermes, OpenCode, Claude Code, Codex, and similar tools shape what the model can actually do- Risk often lives in the harness around the model Local Stack Tradeoffs- Local models improve control over sensitive data- Self-hosting adds maintenance, patching, networking, and monitoring responsibilities- Tools like Ollama, VLLM, and Llama.cpp lower the barrier to experimentation- Expensive hardware helps, but it is not required to start learning Supply Chain & Prompt Injection- Model weights, plugins, skills, and MCP servers are all supply chain decisions- Local agents with shell access can turn prompt injection into local impact- “No provider guardrails” means you own the safety controls- Permissions, sandboxing, and audit logs matter more as the stack gets more autonomous Practical Starting Point- Pick one harness and go deep before chasing every new tool- Test real tasks, not toy demos- Compare hosted and local workflows honestly- Decide which layers you need to own before you need an emergency exit #AISecurity #LLMSecurity #CyberSecurity #ArtificialIntelligence #OpenSourceAI #LocalLLM #AIAgents #SecOps #InfoSec #BHIS #AppSec #PromptInjection #SecurityArchitecture ----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ (00:00) - Intro: Owning Your AI Stack (01:43) - Data Sovereignty, Token Sovereignty & Terms Risk (03:38) - Provider Inspection, Prompt Data & Business Exposure (08:09) - Where the Guardrails Live: Model, Harness, or API (12:12) - Open Weights, Frontier Providers & the Innovation Race (14:53) - Local Models, Open Harnesses & Real Hardware Tradeoffs (24:24) - Self-Hosting Reality: VLLM, Ollama, VPNs & Maintenance (31:25) - Getting Started: Pick a Harness and Run Real Tasks Click here to watch this episode on YouTube. Creators & Guests Bronwen Aker - Host Derek Banks - Host Ethan Robish - Guest Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    38 min
  4. AI Cost Saving Tips | Episode 55

    Jun 4 ·  Video

    AI Cost Saving Tips | Episode 55

    In this episode of BHIS Presents: AI Security Ops, the team digs into a problem every AI-enabled SOC eventually hits: The demo looked great — until the inference bill showed up! AI in SecOps gets expensive because security data is huge, repetitive, and constant. Logs, alerts, runbooks, tool definitions, and historical context all get pushed into models again and again. That burns money, slows systems down, and often makes answers worse. The fix is not exotic. It is basic engineering: use smaller models where they work, cache what repeats, stop dumping raw logs, and save expensive reasoning for the cases that actually need it. We dig into:• Why AI SecOps workloads get expensive fast  • When smaller models are good enough  • Where frontier models still make sense  • How grouping alerts into cases reduces waste  • Using strong models to judge cheaper models  • Why prompt caching can be a major cost lever  • How small prompt changes can break caching  • Batch APIs for non-urgent security work  • Why raw logs make prompts noisy and expensive  • RAG, deduplication, and cached verdicts  • Budget caps, circuit breakers, and stolen-key risk  • When deterministic code beats another model call  AI cost control is not just a budgeting exercise. It is a security architecture issue. If every alert goes to the biggest model with no caching, no limits, and no measurement, the system is not just expensive — it is uncontrolled. Good AI SecOps design means scoping the model, reducing unnecessary context, measuring spend, and putting guardrails around how AI is allowed to operate. ⸻ 📚 Key Concepts & Topics AI Cost Architecture  • SecOps cost comes from large inputs, repeated context, and high alert volume  • Model selection should match task difficulty  • Routine triage can often use smaller models  • Hard correlation and judgment may justify stronger models  Model Evaluation  • Test smaller models against real historical cases  • Use stronger models as judges when appropriate  • Compare quality before moving workloads  • Do not assume the biggest model is always necessary  Prompt & Context Design  • Cache static instructions, tool definitions, and repeated context  • Keep cacheable sections stable  • Avoid changing static prompts with unnecessary variables  • Better prompt structure can reduce both cost and noise  Data Reduction & Retrieval  • Do not send entire logs when only a few fields matter  • Preprocess alerts before model calls  • Use RAG instead of stuffing whole libraries into prompts  • Cache repeated verdicts for repeated alert patterns  Operational Guardrails  • Track AI spend by workload  • Set hard caps and circuit breakers  • Use limits to reduce stolen-key blast radius  • Treat AI pipelines like production security systems  Deterministic Workflows  • Not every task needs inference  • Repeatable logic should become code  • AI can help write that code  • Once the workflow is deterministic, stop paying the model to repeat it  #AISecurity #LLMSecurity #CyberSecurity #ArtificialIntelligence #SecOps #SOC #InfoSec #BHIS #AppSec #PromptEngineering #securityarchitecture ----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ (00:00) - Intro: When the AI Triage Assistant Gets Expensive (01:27) - The Setup: Saving Money Without Killing the Workflow (02:22) - Right-Size the Model: Cheap for Routine, Big for Hard (05:36) - Testing Smaller Models, Judges & Real SOC Workflows (13:46) - Prompt Caching: The Big Lever Hiding in Plain Sight (18:37) - Batch APIs: Half the Urgency, Lower the Cost (20:19) - Stop Dumping Logs: Less Noise, Better Answers (24:20) - RAG, Dedupe, Budgets & the Deterministic Code Bonus Click here to watch this episode on YouTube. Creators & Guests Ethan Robish - Guest Derek Banks - Host Brian Fehrman - Host Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    30 min

  5. Jun 1 ·  Video

    Is It the Model or the Harness? | Episode 54

    In this episode of BHIS Presents: AI Security Ops, the team tackles a foundational question in modern AI security: Is the real risk in the model… or in the harness around it? For years, most conversations have focused on model behavior — prompt injection, refusals, alignment, and safety controls. But as AI systems evolve into full agents with tools, memory, and execution capabilities, the focus is shifting. Increasingly, the real security boundary isn’t the model itself — it’s the harness: the code, integrations, permissions, and workflows that give AI systems real-world power. And that shift has massive implications for how we think about AI risk. We dig into:• What “model vs. harness” actually means in practical terms• Why defenders often blame the model for issues caused by the harness• How agent architectures expand the attack surface beyond prompts• The role of tools, memory, and execution in modern AI systems• Why prompt injection is often a harness design failure• How real-world AI exploits increasingly target integrations, not models• The limits of model-level safety and refusal behavior• Why harness design is becoming the new security perimeter• How AI agents move from “text generators” to “action-takers”• What defenders should focus on when securing AI systems This episode explores a critical shift in AI security: the model might generate the response — but the harness determines the impact. ⸻ 📚 Key Concepts & Topics Model vs Harness• Model = core AI (weights, training, inference)• Harness = surrounding system (tools, APIs, execution layers)• Separation of generation vs. action AI Security Risks• Prompt injection vs. system-level vulnerabilities• Misplaced trust in model-level protections• Expanding attack surface through integrations Agent Architectures• Tool use, memory, and multi-step reasoning• Code execution and external system access• Transition from passive models to active agents Defensive Strategy• Securing the harness as the primary control layer• Limiting permissions and external integrations• Designing safe execution environments for AI AI Safety vs Security• Refusal behavior and alignment limitations• Why safety ≠ security in agent systems• Need for defense-in-depth beyond the model #AISecurity #LLMSecurity #CyberSecurity #ArtificialIntelligence #AIAgents #InfoSec #BHIS #AppSec #aiarchitecture ----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ (00:00) - Intro: AI Security Ops & Episode Setup (00:26) - The Core Question: Model vs Harness (02:08) - Defining the Model: What It Actually Does (05:02) - Defining the Harness: Tools, Code & Capabilities (06:56) - Why Security Is Shifting Toward the Harness (13:05) - Being Secure and Being useful (16:20) - AI Agents, Tooling & Expanding Attack Surface Click here to watch this episode on YouTube. Creators & Guests Derek Banks - Host Brian Fehrman - Host Bronwen Aker - Host Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    20 min
  6. AI News | Episode 53

    May 22 ·  Video

    AI News | Episode 53

    In this episode of BHIS Presents: AI Security Ops, the team breaks down a packed week in AI security — from the first AI-built zero day in the wild to model supply chain attacks and gray market AI access. What used to be theoretical is now operational. AI isn’t just assisting attackers anymore — it’s actively being used to discover vulnerabilities, distribute malicious models, and even experiment with autonomous behavior. Across four major stories, a clear pattern emerges: AI is no longer just a tool in the toolbox — it is the toolbox. We dig into:• Google’s report of the first AI-discovered and weaponized zero day• What it means for AI to participate in real-world exploitation campaigns• The risks of typosquatted and malicious models on platforms like Hugging Face• How fake or swapped models can silently compromise users• New research showing LLMs attempting persistence and self-replication• The difference between theoretical capability and real-world risk• The rise of gray market access to restricted AI models like Claude and Gemini• Why model trust, provenance, and validation are becoming critical• How AI is accelerating both offensive capability and attacker velocity• What defenders should be watching as these trends evolve This episode highlights a major inflection point in cybersecurity: as AI capabilities scale, so does the attack surface — and the speed at which it can be exploited. ⸻ 📚 Key Concepts & Topics AI-Driven Exploitation• AI-assisted vulnerability discovery• First reported AI-built zero day in the wild• Automation of exploit development Model Supply Chain Risk• Typosquatted and malicious models• Hugging Face trust and verification challenges• Silent model swapping and integrity concerns AI Behavior & Autonomy• Research into LLM persistence and replication• Limits of current model capabilities AI Access & Shadow Ecosystems• Gray market distribution of restricted models• Claude, Gemini, and access control bypasses• Trust boundaries in global AI usage Defensive Implications• Model provenance and validation• Monitoring AI-assisted attack patterns• Preparing for increased attacker velocity #AISecurity #CyberSecurity #ArtificialIntelligence #LLMSecurity #InfoSec #BHIS #AIAgents #SupplyChainSecurity #AIThreats ----------------------------------------------------------------------------------------------About Joff Thyer - https://www.blackhillsinfosec.com/team/joff-thyer/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/ (00:00) - Intro: AI Security News & Big Week Overview (00:47) - Sponsors & Show Setup (01:34) - AI-Built Zero Day: Google’s Disclosure (02:39) - Skepticism, Validation & “Trust Me Bro” Problem (07:41) - Chinese Gray Market & Model Access Risks (14:11) - Hugging Face Typosquatting & Fake Models (18:05) - LLM Self-Replication Research & Realistic Threats (24:16) - Final Takeaways: AI as the New Attack Surface Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Derek Banks - Host Bronwen Aker - Host Ethan Robish - Guest Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    29 min
  7. Agent Pentest Benchmarking | Episode 52

    May 14 ·  Video

    Agent Pentest Benchmarking | Episode 52

    In this episode of BHIS Presents: AI Security Ops, the team breaks down a new benchmarking framework designed to evaluate AI pentesting agents against real-world offensive security scenarios. What began as experimental evaluation of “can AI hack?” has quickly shifted into something much closer to operational reality. Organizations are now seeing a surge in agentic tooling and automated pentesting workflows, where human-guided AI systems consistently outperform fully autonomous agents in complex, unsupervised environments. As AI tooling evolves, teams must balance speed with validation, monitoring, and oversight as offensive capabilities outpace defenses. We dig into: The new “AutoPenBench” framework for benchmarking AI pentesting agentsWhy fully autonomous AI hacking only achieved a 21% success rateHow human-assisted AI workflows increased success rates to 64%Testing AI agents against Log4Shell, Heartbleed, Spring4Shell, and classic web exploitsWhy modern offensive AI systems still require heavy human oversight and validationHow custom internal AI frameworks are already finding vulnerabilities humans missedThe operational role of prompt engineering, scaffolding, and agent memoryReal examples of AI agents mis-scoping infrastructure and chasing irrelevant targetsHow AI lowers the barrier for ransomware operations and offensive capability developmentWhy defensive teams need stronger edge visibility, packet capture, and AI-aware monitoring strategies⸻ 📚 Key Concepts & Topics AI Pentesting & Agentic Security Autonomous AI hacking agentsAgentic AI workflowsAI-assisted penetration testingOffensive security automation Benchmarking & Evaluation AutoPenBenchAI security benchmarkingHuman-in-the-loop validationLong-horizon task evaluation Offensive Security Operations SQL injectionPath traversalLog4Shell / Heartbleed / Spring4ShellKali Linux offensive tooling AI Infrastructure & Model Operations Prompt engineeringPersistent agent memoryRoleplay jailbreak techniquesGuardrail reduction strategies Defensive Security Strategy Defense in depthEdge network monitoringZeek network analysisPacket capture visibility Industry & Threat Implications AI-enabled ransomware operationsAI-assisted red teamingInfrastructure scoping failures Operational scalability challenges#AISecurity #CyberSecurity #Pentesting #AIAgents #RedTeam #EthicalHacking #CyberDefense---------------------------------------------------------------------------------------------- (00:00) - Video Intro and Sponsor (01:20) - Al Pentesting Benchmark Overview (02:11) - How AutoPenBench Works (03:44) - Real World Results and Experience (05:16) - Real World Results and Experience (06:48) - Human and Al Collaboration (07:38) - Improving Al Agent Workflows (08:56) - Model Limitations and Updates (10:35) - Jailbreaks and Model Guardrails (13:16) - Provider Controls and Trust Factors (14:41) - Lower Barrier for Cyber Attacks (15:39) - Defensive Security Implications (16:59) - Why Red Teams Need Al Now Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Derek Banks - Host Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    18 min
  8. AI and Bug Bounties | Episode 51

    May 11 ·  Video

    AI and Bug Bounties | Episode 51

    In this episode of BHIS Presents: AI Security Ops, the team breaks down a growing problem in cybersecurity: AI-generated bug bounty “slop” overwhelming the system. What started as a powerful way to crowdsource vulnerability discovery is now hitting a breaking point. Programs like cURL’s bug bounty and platforms like HackerOne are seeing a massive surge in submissions — but fewer and fewer of them are actually valid. The result? Security teams spending hours reviewing reports that go nowhere, while real vulnerabilities risk getting buried in the noise. We dig into:• Why cURL shut down its bug bounty program after years of success• How valid reports dropped from 1-in-6 to 1-in-20• What “death by a thousand slops” actually looks like in practice• How AI is flooding programs with low-quality vulnerability reports• The difference between “theoretical” vs. exploitable vulnerabilities• Why reviewing findings is now harder than generating them• How HackerOne is responding to the surge in submissions• Whether AI can be used to filter AI-generated noise• The role of reproducibility and proof-of-impact in triage• Why human expertise still matters in vulnerability validation This episode explores a critical shift in security operations: when vulnerability discovery becomes cheap and automated, validation and triage become the real bottleneck. ⸻ 📚 Key Concepts & Topics Bug Bounty Programs & Triage• Submission quality vs. volume imbalance• Signal-to-noise challenges in vulnerability pipelines• The growing burden of manual validation AI in Vulnerability Discovery• Automated scanning vs. real exploitability• AI-generated findings and false positives• The “editor’s dilemma” — review vs. generation AI Security Risks• Lower barrier to entry for vulnerability discovery• Over-reliance on AI without domain expertise• Flooding systems with low-quality submissions Defensive Strategy• Requiring reproducible steps and proof-of-impact• Using AI to pre-filter vulnerability reports• Combining human expertise with AI tooling Industry Impact• cURL bug bounty shutdown• HackerOne submission pause• Shifting economics of vulnerability research #AISecurity #BugBounty #CyberSecurity #LLMSecurity #ArtificialIntelligence #InfoSec #BHIS #AIAgents #AppSec---------------------------------------------------------------------------------------------- (00:00) - Intro: Bug Bounty Burnout & AI Noise (01:14) - cURL Kills Its Bug Bounty Program (02:05) - “Death by a Thousand Slops” Explained (03:42) - AI vs Vulnerability Scanners: Signal vs Noise (04:38) - HackerOne Pauses Submissions & Industry Impact (05:41) - Can AI Filter AI? Proposed Solutions (07:49) - Why Humans Still Matter in Validation (12:55) - Final Takeaway: AI as a Tool, Not a Replacement Click here to watch this episode on YouTube. Creators & Guests Ethan Robish - Guest Bronwen Aker - Host Brian Fehrman - Host Derek Banks - Host Brought to you by: Black Hills Information Security  https://www.blackhillsinfosec.com Antisyphon Training https://www.antisyphontraining.com/ Active Countermeasures https://www.activecountermeasures.com Wild West Hackin Fest https://wildwesthackinfest.com 🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.

    14 min
See All (59)

Trailer

2.1
out of 5
13 Ratings

About

Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).

Information

  • Creator
    Black Hills Information Security
  • Years Active
    2025 - 2026
  • Episodes
    59
  • Rating
    Clean
  • Copyright
    © 2025 Black Hills Information Security
  • Show Website
    AI Security Ops

You Might Also Like