Sign up to save your podcasts
Or
Share #280 - Mythos and the Future of Vulnerability Operations (with Gadi Evron)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
#280 - Mythos and the Future of Vulnerability Operations (with Gadi Evron)
In this episode of CISO Tradecraft, host G Mark Hardy speaks with Gadi Evron about the paper “The AI Vulnerability Storm Building: A Mythos Ready Security Program,” a community-driven draft produced in days with extensive input from security leaders. Evron explains how advances in LLMs and agents are accelerating vulnerability discovery and exploitation, shrinking time-to-exploit assumptions and likely increasing the volume of real vulnerability reports and patches. They discuss separating hype from real risk, the impact of Anthropic’s Mythos and limited access via Project Glasswing, and what CISOs should do now: adopt agents to operate at machine speed, use them defensively to find issues, build “vuln ops” capabilities, secure coding agents in the enterprise, and communicate shifting risk metrics to boards. They also preview the next Unprompted conference planned for September.
VulnAxis - https://vulnaxis.com/
Gadi Evron - https://www.linkedin.com/in/gadievron/
Knostic - https://www.knostic.ai/
The AI Vulnerability Storm Paper - https://labs.cloudsecurityalliance.org/mythos-ciso/
Unprompted - https://unpromptedcon.org/
View all episodes
By G Mark Hardy & Ross Young
4.8
4848 ratings
In this episode of CISO Tradecraft, host G Mark Hardy speaks with Gadi Evron about the paper “The AI Vulnerability Storm Building: A Mythos Ready Security Program,” a community-driven draft produced in days with extensive input from security leaders. Evron explains how advances in LLMs and agents are accelerating vulnerability discovery and exploitation, shrinking time-to-exploit assumptions and likely increasing the volume of real vulnerability reports and patches. They discuss separating hype from real risk, the impact of Anthropic’s Mythos and limited access via Project Glasswing, and what CISOs should do now: adopt agents to operate at machine speed, use them defensively to find issues, build “vuln ops” capabilities, secure coding agents in the enterprise, and communicate shifting risk metrics to boards. They also preview the next Unprompted conference planned for September.
VulnAxis - https://vulnaxis.com/
Gadi Evron - https://www.linkedin.com/in/gadievron/
Knostic - https://www.knostic.ai/
The AI Vulnerability Storm Paper - https://labs.cloudsecurityalliance.org/mythos-ciso/
Unprompted - https://unpromptedcon.org/
More shows like CISO Tradecraft®
View all
Hacked
187 Listeners
Security Now (Audio)
2,011 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
317 Listeners
Darknet Diaries
8,077 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
195 Listeners
Defense in Depth
73 Listeners
The New CISO
40 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
45 Listeners