In this episode, Nico Waisman, CISO at XBOW, explains how XBOW uses autonomous AI agents to run continuous, incremental penetration testing without triggering false-positive avalanches or taking down production systems. Joining him are Jacob Combs, CISO at Tandem Diabetes Care, and Davi Ottenheimer, president at Flying Penguin.

Want to know:

• Why can't traditional pen tests keep up with modern attack surfaces?
• How XBOW's attack credit model maps to the way security teams already size testing effort?
• What stops an autonomous pen testing agent from causing real damage in production?
• How incremental testing works when a new pull request changes the application?
• Where XBOW is headed on prompt injection and LLM-specific vulnerabilities?
• How you audit what the AI actually did during an assessment?
• What novel vulnerability chains are emerging as AI reasoning models get more capable?

Check out the episode for the answers you need.

Huge thanks to our sponsor, XBOW