Sign up to save your podcasts
Or
Share From Blue Team Challenges to AI Innovations: A Conversation with Jason Haddix
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
From Blue Team Challenges to AI Innovations: A Conversation with Jason Haddix
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Jason Haddix — CISO veteran, AI security thought leader, and founder of Arcanum Information Security — for a wide-ranging conversation on where AI is actually headed in cybersecurity, and what blue teamers need to know right now.
Jason shares what he's learned from running AI scaling assessments inside major enterprises, why most organizations are still in the early stages of AI adoption, and how the industry needs to stop thinking about AI security like traditional web app security. He breaks down the stages of AI adoption (from custom bots to agents), explains why input validation is a losing game for LLM security, and makes the case for classifiers, guardrails, and LLM-based routing as the real defense-in-depth play for AI systems.
Wade and Jason also revisit the Red Blue Purple AI course, talk through how RAG and context engineering are transforming what's possible for blue teamers, and discuss why the credential leakage problem is still one of the biggest vectors defenders aren't taking seriously enough.
Topics covered:
- Why CTI struggles to prove value — and where it actually matters most
- Stealer logs, credential leakage, and when rolling an account isn't enough
- AI adoption stages: custom bots → RAG → agents
- Why SOAR skepticism is a preview of AI hesitancy
- Context engineering vs. prompt engineering
- Defending AI systems: prompt-level protections, classifiers, guardrails, and LLM routing
- When does a prompt become IP?
- Jason's advice for blue teamers: embrace AI as a tool, find your annoying tasks, and start chipping away
Connect with Jason Haddix:
- Twitter/X: @jhaddix
- Arcanum Information Security: arcanam-sec.com
- GitHub (free tools & resources): ARCanum Information Security on GitHub
- Newsletter: Executive Offense by Jay Haddix
Resources mentioned:
- Red Blue Purple AI Course (ARCanum)
- Flare (threat intelligence / credential monitoring): flare.io
- Detections.ai
Connect with the Hosts:
- Josh Mason: linkedin.com/in/joshuacmason
- Wade Wells: linkedin.com/in/wadingthrulogs
View all episodes
By Simply Cyber Media Group
5
22 ratings
In this episode of Simply Defensive, Josh Mason and Wade Wells sit down with Jason Haddix — CISO veteran, AI security thought leader, and founder of Arcanum Information Security — for a wide-ranging conversation on where AI is actually headed in cybersecurity, and what blue teamers need to know right now.
Jason shares what he's learned from running AI scaling assessments inside major enterprises, why most organizations are still in the early stages of AI adoption, and how the industry needs to stop thinking about AI security like traditional web app security. He breaks down the stages of AI adoption (from custom bots to agents), explains why input validation is a losing game for LLM security, and makes the case for classifiers, guardrails, and LLM-based routing as the real defense-in-depth play for AI systems.
Wade and Jason also revisit the Red Blue Purple AI course, talk through how RAG and context engineering are transforming what's possible for blue teamers, and discuss why the credential leakage problem is still one of the biggest vectors defenders aren't taking seriously enough.
Topics covered:
- Why CTI struggles to prove value — and where it actually matters most
- Stealer logs, credential leakage, and when rolling an account isn't enough
- AI adoption stages: custom bots → RAG → agents
- Why SOAR skepticism is a preview of AI hesitancy
- Context engineering vs. prompt engineering
- Defending AI systems: prompt-level protections, classifiers, guardrails, and LLM routing
- When does a prompt become IP?
- Jason's advice for blue teamers: embrace AI as a tool, find your annoying tasks, and start chipping away
Connect with Jason Haddix:
- Twitter/X: @jhaddix
- Arcanum Information Security: arcanam-sec.com
- GitHub (free tools & resources): ARCanum Information Security on GitHub
- Newsletter: Executive Offense by Jay Haddix
Resources mentioned:
- Red Blue Purple AI Course (ARCanum)
- Flare (threat intelligence / credential monitoring): flare.io
- Detections.ai
Connect with the Hosts:
- Josh Mason: linkedin.com/in/joshuacmason
- Wade Wells: linkedin.com/in/wadingthrulogs
More shows like Simply Defensive
View all
Security Now (Audio)
2,009 Listeners
Darknet Diaries
8,086 Listeners
Phillip Wylie Show
18 Listeners
Simply ICS Cyber
0 Listeners
Simply Offensive
3 Listeners