Sign up to save your podcasts
Or
Share Mark Dowd on AI hacking, exploit chains, zero-day sales
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Mark Dowd on AI hacking, exploit chains, zero-day sales
(Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)
Three Buddy Problem - Episode 95: Vigilant Labs director Mark Dowd joins the show to shed light on the state of offensive research, the economics of the exploit market, and why "Mark Dowd in a box" isn't quite the threat the AI hype machine suggests. He talks through the daily stresses of running an offensive shop, how AI is reshaping vulnerability discovery, exploit development, and the pricing of full exploit chains.
Plus, thoughts on Lockdown Mode and Apple's MIE, whether mitigations actually work or just push attackers toward less access, the rise of HarmonyOS and the Balkanization of device security, persistence, baseband attacks, GrapheneOS, and Samsung Knox.
We discuss customer vetting and OpSec fears, policymakers who've never written an exploit, and the strange afterlife of The Art of Software Security Assessment, the 20-year-old book now possibly training data for the very tools coming for his job.
Cast: Mark Dowd, Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Timestamps:
0:00 Introductions
4:28 The origin story of Azimuth: why go offensive?
6:26 Stresses of running an offensive research business
12:10 "Mark Dowd in a box" — is AI an existential threat to vuln research?
16:13 Using AI in workflow: frontier models vs. local models
22:05 AI in bug-finding vs. exploit implementation
30:30 Watching AI tear through a firmware backdoor
38:23 Artificial guardrails and the "POC" wall
43:25 Will AI commoditize 0days? The high-end vs. low-end vendor split
57:30 How AI disrupts exploit chain pricing
1:05:18 Does persistence still matter? Should you reboot your phone?
1:09:33 Lockdown Mode, MIE, and Apple's "never been compromised" claim
1:14:25 Do mitigations really work, or are we stuck in an endless loop?
1:23:25 Android vs. iOS vs. Huawei's HarmonyOS Next
1:34:44 Exploit leaks, customer vetting, and OpSec fears
1:41:37 GrapheneOS, Samsung Knox and baseband attacks
1:53:56 Did the exploit market save us from encryption backdoors?
1:55:11 What does the threat-intel community get wrong about vuln research?
Links:
- Transcript
- Vigilant Labs
- Mark Dowd at BlueHat: Inside the Zero Day Market
- The Art of Software Security Assessment [Book]
- Mark Dowd on X
- Trenchant, Peter Williams, and the proliferation of a Shadow Brokers-level iOS exploit framework
- Apple: Memory Integrity Enforcement
- Cost of Sandboxing Prompts Shift to Memory-Safe Languages
- Dowd: Memory Corruption Mitigations Doing Their Job
- TLPBLACK
- LABScon 2026 Call for Papers
- Apple paying big bounty for wireless proximity-based attacks
View all episodes
By Security Conversations
4.9
6161 ratings
(Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.)
Three Buddy Problem - Episode 95: Vigilant Labs director Mark Dowd joins the show to shed light on the state of offensive research, the economics of the exploit market, and why "Mark Dowd in a box" isn't quite the threat the AI hype machine suggests. He talks through the daily stresses of running an offensive shop, how AI is reshaping vulnerability discovery, exploit development, and the pricing of full exploit chains.
Plus, thoughts on Lockdown Mode and Apple's MIE, whether mitigations actually work or just push attackers toward less access, the rise of HarmonyOS and the Balkanization of device security, persistence, baseband attacks, GrapheneOS, and Samsung Knox.
We discuss customer vetting and OpSec fears, policymakers who've never written an exploit, and the strange afterlife of The Art of Software Security Assessment, the 20-year-old book now possibly training data for the very tools coming for his job.
Cast: Mark Dowd, Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.
Timestamps:
0:00 Introductions
4:28 The origin story of Azimuth: why go offensive?
6:26 Stresses of running an offensive research business
12:10 "Mark Dowd in a box" — is AI an existential threat to vuln research?
16:13 Using AI in workflow: frontier models vs. local models
22:05 AI in bug-finding vs. exploit implementation
30:30 Watching AI tear through a firmware backdoor
38:23 Artificial guardrails and the "POC" wall
43:25 Will AI commoditize 0days? The high-end vs. low-end vendor split
57:30 How AI disrupts exploit chain pricing
1:05:18 Does persistence still matter? Should you reboot your phone?
1:09:33 Lockdown Mode, MIE, and Apple's "never been compromised" claim
1:14:25 Do mitigations really work, or are we stuck in an endless loop?
1:23:25 Android vs. iOS vs. Huawei's HarmonyOS Next
1:34:44 Exploit leaks, customer vetting, and OpSec fears
1:41:37 GrapheneOS, Samsung Knox and baseband attacks
1:53:56 Did the exploit market save us from encryption backdoors?
1:55:11 What does the threat-intel community get wrong about vuln research?
Links:
- Transcript
- Vigilant Labs
- Mark Dowd at BlueHat: Inside the Zero Day Market
- The Art of Software Security Assessment [Book]
- Mark Dowd on X
- Trenchant, Peter Williams, and the proliferation of a Shadow Brokers-level iOS exploit framework
- Apple: Memory Integrity Enforcement
- Cost of Sandboxing Prompts Shift to Memory-Safe Languages
- Dowd: Memory Corruption Mitigations Doing Their Job
- TLPBLACK
- LABScon 2026 Call for Papers
- Apple paying big bounty for wireless proximity-based attacks
More shows like Three Buddy Problem
View all
Hacked
187 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
317 Listeners
Click Here
418 Listeners
Darknet Diaries
8,077 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
315 Listeners
CISO Series Podcast
195 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
139 Listeners
Risky Bulletin
45 Listeners
The 404 Media Podcast
398 Listeners