In the Season 8 premiere of The Virtual CISO Moment, host Greg Schaffer sits down with Corey LeBleu, Founder and CEO of Relix Security, to explore how offensive security and penetration testing are evolving in a world shaped by cloud platforms, AI, and “vibe coding.”

With more than two decades of hands-on experience in application and network penetration testing—including leadership roles at Verizon and boutique consultancies—Corey shares a practitioner’s view of what high-value penetration testing really looks like, and why too many organizations still confuse checkbox scans with meaningful security assurance.

The conversation covers:

• How penetration testing has changed—and hasn’t—in the age of AI

• The risks introduced by low-code/no-code platforms and AI-generated workflows

• Why misconfigured tools and automated scans can create a false sense of security

• What CISOs and vCISOs should demand from penetration test reports to drive real business value

• The difference between vulnerability scanning, penetration testing, and “continuous testing” hype

• Emerging AI-specific attack vectors, including prompt injection and model abuse

• Common client misconceptions about penetration testing and testing frequency

• Translating technical findings into business risk executives can act on

• Managing stress in offensive security and cybersecurity leadership roles

Whether you’re advising clients as a vCISO, running a security program, or evaluating penetration testing vendors, this episode offers grounded guidance on separating signal from noise—and ensuring offensive security investments actually improve risk posture.