Sign up to save your podcasts
Or
Share Startups, You're Doing Security Wrong. Here's the Smarter Cheaper Way to Fix It | Ep 244 | DevReady Podcast
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Startups, You're Doing Security Wrong. Here's the Smarter Cheaper Way to Fix It | Ep 244 | DevReady Podcast
In this episode of the DevReady Podcast, host Anthony Sapountzis is joined by cybersecurity veteran and founder of DarkHorse Security, Grant McCracken. With over 13 years of experience across roles at WhiteHat Security and Bugcrowd, where he led global service delivery, Grant has been at the forefront of application and information security. His deep industry knowledge spans triage engineering, customer success, solutions architecture, and penetration testing, which laid the groundwork for founding DarkHorse. The startup focuses on delivering accessible, affordable, and effective cybersecurity services for small to medium-sized businesses, offering a platform that automates complex security workflows and reduces barriers to entry.
Grant shares the unexpected and organic origin of DarkHorse, which emerged after stepping away from Bugcrowd to figure out his next move. He admits there was no original blueprint, just a desire to use his skills for good. Driven by purpose more than profit, Grant discusses how DarkHorse occasionally operates on a pro-bono basis, particularly for non-profits and organisations with limited budgets. He speaks openly about maintaining sustainability by living simply, and how the ability to work on his own terms has allowed him to create something truly mission-driven. Together, he and Anthony delve into the philosophical tension between doing meaningful work and the traditional pressures of commercial success.
Their conversation also explores Grant’s hacker mindset, one rooted in a relentless curiosity about how things work. He likens ethical hacking to running through a house with a sledgehammer to uncover structural weaknesses: breaking, not fixing, purely to learn. This innate curiosity has not only shaped how Grant approached application security but also how he now builds software systems himself. Through DarkHorse, he’s had the chance to switch hats from breaker to builder, crafting platforms that are both robust and intuitive. Anthony and Grant find common ground in how curiosity powers problem-solving, learning, and innovation across their technical disciplines.
As the discussion turns to the influence of AI, both Grant and Anthony unpack how large language models are reshaping software development and security. Grant notes the rise of novel vulnerabilities like prompt injection, while also pointing out the increased development efficiency tools like Cursor bring. However, they also raise concerns about the diminishing presence of human knowledge-sharing platforms like Stack Overflow, replaced by interactions with AI systems. This shift, they warn, could create future knowledge gaps and dangerous feedback loops where synthetic data trains on itself—degrading the quality and trustworthiness of future models.
To close, Grant outlines the core offering of DarkHorse: a platform that simplifies and standardises penetration testing for modern teams. Rather than relying on outdated and expensive consulting-heavy models, DarkHorse enables organisations to perform high-quality security assessments via a streamlined, self-serve interface. The platform recommends testing approaches based on user input and uses transparent methodologies like the OWASP Testing Guide to ensure rigour. In a landscape lacking clear definitions of what constitutes a valid pen test, Grant takes a firm stance on upholding standards ensuring that organisations aren’t just ticking boxes but actually improving their security posture.
#DevReadyPodcast #Cybersecurity #AI #StartupSecurity #DarkHorseSecurity #GPTReady #AerionTechnologies
View all episodes
By Aerion TechnologiesIn this episode of the DevReady Podcast, host Anthony Sapountzis is joined by cybersecurity veteran and founder of DarkHorse Security, Grant McCracken. With over 13 years of experience across roles at WhiteHat Security and Bugcrowd, where he led global service delivery, Grant has been at the forefront of application and information security. His deep industry knowledge spans triage engineering, customer success, solutions architecture, and penetration testing, which laid the groundwork for founding DarkHorse. The startup focuses on delivering accessible, affordable, and effective cybersecurity services for small to medium-sized businesses, offering a platform that automates complex security workflows and reduces barriers to entry.
Grant shares the unexpected and organic origin of DarkHorse, which emerged after stepping away from Bugcrowd to figure out his next move. He admits there was no original blueprint, just a desire to use his skills for good. Driven by purpose more than profit, Grant discusses how DarkHorse occasionally operates on a pro-bono basis, particularly for non-profits and organisations with limited budgets. He speaks openly about maintaining sustainability by living simply, and how the ability to work on his own terms has allowed him to create something truly mission-driven. Together, he and Anthony delve into the philosophical tension between doing meaningful work and the traditional pressures of commercial success.
Their conversation also explores Grant’s hacker mindset, one rooted in a relentless curiosity about how things work. He likens ethical hacking to running through a house with a sledgehammer to uncover structural weaknesses: breaking, not fixing, purely to learn. This innate curiosity has not only shaped how Grant approached application security but also how he now builds software systems himself. Through DarkHorse, he’s had the chance to switch hats from breaker to builder, crafting platforms that are both robust and intuitive. Anthony and Grant find common ground in how curiosity powers problem-solving, learning, and innovation across their technical disciplines.
As the discussion turns to the influence of AI, both Grant and Anthony unpack how large language models are reshaping software development and security. Grant notes the rise of novel vulnerabilities like prompt injection, while also pointing out the increased development efficiency tools like Cursor bring. However, they also raise concerns about the diminishing presence of human knowledge-sharing platforms like Stack Overflow, replaced by interactions with AI systems. This shift, they warn, could create future knowledge gaps and dangerous feedback loops where synthetic data trains on itself—degrading the quality and trustworthiness of future models.
To close, Grant outlines the core offering of DarkHorse: a platform that simplifies and standardises penetration testing for modern teams. Rather than relying on outdated and expensive consulting-heavy models, DarkHorse enables organisations to perform high-quality security assessments via a streamlined, self-serve interface. The platform recommends testing approaches based on user input and uses transparent methodologies like the OWASP Testing Guide to ensure rigour. In a landscape lacking clear definitions of what constitutes a valid pen test, Grant takes a firm stance on upholding standards ensuring that organisations aren’t just ticking boxes but actually improving their security posture.
#DevReadyPodcast #Cybersecurity #AI #StartupSecurity #DarkHorseSecurity #GPTReady #AerionTechnologies