1、Pedram Amini,Founder/Hacker/Investor/AdvisorTHE AUGMENTED ERADisrupt or be Disrupted Red/Blue emerged in the 1960s We adopted Red/Blue in 1990s,Purple in 2010 Its and not versus,optimal to cross-train I agree with ye old adages on the matter,the defenders dilemma or attackers advantage Hack and Defe
2、ndGenAI is the Elephant in the Room Biggest technological revolution of our lifetime Weve built technology that has emergent behaviors Heavy pressure towards rapid adoption Security as an afterthought.again 48%of CISOs rank AI security as#1 concern Benefits,problems,threats,solutions20052015202550k
3、View:Exploits and Mitigations Human era.Single researcher could find multiple 0days.Asymmetry favored attackers.Widespread OS and compiler mitigations,bug bounties,budgets.Now it takes a sophisticated team.AI Disruption is here,see actor adoption and significant innovations.Exploitation is Sophistic
4、ated yet Commonplace Nation states and commercial surveillance vendors are the biggest source of ITW 0day Mitigations are strong but stakes are high Mobile bounties leap from$7M to$20M The market is driving innovation 60%of 0day in 2024 targeted defensive security fabricSOTA in Exploitation Automati
5、on XBOW reached#1 on HackerOne in June.Model upgrade to GPT-5 doubled performance.Darpas AIxCC challenge demonstrated a 100 x cost reduction in exploitation at scale.and found a real-world SQLite3 bug.HexStrike orchestration framework has 250+specialized agents.Actors leveraged it to exploit Citrix
6、CVE within hours vs days.50k View:Enterprise Security SIEM era.Detection reliance on signatures.Asymmetry favored attackers.EDR increases observability with a human in the loop.SIEMless era.Cloud scale data lakes and bespoke ML.AI Disruption?Continuous pen testing?AI SOC?Attack Surface?20052015202?2