Generative AI is poised to revolutionize vulnerability discovery in critical infrastructure, but will it actually fix the problem, or just shift the burden?
The recent AI Cybersecurity Challenge (AIxCC), a two-year competition sponsored by the US Defense Advanced Research Projects Agency (DARPA) and Advanced Research Projects Agency for Health (ARPA-H), crowned winners whose AI systems autonomously discovered and patched zero-day flaws in real-world code.
Now, with models potentially going open-source, the implications for defenders, attackers and policymakers are seismic.
In this episode, we sat down with Taesoo Kim, the leader of Team Atlanta, the AIxCC winning team, and Andrew Carney, program manager for the AIxCC at DARPA and ARPA-H.
In the interview (13.56), they discuss why the commercialization of GenAI-powered vulnerability scanning tools could be just around the corner and how "self-healing infrastructure" might soon become a reality.
All content for Infosecurity Magazine Podcast is the property of Infosecurity Magazine and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Generative AI is poised to revolutionize vulnerability discovery in critical infrastructure, but will it actually fix the problem, or just shift the burden?
The recent AI Cybersecurity Challenge (AIxCC), a two-year competition sponsored by the US Defense Advanced Research Projects Agency (DARPA) and Advanced Research Projects Agency for Health (ARPA-H), crowned winners whose AI systems autonomously discovered and patched zero-day flaws in real-world code.
Now, with models potentially going open-source, the implications for defenders, attackers and policymakers are seismic.
In this episode, we sat down with Taesoo Kim, the leader of Team Atlanta, the AIxCC winning team, and Andrew Carney, program manager for the AIxCC at DARPA and ARPA-H.
In the interview (13.56), they discuss why the commercialization of GenAI-powered vulnerability scanning tools could be just around the corner and how "self-healing infrastructure" might soon become a reality.
Inside the MOVEit Attack: Decrypting Clop's TTPs and Empowering Cybersecurity Practitioners
Infosecurity Magazine Podcast
45 minutes 13 seconds
2 years ago
Inside the MOVEit Attack: Decrypting Clop's TTPs and Empowering Cybersecurity Practitioners
Join the Infosecurity Magazine team and guests as they plunge into the heart of a devastating cyber-attack that has impacted the likes of BBC, PwC, and Schneider Electric. In this episode, we delve deep into the world of supply chain attacks, and where the notorious Clop ransomware group capitalizes on a hidden weakness in MOVEit Transfer—a trusted file transfer solution used by thousands of companies.
In an interview with Secureworks, one of the first cybersecurity firms to sound the alarm, we examine the cloak-and-dagger tactics, techniques, and procedures (TTPs) employed by the audacious Clop. Our expert guests unravel the secrets behind the far-reaching impact of this hack, while offering invaluable insights into the crucial steps cybersecurity practitioners must take in the face of such a high-stakes incident.
Tune in now to stay one step ahead in the battle against the relentless forces of cybercrime.
Guests include:
• Rafe Pilling, Director of Threat Research at Secureworks Counter Threat Unit
• William Thomas, CTI Researcher at Equinix Threat Analysis Center (ETAC) & co-founder of Curated Intelligence
• Paul Watts, Distinguished Analyst at the Information Security Forum
This Podcast is sponsored by Mandiant’s mWISE Conference, click here to register.
Infosecurity Magazine Podcast
Generative AI is poised to revolutionize vulnerability discovery in critical infrastructure, but will it actually fix the problem, or just shift the burden?
The recent AI Cybersecurity Challenge (AIxCC), a two-year competition sponsored by the US Defense Advanced Research Projects Agency (DARPA) and Advanced Research Projects Agency for Health (ARPA-H), crowned winners whose AI systems autonomously discovered and patched zero-day flaws in real-world code.
Now, with models potentially going open-source, the implications for defenders, attackers and policymakers are seismic.
In this episode, we sat down with Taesoo Kim, the leader of Team Atlanta, the AIxCC winning team, and Andrew Carney, program manager for the AIxCC at DARPA and ARPA-H.
In the interview (13.56), they discuss why the commercialization of GenAI-powered vulnerability scanning tools could be just around the corner and how "self-healing infrastructure" might soon become a reality.
