The Human Aspect of Red Teams – Brian Fox, Tom Tovar, T. Gwyddon ‘Data’ Owen – ASW #379
Red team exercises set goals to see if a particular outcome can be accomplished through a simulated attack, but the ultimate outcome should be educating the org about how to improve tools and processes that make attacks more difficult to succeed. Gwyddon "Data" Owen shares his experience building a red team, creating an exercise, and leveraging the results to improve security. And while the adoption of LLMs will accelerate a red team's activities, there are still plenty of foundational security controls that orgs can establish that would require a red team to be more than just fast, but fast and very careful.
Coding Agents Are Getting More Cautious, But Not Safer
A new study finds that while frontier AI coding models are hallucinating less than they did a year ago, they still preserve a significant amount of avoidable software risk when left ungrounded. Sonatype’s research shows that connecting these models to real-time software intelligence dramatically improves remediation quality and reduces critical and high-severity vulnerability exposure by 60–70%. The takeaway is clear: safer AI-assisted development will depend not just on better models, but on grounding them in accurate, current dependency and vulnerability data.
This segment is sponsored by Sonatype. Read the study: https://securityweekly.com/sonatypersac
How We Achieve Agentic Outcomes in CyberSecurity: The “Do-It-For-Me” Mobile Defense
If you look at deepfakes, synthetic identity, social engineering, and new malware variants coming to market, it seems like attackers have a first-mover advantage in using AI. The volume and variety of threats are growing faster than the current cyber stack can address. Against this backdrop, organizations are moving away from “do-it-yourself” delivery models (more tools, more alerts, more headcount) to “do-it-for-me” agentic AI delivery models (using platforms that unify data, execute policy, and automate outcomes). The emphasis outside of cyber is on empowering the expert human-in-the-loop — so teams spend less time in the noise and more time delivering business outcomes. This segment explores how cybersecurity leaders can make the most of the AI Age, leveraging it for good while staying relevant amid the explosive AI adoption curve.
This segment is sponsored by Appdome. Visit https://securityweekly.com/appdomersac to learn more about them!
Brian Fox is CTO and co-founder of Sonatype, with more than 20 years of experience spanning software development, open source, and cybersecurity. A founder of Maven Central and former chair of the Apache Maven project, he also serves in leadership and advisory roles with OpenSSF, FINOS, Singapore’s CTREX Panel, and the Apache Software Foundation.
Tom Tovar is the co-creator and CEO of Appdome, a one-stop shop for mobile app defense. He’s a self-taught product creator, mobile app coder, hacker. He’s serves as product advisor on several venture funded cyber companies, and previously as executive chairman of Badgeville, an enterprise digital motivation platform acquired by CallidusCloud, in several executive positions, including CEO, of Nominum, an intelligent-DNS security and services provider that was acquired by Akamai, and chief compliance officer, and operational executive in charge of business and corporate development, legal and channel at Netscreen Technologies acquired by Juniper Networks for $5B. He began his career as a corporate and securities attorney with Cooley Godward LLP. Tovar holds a JD from Stanford Law School and a BBA in finance and accounting from the University of Houston.
Gwyddon (“Gwee-thin”) or ‘data’ (yes, like the character on Star Trek) is a retired Air Force Cyber Warfare Officer who’s been on the cutting edge of cyber security since 2003 and operational technology security since 2012, when his work exposed critical vulnerabilities. These revelations triggered over $1.5 billion in federal spending that year, started programs that are still running today, and at least one Presidential executive order. With over 20 years defeating nation-state adversaries across air, land, sea, space, and cyberspace—and certifications spanning every NSA Red Team and CYBERCOM offensive work role—he now brings that hard-won expertise to Tennessee’s critical infrastructure. As Director of Cyber & Technology for Universal Strategy Group, ‘data’ provides the technical backbone for Tennessee’s ambitious goal to become the most secure State in the Nation. He’s a USAF Academy and Air Force Institute of Technology grad who’s run cyber operations with every Five Eyes partner, and he understands that protecting power grids, water systems, and industrial controls requires a fundamentally different approach than traditional IT security.
