Full episode and show notes

AI-Based Web Attack Testing – Tom Pore – BH25 #1

In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks. What’s happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape. The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover h...

This episode is sponsored by
Full Segment Notes

In this exclusive Black Hat 2025 interview, CyberRisk TV host Matt Alderman sits down with Tom Pore, AVP of Sales Engineering at Pentera, to dive into the rapidly evolving world of AI-driven cyberattacks.

What’s happening? Attackers are already using AI and LLMs to launch thousands of attacks per second—targeting modern web apps, exploiting PII, and bypassing traditional testing methods. Tom explains how automated AI payload generation, context-aware red teaming, and language/system-aware attack modeling are reshaping the security landscape.

The twist? Pentera flips the script by empowering security teams to think like an attacker—using continuous, AI-powered penetration testing to uncover hidden risks before threat actors do. This includes finding hardcoded credentials, leveraging leaked identities, and pivoting across systems just like real adversaries.

Key Topics Covered: AI-based web app testing Real-time threat simulation PII detection using NLP Automated credential extraction Vibe red teaming and AI coding Security strategy for CISOs in the age of GenAI

To learn more about Pentera's proactive Ransomware testing please visit: https://securityweekly.com/penterabh

Key Moments
  • 0:00 - Intro from Black Hat 2025
  • 0:30 - How Attackers Are Using AI Today
  • 01:49 - The Shift to Continuous Application Testing
  • 02:31 - Pentera’s New AI-Driven Web Attack Capability
  • 03:27 - Using LLMs & NLP for Context-Aware Attacks
  • 04:42 - Identifying and Pivoting on Sensitive Data
  • 05:06 - Credential Extraction & Recursive Testing
  • 06:37 - Language, Culture, and System-Aware Payloads
  • 07:49 - Solving Authentication Challenges in Testing
  • 10:10 - The Future of AI in Red vs Blue Teaming
Guest
AVP, Sales Engineering at Pentera

Thomas Pore is the AVP of Sales Engineering at Pentera, where he helps organizations close real-world security gaps through automated validation and offensive expertise. With over 20 years in network security, his background spans NDR, encrypted traffic analysis, ethical hacking, and hands-on incident response. His insights come from the front lines—uncovering how attackers succeed and helping defenders take back control.

Show More

Stay in the Know, No Smoke and Mirrors – Join Our Newsletter

Get expert insights and technical breakdowns straight to your inbox.
Join Now

Related Segments

Related Content

You can skip this ad in 5 seconds