Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How to scan your code bases using AI for vulnerabilities with Jeff McJunkin

Join us for this week's Defender Fridays as Jeff McJunkin, Founder of Rogue Valley Information Security, walks through how he built an AI-powered pipeline to scan large codebases for real, exploitable vulnerabilities, using the Linux kernel as his proving ground. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Fingerprinting AI Attacks: Detection Every SOC Needs

Revisiting a conversation between LimaCharlie co-founder Christopher Luft and Chris Cochran, Field CISO & Vice President of AI Security at SANS Institute, on The Cybersecurity Defenders Podcast. For most of cybersecurity’s history, defenders could operate under a safe assumption: somewhere on the other end of an attack, a human was making decisions. Scripts might automate parts of the kill chain, tools might accelerate execution, but a person was in the loop.

Unexpected hurdles creating U.S. cyber policies

The early days of U.S. cyber policy were defined by agencies that had no common language and no playbook to follow. J. Michael Daniel, President and CEO of Cyber Threat Alliance and former White House cybersecurity coordinator, talks through what it actually took to coordinate cyber policy across the federal government, build public-private partnerships that work, and stand up an intelligence sharing organization that serves the entire cybersecurity industry.

AI SecOps Worskhop Series: Accelerating Cloud Security Operations with Claude Code and LimaCharlie

In this workshop we will show how to use Claude Code with LimaCharlie to accelerate cloud security operations. We will have Claude Code deploy agents, create detections and identify issues before they become incidents. This hands-on workshop is designed to demonstrate the transformative power of integrating Anthropic's Claude Code, with the versatile security platform, LimaCharlie. Our focus will be on leveraging the capabilities of Claude Code to significantly accelerate and streamline various aspects of cloud security operations, turning reactive tasks into proactive, automated workflows.

Logging Is Not Observability: The AI Security Gap MSSPs Can't Ignore

Every MSSP is fielding the same question from clients right now:"Are we safe with AI?" Most are answering with some version of"yes, we're logging everything." In a recent Defender Fridays episode, Saurabh Shintre, Founder and CEO of Realm Labs drew a hard line between these two concepts."You can log prompt and response and this bare minimum you have to do.

When Claude Code Hunts Cobalt Strike: Agentic Security Operations in Action

Security teams enter an asymmetric battle when adversaries freely use AI to wage attacks. The aggressors are armed with top-tier capabilities. Defenders hesitate to adopt AI they can't see, trust, or control. SecOps teams are drowning in alerts and outpaced by adversaries who are unafraid to automate everything. The solution isn't another dashboard or another AI chatbot offering recommendations.

LimaCharlie is the most secure way to run AI security agents

The idea that AI agents will run security operations is becoming reality. But most platforms ignore the most important question: how do you secure the agents themselves? In this video I walk through why LimaCharlie is the most secure platform for running agentic security operations and demonstrate the architectural controls that make it possible. We look at the core mechanisms that allow AI agents to operate safely inside a SecOps environment, including.

Agentic AI at risk after MCP design flaw discovery? #ai #cybersecurity #podcast

In this week's Intel Chat, Chris Luft and Matt Bromiley discuss a design flaw in Anthropic's Model Context Protocol (MCP) that could enable large-scale supply chain attacks on agentic AI systems. Researchers at OX Security found that MCP's command execution allows malicious commands to run silently without sanitization checks or warnings.

China-linked group targets cloud, Russian cyber espionage, agentic AI systems flaw & Nginx [313]

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community. Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows.