Hackers Cracked AI Security | Here's How They Did It Artwork

Security Unfiltered

Cyber Security can be a difficult field to not only understand but to also navigate. Joe South is here to help with over a decade of experience across several domains of security. With this podcast I hope to help more people get into IT and Cyber Security as well as discussing modern day Cyber Security topics you may find in the daily news. Come join us as we learn and grow together!

All Episodes

Security Unfiltered

Hackers Cracked AI Security | Here's How They Did It

February 18, 2026 • Joe South • Episode 222

0:00 | 53:40

Send a text

Most cybersecurity stories talk about the hacks, but this episode peels back the curtain on the raw, unfiltered journey of a hacker turned industry pioneer. Jason Haddix shares how his early days of hex editing and fake IDs evolved into leading offensive security at Fortune 100 giants — all driven by relentless curiosity and defiance. His tales of surviving the shadowy underground, navigating multi-year career pivots, and turning obsession into innovation will blow your mind. This isn’t just about tech — it’s about fearlessly forging a path in a chaotic, ever-changing world where knowledge is power and resilience is everything.

You'll discover the secret frameworks behind modern pen testing—like the Bug Hunters Methodology—and how cutting-edge tools are reshaping cybersecurity. Jason dives into his real-world battles: from bypassing the most sophisticated security measures to hacking into critical infrastructure under intense pressure. His insights reveal the brutal truths of red teaming, physical infiltration, and the mental grit required to succeed when everyone else doubts you.

We break down the rise of AI and LLMs in security: how attackers jailbreak systems, bypass defenses with prompt injections, and weaponize new technologies faster than security teams can respond. Jason warns about deploying these powerful tools without enough guardrails or understanding — and how FOMO is fueling a wild, unsecured frontier. His perspective is a call to arms for defenders and hackers alike: adapt fast, think boldly, and stay one step ahead in the most dangerous cyber game yet.

This episode is essential for anyone hungry to understand the raw reality of offensive security, the future of AI in hacking, and the relentless pursuit of mastery in a digital battlefield. Whether you're a seasoned pro, a curious newcomer, or a business leader, Jason’s fearless authenticity will challenge your assumptions and ignite your passion to innovate. Hit play — your fight for security starts now.

Chapters

00:00 Introduction and Background in Cybersecurity
06:05 Early Experiences and Learning in Cybersecurity
12:14 Transitioning to Professional Penetration Testing
18:30 Challenges and Realities of Consulting in Cybersecurity
20:41 Phishing Tests and Their Consequences
23:09 Transitioning to Entrepreneurship
26:05 The Evolution of Training and Consulting
31:18 The Role of AI in Cybersecurity
39:11 Navigating AI Security Challenges
39:11 Understanding LLMs and User Education
41:42 Privacy Concerns and Risk Management in AI
44:32 Prompt Engineering Vulnerabilities and Jailbreaking Techniques
47:03 Security Challenges in AI Systems
49:39 Future of AI and Community Engagement

Support the show

Follow the Podcast on Social Media!

Tesla Referral Code: https://ts.la/joseph675128

YouTube: https://www.youtube.com/@securityunfilteredpodcast

Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast

Affiliates
➡️ OffGrid Faraday Bags: https://offgrid.co/?ref=gabzvajh
➡️ OffGrid Coupon Code: JOE

➡️ Unplugged Phone: https://unplugged.com/
Unplugged's UP Phone - The performance you expect, with the privacy you deserve. Meet the alternative. Use Code UNFILTERED at checkout

*See terms and conditions at affiliated webpages. Offers are subject to change. These are affiliated/paid promotions.

SPEAKER_02: 0:53

How's it going, Jason? It's great to get you on the podcast finally. It's been a couple months since we started trying to get this thing scheduled, and I really appreciate you taking the time, especially during this like crazy holiday season, to come on and talk with me for you know an hour, right?

SPEAKER_01: 1:08

Yeah, it's been yeah, like you said, we were talking before the before the recording button hit of just how crazy it was in December, and you know, like it's hard to schedule time off, but I'm glad we could get it going for sure. Yeah.

SPEAKER_02: 1:18

Yeah, absolutely. Well, Jason, you know, for for those that don't know, right? Maybe they've been living under a rock or something. Why don't you tell people how you got started in cybersecurity? Maybe what was that first experience like that kind of you know tickled your brain, so to speak, in a way that was like, maybe I should go down this route.

SPEAKER_01: 1:38

Yeah. So I mean, like I was always a computer kid, right? Video games, computers. I remember when I was a kid going to a uh we had like a book exchange at school where you could like take a book that you have from home and exchange it for a book that other people brought, you know. And I think one of the books that really like one of the books that I traded for was actually uh like an MS DOS, like a it was like a thick, chonky book. Like it was huge. And uh so like I had a computer at a very young age. My dad, he recognized right away that computer, you know, like personal computers were gonna be like a thing. And uh, and so I learned DOS at a pretty young age. And so I was hacking games and stuff like that, you know, with very simple like text editing, hex editing, and then memory editing at a pretty early age. But I kind of fell out of it, you know, I never didn't think that there was a career in that. And then in my early, and in my well, actually, when I was 20, a whole bunch of my friends were older than me. And so they were all going to the bars already to go out and drink and stuff like that. And so, you know, I asked one of my buddies, I was like, hey, do you know anybody who could get me a fake ID? And he was like, Yeah, he's like, I can get you a fake ID. And so, you know, back then it was it was a prohibitive amount of money for a college student, right? It was like a hundred, 150 bucks for a fake ID or something like that. And so it took forever to get it, and then I finally got it, and it was crap. It was like the worst fake ID I'd ever seen. As someone who didn't know IDs, it was even bad, you know? And so I tried to use it and got immediately like like kicked out at like a bar or, you know, like that we we normally went to, and or that not we weren't really went to, but they normally went to. And so I got really mad, and this is a recurring thing in my life, is like if if like, you know, like I kind of get like hate inspired a little bit. I don't know what that means really, but like, you know, like if I I kind of get it in my head that I could probably do this, you know, like I could make a fake ID. I just have to learn how to do it and like figure it out. I'm a computer guy. So back then there was there wasn't tour yet, and so there was really just a set of forums. Carter's Market was one of the biggest ones, and then Shadow Crew was another one. And so I started going to the forums and learning about making fake IDs. And so I I purchased the equipment and started building them, got really good at it actually. I never really like sold any. I just thought it was like a cool thing to be doing, you know, young and impressionable or whatever. And so at some point, basically, I was learning, and then Shadow Crew, the forum I was on, got taken down by the Secret Service in like a multinational, like one of the first really big cybercrime rates. Now, the the guys I knew on there were all Carters, and there's this triad of kind of the underground, and that even still exists today. There are the people who make fake fake credit cards, and then there are people who make fake IDs so that you can cash out with the credit cards, and then there's the hackers who hack the credit card numbers so that you can have a whole bunch of credit card numbers to put on fake credit cards. And that was the triad back then. It works a little bit differently today with like chip and pin and stuff like that. But the underground does kind of revolve around these supply chains. And so I knew a lot of the hackers then, and it was it was back in the early days of web hacking from those forums, and they were like teaching me about like SQL injection and cross-site request forgery, cross-site scripting, like all of these bugs when they were brand new in the web hacking space. And uh, you know, LFIs and SQL injection were obviously the biggest ones. They were like, you know, like those are the ones that could get you like RCE, basically. And so I learned a little bit there, and then the forum got rated, and and then I didn't know what I was gonna do. And so I went took this elective at my city college that was called Ethical Hacking and Network Defense. And I was kind of in an IT job at that, but I was a very low level, right? It was like running cable, fixing printers, re-imaging laptops, stuff like that. I was working IT job. And uh, and so when my my instructor started teaching the course, it was already outdated. Like it was, it was super old and outdated. And I was like, hey, have you ever heard of like SQL injection and you know, local file includes and like all these things? And he's like, No, not really. Like, you know, and so he pulled me aside uh because I he asked me to like show one of those vulnerabilities. And I was like, okay, like I can show you. There's this awesome thing called like hack me bank that I'll show you on back in the day. And so I stood it up, I showed the class, and he's like, Hey, you know that there's a career called penetration testing that people do this and you can do it legally. You can like hack things and you can get paid for it. And I was like, I had no idea that was a thing. And so ever since then, I have just been obsessed with offensive security, all forms of it, almost all forms of it. And so I left my IT job. Well, it's not not quite true. At the place I was at where I was like low-level IT person, I would go bother the security people and I'd be like, hey, we have cross-site scripting here. And they're like, what is cross-site scripting? And then I'd explain it to them and I'd be like, hey, we have SQL injection here, or we have like an insurrect indirect object reference or something. And uh, so I just was this kid who kept bugging them about security stuff when they were security people and they didn't know anything about web security. Uh, they knew a lot about network security and architectural kind of like planning for security, but no web security. And uh so then eventually I got I got moved into the security group. And then with like a little bit of time there, I left to go to my first consultancy. And that was a penetration testing consultancy in Southern California. And so we did a bunch of banks and stuff like that. Stayed there for a while, went to HP, was their lead tester for a while, worked with Daniel Meessler and a whole bunch of other really talented people at HP. And HP had all those really great printer contracts, you know, like the printer money. And then they would be like, hey, we can do your security assessments too. And and companies, you know, Fortune 100 companies would be like, Yeah, sure, whatever, like just throw it on the bill. And so we would go into Fortune 100 companies and do pen tests and assessments and stuff like that. And then uh yeah, and that's that's how I kind of got into you know the the pen testing world, yeah.

SPEAKER_02: 7:05

Huh. That's fascinating. When you were doing that uh city college course, what what year was it? And I I ask because like it's such a difference in availability of that knowledge now, you know.

SPEAKER_01: 7:19

2003, 2004, somewhere there. Yeah. Okay.

SPEAKER_02: 7:22

Wow. Yeah, it's it's crazy because like I've been in the field, you know, since like I don't know, 2014, 2015, right? So like everything was pretty pretty widely available. Like there wasn't anything that I had to like search too hard for. I just needed to know how to search for it.

SPEAKER_01: 7:38

Yeah.

SPEAKER_02: 7:38

You know?

SPEAKER_01: 7:39

There wasn't much back then, obviously.

SPEAKER_02: 7:41

Yeah, like there was a books on this topic, you know.

SPEAKER_01: 7:44

There were there were a few books. Um one of the books that inspired me a lot was Ed Scotus's Counter Hack and Counter Hack Reloaded. Those talked a lot about network pen testing and network security, which I didn't have any exposure to yet. And I had to get really fast because a lot of the contracts that my pen testing company had were internals. And so had to learn that pretty quick. But even then there was there was always this saying, and it continues to this day, it's just there's more act, there's more access to content creators and like trainers these days. But like there's a difference between what you learn at a point in time than being on the cutting edge, right? And even then it was like internals. Well, do we do exploitation with like Metasploit now? Because Metasploit's been brand new. HD had just come out with Metasploit. And we were, and I was like, this tool is amazing. Like it keeps us from having to build exploits as like ugly Perl files, and like, you know, like let's, you know, like let's modulize all this and we get all the access to all these shell codes and things that run directly in memory right after on the exploit. And that was cutting edge back then. And so there's always been that kind of like it, you know, if you know where to look, it's there, but uh you gotta know where to look. Now there's there's more access than than ever, though. Yeah.

SPEAKER_02: 8:46

Yeah. That is it's a fascinating time, you know. And something that that you brought up that I really relate to is you know, you kind of like going and bugging the the devs at your at your current company, right? Like saying, like, hey, we're doing all this stuff wrong. Like that that's ex that's exactly what I did. So I that's awesome. How how I got started, right? Like, I guess I'm very persistent. I'm sure I piss off a lot of people. I'm sure I will piss off a whole lot more. But until you tell me no, you know, I'm asking, right? And when I was getting started, I was in help desk and I was it was like for this E911 application, and I like kind of forced my way into all of the government and military contracts because I thought for sure I'm gonna go federal law enforcement, I'm gonna leave this stupid help desk career behind, you know. And so like with having those those clients, they're very security focused. I mean, they're like you step on on campus, you know, and they're they're hacking your stuff right in front of you, and they're like, Well, how in the world do you have this configured like this, you know, this young kid, right? Like, I'm literally reading books on security the night before going to this place, you know. So I would take that and I would come back to the devs and I'd be like, hey, like we have these 50 things that we need to resolve, and we have two weeks to do it because my flight's already booked to go back. And if I don't show progress, like considerable progress, they're just gonna cancel the contract. Like, there's no in-between on this, you know, and yeah, coaching the devs through like, hey, when I start up SE Linux on this server, everything breaks, and you told me that it was supposed to be fine, and they're like, Oh, well, we don't know how to fix it, you know, and then that's me going back and saying, like, okay, well, you have to run these 30 commands to get it to work because SE Linux, you know, blocks everything by default. Yep. Yep.

SPEAKER_01: 10:36

Yeah, I think there's uh it's one of the things that like when I mentor kind of like like I don't take a lot of mentees on or stuff like that, but uh the ones I do, there is there is a lot of them who come pre, you know, pre or or post hack the box and like, you know, uh all these training platforms. And so they know they know how to use the tool, they know the vulnerability classes, you know, whether that's web or internal or mobile or whatever, right? But the thing that they don't get that I got, which was really useful and it sucked, but was this period of time where nobody knew shit and you just had to figure it out yourself and sometimes fake your way through it. Like I remember being on a couple of assignments. I don't know if you had any of these, but I remember getting assigned on a couple of tests where it was like the salesperson sold one thing, and then you get there and it's a completely different type of test. Like, like one of our guys sold a wireless assessment one time. And I was like, sweet, I know how to do a wireless assessment. I come, you know, I have my alpha, you know, UG card and I'm ready to go with Tally Linux. And I get there and it's point-to-point wireless between two banks on the same street that are branches of each other. And I'm like, this is not a traditional Wi-Fi test. And so, you know, I I have a week there. I'm on client site, which doesn't happen a lot anymore either. And so, you know, like I'm having to dance my way through talking to the client and being like, yeah, this isn't exactly what I expected, but we can make it work, right? And then going home the night of being an IRC and like overnighting books from Amazon on like point-to-point wireless connections, like what protocol they're using, like what is the cipher strength of, you know, whatever, like, and then like trying to cobble together a methodology to complete the assignment. And, you know, my mentees come and they're like, you know, I know all this stuff. And I'm like, yeah, but you didn't have to go through this pain of uh of having to figure it out. And sometimes that's the job. Sometimes the job is tap dancing and figuring things out as you go and learning a completely new technology in 24 hours and staying up all night on Monster and just like trying to do your best. So yeah.

SPEAKER_02: 12:34

Yeah, yeah. No, I man, I totally relate that that happens so many times. I I think my first like federal client, the salesperson who I don't even think worked at the company anymore at the time, sold them something that we literally didn't even have a product for. Like he sold a totally different product. And when the client like brought it up to you know, my VP of product, they were like, Hey, we we want this like very specific, you know, feature. And it was denied because internally we didn't really understand why they wanted it, right? So I show up on site and they're like, hey, like what about this product? You know, like we're giving you time, but we want the product. And I had to like figure out, you know, from them, like, you know, why do you want it? Why is it important to you? What's the situation that you're trying to solve for? And you know, sure enough, like it was a very good reason for wanting it. They had to experience an active shooter incident, which is insane on a federal campus. You know, like it's a it's a very large environment. It's large enough to where they have their own police force, their own fire department. Like they have their own first responders there, and they had an active shooter incident and they had no clue where the guy was. They just knew that it happened, and they have hundreds of acres of land right in the middle of night.

SPEAKER_01: 13:50

A ton of different type of signals everywhere, too. Yeah.

SPEAKER_02: 13:53

Yeah. You know, and uh so like they threw the campus completely on lockdown and people were calling, you know, 911 and everything, and they they still couldn't figure out where people were because people were calling in the room with the shooter, and people can't say anything because the shooter's in the room. Well, like their specific use case was how do we figure out someone's location if they can't talk, but they called in, right? And so the sales guy sold it that we can do it, you know. He was a little bit futuristic thinking, yeah, you know, because the technology didn't quite exist there. But when I was able to understand it and I relay it back, you know, then the VP's like, we actually never thought of that use case before, you know, and like I described the building to him. I was like, look, when I walk into this building, there are thousands of cubes. Like I'm only allowed in one section. There's four other giant sections just as big. I mean, it takes me five minutes to walk from one end of the cube aisle to the other end, and that's me walking fast. Yeah. You know, I was like, they need to know exactly where this person is, you know. And he's like, Oh, I get it now, you know.

SPEAKER_01: 15:02

Yeah. It's uh I mean, I I think there's still a little bit of opportunity to learn these days, but it I feel like there there was that added pressure of being on client site too a lot more. I think the consulting has changed changed a lot where even internals these days, even us at our consultancy, you know, we send a little mini PC, right? And it's you know, it has a VPN connect open VPN in it and reverse tunneling. And so we mail that to the client and you know, they drop it the cubicle somewhere with the network jack, and then we work our internal from there because it's expensive to buy plane tickets and it's you know expensive to host per diem and stuff like that. But you know, I grew up when that wasn't really a thing. There wasn't a ton of consultancies that had jump boxes like that. And so, you know, it was it was on planes, it was as trying to keep you know pressure under fire. So one of our biggest ones was my friend, my friend Sasha worked at Exxon. And so at HP, we had a contract with Exxon. So at that point, it was the fortune one, you know, in the world. And we're talking about like post Valdez as well, where they had built this security culture that was like super hardcore. So we so like we we go and we're doing this consulting engagement, and I'm really good friends with Sasha now. We've been we've been really good friends ever since this. But we go and I get there, and Sasha, this guy, he is the head of the security org at that point. And and we get there with our laptops and uh and we're chilling and we're about to get started testing. And he walks in and he's like, What are you guys doing? We're like, Oh, we're setting up our equipment, you know, like our laptops to do the we have like an internal and then an internal web app as well. And so he's like, You can't use those laptops. I'm like, what do you mean? He's like, it's like they're not corporate approved. Like, you can't use those laptops, you have to use our laptops. And I was like, Okay, well, we'll figure it out, right? Okay, so how long? He's like, Well, it's gonna take us, it's gonna take us a couple days for for us to get you laptops requisitioned. And we're there for two weeks, I think, on site. And so, first of all, the first tap dance I have to do is like, okay, what am I gonna do with these two days? I'm just gonna sit here and twiddle my thumbs. It's like, no, it's like it's like I sit with my team and I'm like, okay, we're gonna, we're gonna walk through with Sasha, like verbally with you know, our notebooks and ask a whole bunch of architectural questions that will help us when we do get the laptops and start testing, right? So that was like the first tap dance we had to do. And then the second tap dance is like, you get the laptops and they're they're totally locked down. Like host, you know, like host, I mean, there wasn't really at that point something like Cloudflare, you know, some endpoint protection as advanced, but at that time, they were super locked down. We couldn't install any tools. Like we couldn't install Burp Suite, we couldn't install like any command line-based Linux tools that we wanted to. Everything was locked down. And so, you know, I go to Sasha and I'm like, hey man, like, you know, these are usually the things that we need to do a web test and an internal, right? Like there's a you know, vulnerability scanning portion, which we have our own tool for this, and that needs to be installed. We have burp suite, which is for manual web pen testing, you know, all these other things, uh, and map for port scanning. And he's like, he's like, yeah, like it's gonna take months for us to get those tools to go through whitelisting. And it's like, okay, well, that's unfortunate. I'm like, well, I can just like, is it a is it a problem of policy? Is it a problem that you just don't think we're gonna be able to get them on the laptop? And he's like, and he tongue in cheek, he's like, hey, if you can get them on the laptop, you can use it, but you're not gonna be able to get them on the laptop. And so I pull out my USB key and I boot from you know a bootable Cali Linux distro off my USB key and I root the machine, disable the host base intrusion intrusion prevention software, and then start installing my tools as as my new user account on root, basically. And then once I have root at a bootable Linux, I can I can go into the file system, change the stuff in the Windows file system so that I have an account that's administrator access to install the Windows tools there too. And after that, Sasha didn't give us any shit. He was like, okay, these guys are legit, they know what they're doing, you know. But these are the types of things that you know you can't crumble under. And I there's a lot of stress that goes on in a situation, especially when they're the client and you're the person coming into their organization and stuff like that. And so I don't know if you get that anymore. So yeah.

SPEAKER_02: 19:02

No, not not that much anymore. Did you ever run into a situation where like, you know, you did a pen test and then you're getting arrested and going through that whole thing? Like you always hear about these like horror stories where like the CTO forgets that he signed something two months ago, you know, or whatever.

SPEAKER_01: 19:20

Yeah. I didn't ever I didn't ever have any trouble with the law. So I did a bunch of red teaming, which included physicals at my first gig. And that was that was mostly for banks. And uh, they would put me all the grunt on the grunt work stuff, but I never got arrested for any of it. So a lot of what I did was crawl space, climbing when I was more fit, you know, and uh and dumpster diving behind banks and pulling out trash. I was the guy that, you know, I was the low man on the totem pole at that point at my first job. And so, you know, it didn't matter if it was sunshine or raining, I'm diving through that dumpster. And then our big one back then was most banks had shred bins. And so we had shred bin company shirts, and we would go in and just walk out with the shred bin if they didn't have it chained to something. And so we would just go steal the shred bin and put it in the back of our car or whatever or a truck or whatever we were using. And so those are the those are the closest, like kind of like red teamy things I got early in my career. And then later on, when I did more red teaming later, our services didn't include physical ton, right? I mean, the the closest we got there was USB key drops. So, you know, uh using duckies and stuff like that that look like USB keys but are actually HID devices, putting shells on them and then delivering them through the parking lot, like dropping them in the parking lot of the organization and stuff like that. But you know, I did a whole bunch of physical, had a couple of falls through uh ceilings and I gave up on that. And then we also did social as part of our red teaming as well. And I remember doing an engagement on a social where someone got fired, and I just I didn't want to be a part of that anymore. So I stopped doing some of those services and just focused on the hacking parts of it.

SPEAKER_02: 20:53

So yeah, that's dicey when when someone gets fired because you were hired to do something, you know, and you just did it really well. Like, yeah, that's that's unfortunate. I I used to work for a company that they took like phishing tests extremely serious. And if you failed three in a row, like you were fired. Yeah, yeah.

SPEAKER_01: 21:12

Yeah, that was this one. It was one though. It was literally we did their first fishing assessment, and we had our we were ahead of the time that we had our own fishing platform with our own pixel-based tracking, which was pretty advanced for the time. And this this woman failed the phishing test and put in creds and she got fired or laid off. I don't know which one, but she was no longer at the company. I just didn't want to be responsible for that, like yeah, going forward. So leave it to other people.

SPEAKER_02: 21:39

Yeah. Yeah, I I worked for a credit bureau at one point, and I I wasn't like on the offensive side, and they did a phishing test. I think I started there, I might have started there like around this this time, right? Like maybe like December 1st or something that year. And you know, a week later, the phishing test is, you know, like you know, log in for your bonus information or whatever it is, like that, right? It's literally bonus season. Everyone's waiting for their bonus to be to be posted, you know, and they like have this portal, looks exactly like the portal that you would expect, and you put in your creds, and you know, let's something like 85% of the company failed. And like everyone complained to the C so it was like, what the hell? Like this is completely like unfair, like this is difficult beyond belief because even the cert was signed. It was like it's like okay, like I understand you want to make the fishing test as hard as possible because the attackers aren't gonna, you know, give you that break, right? But like you were kind of using inside resources to do things to make it look proper and everything like that, which yes, like attackers are gonna try and do that if they can, but like come on, you know?

SPEAKER_01: 22:51

Yeah, it's I mean those those are so Hard because it's like, like you said, that is the kind of stuff that a nation state type of adversary will do, right? They will clone some shit that looks exactly like yours. And but but yeah, those are that was usually one of the ones that was off limits was in most of our socials was bonuses or anything to do with like pay-related stuff was was kind of out of scope in most of our engagements, I think, after that. Now, now it isn't to say that we don't do social anymore. I just don't do it personally. Like I have a guy, Ariane, he's a good friend of mine, and he he has set up our infrastructure and does all our campaigns. So, you know, you absolutely need to do social engineering and modern red teaming, but I I don't want to do it personally.

SPEAKER_02: 23:30

Yeah. Yeah.

SPEAKER_01: 23:31

Yeah.

SPEAKER_02: 23:31

No, it makes sense. So what made you go down the path of starting your own company and doing this yourself?

SPEAKER_01: 23:38

Yeah. So I mean, I've always I'd always worked for other people like most, you know, like most people. And I was pretty happy in that like senior director level position of offensive security. And then I I left. I left offensive security for three and a half years to do the CISO role, Ubisoft video game company. So Assassin's Creed, just dance, Rainbow Six, um, are some of the big flagship games we made there. And they were looking for, they were looking for a security leader who had a lot of offensive security experience that would retrofit kind of their existing security program. So I went there for three and a half years and I did that, and I realized that the big CISO role wasn't for me. I mean, if I'm gonna be honest, it was just, it was the wrong kind of stress for my life. I also had three kids at the time, and that job requires you to be married to your, you know, your desk, basically. And so I did it for three and a half years, and I decided to step back and I had to, I had to decide at that point what I was gonna do. And a buddy of mine was he was he was running a consulting company, but a smaller one. And he was like, Well, if you just want to come and lead our testing arm, you know, get back into offensive security and red teaming, you know, do it here because we've worked together. And I was like, okay, so I go back for a year and just kind of get my bearings again. What was going on? And while I worked there, um, you know, like there was I had been working on this class for a long time. So the last, I would say, 10 years of my life, I've been really into bug bounty in my free time. And so, you know, I I'd done a lot of bug bounty. I had worked for Bug Crowd, the Bug Bounty platform, and um I had worked there before I went to Ubisoft, and I'd been the head of triage and I had been testing that whole time. And so I had built this course over the years. It started off as a conference talk called the Bug Hunters Methodology, and I presented it at DEF CON and it got a really great feedback. And so I kept iterating on this on this talk. It started off as a talk, and then it got too big to be a talk, it turned into a workshop, and then it got too big to be a workshop, and I was like, what do I do with this? And it's basically all of the tools and techniques that modern hackers are using in the web space and for reconnaissance as well. So it's like recon and web hacking, like intermediate to advanced. And it was stuff that I saw that the bug bounty community was doing that normal pen testers, web pen testers weren't doing. They weren't focusing heavy client side, they weren't looking for certain server-side volumes. Like there was an education gap between there. And so when it turned into past the workshop size, I gave it a couple of times at OWASP as a course, a one-day course. And it went really well and people loved it. And so we came back. I came back from one of those down, you know, down over the years. And I asked my wife, I said, you know, we were just talking about what I was going to do next. And she was like, well, running the numbers, if you scaled this up, you could just teach this course if you wanted to. And, you know, it seems like people like it. It really looks like you enjoy making it. You know, maybe it's time that we did our own thing. And so it was a combination of my wife, Julia, and my best friend Daniel Meessler, pushing me to build the company. And so it started off, we just offered one course. It was the Bug Hunters methodology. It's a two-day intensive, intermediate to advanced reconnaissance and web hacking course. And uh, that went really well. And then we built a second course when AI got really hot, and we hit, you know, we hit just the right timing. And um, so we did a course on how to assess AI systems, and then we do a course on how to use AI as a security practitioner. So we have two AI courses now. And and then we do these courses, and companies would be like, that was amazing. Come do our pen test, come do our AI assessment, come do whatever. And so then we had to build out the consulting arm of the company. And so that's what we are now. We're we're about 50-50, 50% consulting, 50% training. Now we have six classes with some guest uh instructors too. We have the number one, we have an expansion coming up to the Bug Hunters methodology with the number one hacker on Bug Crowd right now who's doing it because he's a specialist in broken access control and stuff like that. So he's coming on and being a guest instructor and building a course. We launched an advanced client side course. So yeah, everything's been going good. But yeah, that was kind of the impetus. It was just like my wife and Dan pushing me to do it. And and so we just did it. It was it was easier than I mean to get it started, it was easier than I thought it was gonna be. I was always kind of afraid of it. But then the realities of owning your own business are always that you're working all the time too. So because you're working for yourself. So there's there's ups and downs.

SPEAKER_02: 27:47

Yeah.

unknown: 27:48

Yeah.

SPEAKER_02: 27:48

Yeah. I had on Chris Roberts, and I think the last time I had him on was maybe last summer or the summer before. I've had him on several times. The first couple times he was still running his consultancy, and I mean, he just looked like he was just in the worst mood possible. Like I I felt bad for him being on the podcast. Like, I was like, you want to reschedule, you know, like and then the the last time I had him on, he had already like gotten out of it and found like a real job and whatnot. And uh he looked so much different. He was like happy to be there. I was like, man, that's good because I thought it was me.

SPEAKER_01: 28:26

It's not for everybody, honestly. In fact, I just got a job offered today. Someone was like, you know, come come work for us and stop doing your own thing. And I was like, nah, I I enjoy it too much. So I really enjoy the teaching part and the consulting part also. I enjoy a lot of aspects about it as well. So I think this is perfect for me for right now. Uh, it's a lot of work, but then when you do a good job, like you have clients that really enjoy the training or in the consulting and you know, you give value. It's it's more personally fulfill like fulfilling, I guess, than doing it through another place. Um, you know, all the stresses that come with running the business are, you know, those are things that we're learning to kind of hire or scale or delegate, you know. And as long as I can remind myself to do that, I think it's gonna be fine because I I love having our own brand. I love doing what I want to do. I have an idea for a course tomorrow. I can implement it, you know, and start researching. And that that's my vibe. I love research. I love training, I love building things that are cutting edge. And so that's you know, like you can you don't get that opportunity at every place you go when you work for someone else.

SPEAKER_02: 29:31

Yeah. Yeah, I feel like because right now, like I'm getting my PhD. Well, once I'm done with that next uh December, hopefully, like I'm probably gonna take a year off, you know, not not do anything because this is like 10 times harder than I ever thought it would be. I bet. I bet, yeah. But like once I'm done, once I'm done with the time off, I'm probably gonna go like pretty hard into the offensive side. Yeah. Right, like that's like the area that I haven't touched that much on, but I'm I've always been so close to it. It's like, yeah, I know the command to run. You know what I mean? Like it's like I know the command to run, but have I like actually run it, you know? Um that sort of thing. So it it'll be really interesting because then I'll go into like a research for my own fun mode, you know, like kind of how I was in the beginning.

SPEAKER_01: 30:17

It's a lot of fun. It's it's a lot of work. I mean, there's so much stuff these days, especially with AI. Yeah, I mean, it's yeah, especially with AI stuff, but I mean there's I tell a lot of people who are just getting started, a lot of young people who are in college, not not in like a PhD program, because I feel like you get a little bit more specialized there, but people who are coming in and they're like, Oh yeah, I'm doing a cybersecurity major or something like that, or something related. And I'm like, oh, like what do you want to do in security? And they're like, I just I want to do cybersecurity. And they're like, I'm like, no, what do you mean? Like, what do you want to do? Like, there's inside of cybersecurity, there's there's something like 65 or 70 different individual specific things you can do. And they're like, Oh, I didn't know that. And I'm like, okay, well, you know, here's the blue team side, here's the red team side, here's like the engineering side, here's the leadership side, here's the compliance side. Like, there's all these places you could go work. And really, their only exposure to security in in their major has been like maybe half of an offensive security course which just taught like NMAP and vulnerability scanning, maybe some forensics, you know, maybe some security project management like stuff, but sometimes not even that. And it's like like these days, there's so much stuff that you can specialize in that it's hard. It's a lot of stuff for you know, a lot of places are looking for not just specialists either, they want a generalist who can do a lot of things too. So you have to be multi-talented. It's uh it's a crazy industry now.

SPEAKER_02: 31:36

Yeah. It's a really competitive space for sure because there's so many people that want to get into it, and then there's so many people that already have you know the experience that might be trying to make a pivot within security even or whatnot.

SPEAKER_01: 31:49

Yeah.

SPEAKER_02: 31:49

That that's actually why I like so I got my master's at the same place I'm getting my PhD from. And the master's was extremely hands-on, you know, so like literally literally one class you're you're you know, doing the blue team where you're securing a network, you know, like to the max, and they give you like specific requirements. Like, look, this web app has to talk out, like it can't be completely locked down, you can't sh shut off the servers, that sort of stuff. And then the next class, you're literally hacking into that blue team network that the other blue team class, you know, set up and whatnot, right? Like, so you're getting both sides of it. And for forensics, they had they had on someone from like the FBI that now worked for Symantec, that all that they do is you know, like, so you're learning N case and FTK suite and all that stuff. It was fantastic.

SPEAKER_01: 32:36

Like, that's awesome. You don't see how yeah, that you don't see that everywhere, honestly. I I feel like I feel like colleges are catching up to making more hands-on programs, and then you have like competitions like the NC, it's like the national cyber defense something, but it's the one where like they have the Joes versus pros thing where it's like Mubix from Hack Five will come you know at the nationals and he'll play the red teamer, and then the the students have to be the blue teamers like under certain constraints, and you have like industry known pen testers who are like trying to break into your stuff. And so I feel like there's more of that than ever. So that that's really good.

SPEAKER_02: 33:10

Yeah. You know, why what's your perspective on AI and L because so to me, I'm a bit of a pessimist when it comes to AI, probably because I haven't seen anything that just like blew me away. Like, I'm sorry, but you having a bot that can schedule my travel, cool, it's not something that's insane, right? Me going into an LLM and typing in a question, it gives me a response. It's just the third iteration or whatever of you know the Google search engine, basically. But everyone seems to be going down this AI LLM route. I was literally on a call, actually, all of my calls today, was talking to customers about AI security, LOM security, they're still mixing up AI and L, but they think they're they think they're deploying AI when it's an L and you know, all this stuff, right? So, what's your perspective on it? Because it's not as secure as everyone is making it out to be.

SPEAKER_01: 34:02

Oh, yeah. I mean, I think there's there's two sides of that coin, right? Is how secure is the technology inherently, and then how secure is it how we're implementing it? And then there's also how useful is it for us in our day-to-day and uh especially as security people. So I guess I'll address a second one first. So, you know, I have long had my pen testing methodology that I have designed for myself and for my consultancies that I've I've run and or my teams that I've worked with and stuff like that. And, you know, it's hard-won knowledge over years of experience to build that methodology. And there's parts of it that are completely manual. And so with AI, I've been able to take a lot of those manual pieces and now add some automation to them, which has been really cool. There's also things that it does really great, like pattern matching and analysis. Like, you know, the last bot we built in the last class is a JavaScript analysis bot. And so, you know, in modern pen testing and modern bug bounty hunting, there is this gap of knowledge. There's like pen testers who were trained in the previous generation who are used to server-side bugs like SQL injection, LFI, all that kind of stuff. And over the graduation of you know, having all these JavaScript frameworks on the web now, a lot of cross-site scripting is based upon chaining together different primitives inside of JavaScript that's client side in order to build, you know, a cross-site scripting payload, or execute, you know, an SSRF or something like that on the website. And so there is a whole bunch of pen testers who are still kind of in that like previous generation of training, you know, whether they got it from SANS or, you know, wherever, you know, like, and so JavaScript analysis means that you have to be an expert in JavaScript and means that you have to take this pseudo-obfuscated code, minimum uh minified code, or sometimes actually obfuscated code and debug it and find out where all of these gadgets are in order to exploit bugs that are, you know, relevant to today. And uh, and so we built you know an AI bot in like two days in the course that could analyze large chunks of JavaScript. We built a Chrome extension that didn't exist before to do it straight out of your browser. So you could land on a website, click a button, it will slurp up all of the inline JavaScript, all of the explicit JavaScript files, and then run a whole bunch of security analysis on them. And so I have seen a lot of what I would call augmentation and I've seen some automation, but it's not like it's automating everything I do. It's still an enabler, it's still a tool, and I have to figure out a way to use it. It's it's definitely a very sharp sword in my arsenal, but it's not, it's not like the only thing that we're doing. And most of our pen tests end up being, you know, manual and then the AI helps us with like 20% or 30% of it, right? Which is almost like any other tool. You could have said that around about Birth Suite, about Nessus. You could have said, you know, you know, it's augmenting us in the same way. So I see it in the same way as I see those tools right now. In the future, do I think it's gonna take over more? Probably I would say so. I think that I think that people are learning how to do a lot of AI engineering and specifically, yes, it's LLMs, right? But yeah, AI engineering that can automate even more fancy things. You know, you have companies like Expo and some other places that can, you know, that can do a complete web test. And they have they have gone to like a second or third level where they're not just context engineering or prompt engineering LLMs. They actually have their own models, right? And they have their own scaffolding and tools and stuff like that. So I am pretty pro AI, I think. I think that, and I also don't think it's gonna replace everyone either in the offensive security. On the other side, on the other side of the coin, the systems that everybody is rushing to implement is crazy. It is, I mean, we do one of our biggest services right now, and it has been our biggest service for the last year in the consulting side, is doing AI pen tests, is what we call them. And uh, and some of the bugs are so dumb. They're just like, it's crazy. It's like we hooked up an LLM and we also hooked it up to an agent that, you know, pulls all of our Salesforce data and our CMDB data and our ticket data from Confluence and Jira and our you know wiki pages to make it smarter. And I'm like, okay, well, what model architecture should you use? And they're like, well, we just use you know open AI's architecture, you know, from thing. And I'm like, okay, so you're giving all your security data to OpenAI. And yeah, that's what they're doing. And it's like, okay, well, that we should rethink this a little bit. And then, you know, when it comes down to like, okay, well, maybe they need their own model or something like that, they need engineers to build those systems internally, you know, in order to implement them and host them internally and put up the front end and the back end and all of the ops that go into building an effective ecosystem for all that stuff. So we had an instance of a test where they built a chat interface for a web app, and so it was multiple users could use this chat interface, and they were logging all the chat logs to WebSocket streaming. And so if you just opened the developer tools in your browser, you could see everybody else's conversations streaming back. It was it was pretty nuts. So yeah, we've had some really dumb ones, and then we've had some really advanced ones too. We've had had some people who had advanced-based systems and we'd have to like control their agents with fancy prompt injection and stuff like that. So it's all over the place. I feel like it is a race because of FOMO. I think a lot of companies get FOMO of their competitors or FOMO of how the industry is moving, and they want to implement, you know, AI in some way, shape, or form, and they just do it way too fast and to have like no security architecture review or no specialists even to tell them what to do, honestly.

SPEAKER_02: 39:23

Yeah, it's you know, it's interesting that you bring it up like that, right? Because like you were asking kind of just basic, you know, thousand-foot view level, you know, things with LLMs. What model are you using? What you know, what's going on in the background, right? And the same thing, same thing with me that I'm finding is like, you know, I was literally on the phone with a company earlier saying, all right, what model are you using? And they're saying, you know, co-pilot, for instance. Well, but we're we also want to build this custom thing, you know, over here, right? And it's like, well, do you have a head count for it? Do you have the skill set for it? Do you actually know what you're doing? You know, it seemed like everything that I was talking about was just like kind of going over their head to an extent, right? So it's like now we're in a situation where we have to like kind of educate these users and these companies, these decision makers on you know what they're actually doing. Not that we didn't have to do it before, but it's kind of like it's like, hey, we're we're running towards this thing, and we're not even thinking about what's on the other side. Like, we're just giving all our data to open AI, you know, giving all of our data to Copilot, right? And doesn't Microsoft have enough data already, you know?

SPEAKER_01: 40:31

Yeah, that's one of those those privacy and risk conversations. It's the first conversation that comes up when I'm talking to people, or I'm even even when I'm teaching the class, right? It's the first question that comes up by students. And it's like, it's like, well, it all depends on your your risk appetite, right? Because like, sure, you already have contracts, contracts with Microsoft for your OSs and for your, you know, for Azure if you're in Azure and your productivity software. And, you know, sure, I mean, like, Microsoft could flip a switch and go into the OS someday and steal all your data, right? But this, this is, you know, this is giving not only access to corporate data, but also people use the AI and LLMs as like a work buddy. And so it's giving them conversational chat data that could be somewhat personal in nature or something like that sometimes. So we have to have these conversations. We do see a lot of people land on like, okay, well, I already use Microsoft, so we're gonna we're gonna flip on copilot, because it's like, you know, we uh we assume X amount of like productivity gain or something like that, you know, when people have an LLM or a copilot available to them. And Copilot is relatively easy because like the ecosystem of the productivity software, it's everywhere, it's integrated. And so like that isn't the engineering, you know, task, but then they want to make these specialized systems that you're talking about. It's like, yeah, you have to have someone who understands LLMs, they're gonna be able to modify Copilot with prompt engineering and context engineering, which means usually like a database of some sort that's gonna feed it additional information, like RAG. And then, and then you're gonna have to publish that internally. You're gonna have to add security to it. And so when you get there, yeah, you need like an actual like AI person, like an AI engineer. Not a lot of people wanna, you like you said, spend that head count. And then we've we've also seen the other end of the spectrum where people have whole development teams that are AI literate that they they hire. And those systems are, you know, on the other end of those, those are those are really complicated and they do put guardrails and classifiers as like kind of firewalls in front of you, in front of the model, and they do really cool things. And and so those are those are like the other end of the spectrum. They have invested, you know, a large amount of money because it's going to be a usually a product feature for their for their app or whatever they're they're doing, right? We've had a security company really recently, and you know, they were doing enriched SOC information using LLMs, but they were custom trained and but they could also do like internet searches on threat actors and campaigns and stuff like that. And so, you know, in that one, we used prompt injection to force the agent to go out and pull our data into the system and poison the system. And that wasn't really in their threat scenario. They were like, oh, like that was really interesting that you could you could do that. And I was like, Yeah, that wasn't exactly a complicated attack either. Like that was so everybody is still, I mean, that's just because everybody's still learning this stuff. I am still learning this stuff. I won't ever consider myself an expert because it also changes every fucking week, honestly. Like it's like like uh when I teach the class, I have to go through like two intensive weeks of research just to update it because it's it's changed so fast. It's crazy.

SPEAKER_02: 43:26

Yeah, that is a really good point. How do you stay on top of it? And then, like, I have a bunch of questions off of that, right? So maybe the first one, how do you stay on top of all the different changes?

SPEAKER_01: 43:35

I mean, it's just aggressive Googling YouTube video watching. I mean, I have a list of content creators I really like who who keep me up to date on like model news and benchmark news for like what models to use. I have some people who are in the security space that I watch, you know, who are talking about automation. Believe it or not, marketing and sales are one of the biggest adopters of AI right now. And so sometimes when you want to learn how to automate things, you can actually learn the automation glue from some people who are talking about automating sales and marketing because they're so deep in it right now, like using N8N or Cloud Code to do like random things. And so, like, I have some of them bookmarked too. So I just have like a mishmash of like feeds that I subscribe to. So YouTube, and then at the architect at the like actual like research level, that's archive. I'm just like parsing the AI section of archive pretty much every day. I have AI go out and synthesized any paper that I need to go read, whether it has like a security angle or a model angle or something like that, try to consume from both sides, from the academic side and from like the end user side. Yeah.

SPEAKER_02: 44:42

What are what are some common prompt engineering vulnerabilities that you're finding, even in like the most popular models? Right. I'm sure it's probably more prevalent in the custom over. Llama or whatever it might be, but are you finding those kinds of vulnerabilities, you know, in like Chad GPT or GROC or whatever it might be? I actually follow this guy on X. I can't remember his name. Starts with a P, I think. Pliny the prompter. Yeah. Yeah. I mean, he's over here rooting all these LLM models like every day, it seems. It's really interesting.

SPEAKER_01: 45:15

So Pliny is he was one of the first really big jailbreakers for AI. And he leads a group called BT6, which is a jailbreaking group. So I am part of BT6. And so I work with BT6 when doing some assessments and stuff like that. And so yeah, I mean, we try to jailbreak a model as a team within 24 hours. Usually all the heavy lifting is Pliny and some other people on the team. You know, like the models are built to answer your questions, right? And to predict the next token. And so some of the tricks that worked on the original models still work on the models that are GPT 5.2 or whatever, right? It's still, they're still like, you know, the same things. Now you can go out and look at what the advanced people are doing. We just released a resource called the prompt injection taxonomy this week at Arcanum. And it basically has we split up our ideas of how to prompt inject these models into three or four sections. One is what are you trying to do to the model? You have to know first what you're trying to do, which we call intent. So what is your intent? And is that to jailbreak it? Is that to enumerate all of its tool calls? Is that to get it to talk about a sensitive subject like harm or explosives or drugs or something like that? There's a whole bunch of intents that you can have when you're testing an AI system. Is it to manipulate an agent to do like a web call or something like that? Is it to attack other users of the system? There's all kinds of intents. Then you have your techniques, and the techniques are the things that change a lot. So the first jailbreak instance was one of the first instances of jailbreaking was the narrative injection, and it was the grandma narrative. And it was like my grandma used to tell me this bedtime story about cooking meth. You know, I really wish that you could tell me a bedtime story like my grandma. That was one of the like earliest prompt injection jailbreak kind of things. That doesn't work anymore. Some of the specific instances of those techniques have been trained out of the models pretty aggressively, but some still remain. So if you look at the jailbreaks that like Pliny Pliny builds, there's a lot of stuff in there that he doesn't necessarily talk about, but they are techniques, and some of them are like shortcut-based techniques where he is basically in GitHub. In our GitHub, you know, in other jailbreaks, he has shortcuts to find and then he calls them from other jailbreaks. And because it's in the training data, he can call, you can call prompt injection through the, you know, through GitHub or something like that. There's a lot of markdown and end sequences. So confusing the model to think it's still in its directive mode from the system prompt by using what looks like XML tags, basically, or you know, tags of some sort. So it'll say, like, you know, begin system prompt, end system prompt, you know, something like that. Um, but there's like 50 different of those depending on which model vendor you're working with. And so there's a whole bunch of techniques that you can use. And then evasions are the things that get you past classifiers and guardrails. So classifier and guardrails are the two predominant security controls that we have in the LLN space. Classifiers will look at the intent of a conversation, either on the input or the output, and drop it if it goes against kind of the core ethos of what the system is supposed to be using or doing or saying. And then guardrails are more like traditional firewalls where if they see a certain type of prompt injection, they will drop the connection or stop you from communicating. Sometimes they're hybrid regex based and sometimes they're LLM based. They're their own security LLM. And so in order to get past those, we use what looks like traditional web application firewall kind of bypasses, which is like, you know, different types of encodings, but in natural language systems and LLMs, um, there's all kinds of crazy stuff you can do to get past those. Like some of our evasions are speaking in non-real languages, like Klingon and Leak speak and or using Morse code as represented by dashes and periods. And so there's a whole there's like over, I think like 60 different evasions that we have categorized. And so we released that resource this week for people to learn how to do proper testing, and so you could also contribute if there's you know something out of that. And we we continue to add to that. So it's still the Wild West. We're very early. Although people like you and me who are talking about this every day feel like, you know, like we've got a handle on it, we're at the cutting edge. Everybody else is like, you know, this is this is brand new to them. And so there's a lot of learning to take place in AI engineering and AI security still.

SPEAKER_02: 49:17

Yeah, I feel like we're, you know, we're we're like opening, you know, genie's bottle or whatever. Like we don't know, we don't really know what's gonna come next, but these gigantic companies with all this power, it seems, are pushing us towards, you know, this like inevitable future, right? Like it's yeah, it's a weird situation. I don't know. I'm trying not to go down like the Terminator rabbit hole, but it's like, hey, there's been enough movies on this topic. Like, how about we just pump the brakes a little, you know?

SPEAKER_01: 49:46

Yeah, it's it's really interesting. I mean, I'm not I'm not the type of guy who will who usually wants to make a ton of predictions, right? Like, I just kind of work with what we're in right now. And one of the things that frustrates me is sometimes we do these tests, and I have this old methodology and taxonomy that I've built, and it's really easy to bypass some of the current gen guardrails and classifiers and trick the models, right? And I don't blame it on the models because that's what they're designed to do. They're designed to answer my questions. So although you can security, you know, post-train them or tune them for certain topics, I don't think that with this architecture we're ever gonna get to a place where you're gonna be able to 100% guarantee that a model and a user one-to-one interaction is going to be safe or secure. Now, all of the technologies that go in front of the conversation or on the outbound of the conversation, like these firewalls, classifiers, or guardrails, they're all pretty weak right now. And when my customers ask me, it's like, how do, well, how do I defend? You you broke it, great. How do I defend against this stuff? And I'm like, I don't have great answers sometimes. My my answer is defense in depth, really. My answer is that, okay, you need a you need a guardrail on the front end, you need a classifier on the outbound, you need regex-based traditional security on the web app, you need output encoding on the web app. You also need to use a safety-tuned model in the system prompt. You also have to, you also have to add security directives in the system prompt, and then you have to add like, you know, user-based access control for the databases and the agents. And it's like, and their eyes get super big, and they're like, I didn't think it was gonna be this complicated. And it's like, yeah, I mean, right now that's what we have, and that's what you can do, and that still only gets you to 98 percentile.

SPEAKER_02: 51:21

Yeah. And that's just right now, it might change tomorrow. It might change tomorrow. You never know, yeah. Yeah. So man, well, Jason, you know, we're we're over time, unfortunately. Sorry. I should have spent more time on the AI stuff because that's it's like that's really fascinating, at least, you know, for me. And I just don't have enough time to like dive into it as thoroughly, you know, on on my end, mostly because of the PhD in a young family. It's just not going together.

SPEAKER_01: 51:49

Yeah, yeah.

unknown: 51:50

Yeah.

SPEAKER_01: 51:50

I mean, I'll just have to come back for another episode or something.

SPEAKER_02: 51:53

So yeah, yeah. No, I I'd love to. That'd be great. Maybe uh you could like bring uh planing as well. Yeah, that'd be fantastic.

SPEAKER_01: 52:00

The group has been looking to get into like some more like podcasts and stuff like that just to get awareness around the jailbreaking part of it and the red timing part of it, which is you know a subset of you know of the topics. And yeah, I could uh I'll hit them up and let you let them know.

SPEAKER_02: 52:13

Yeah, yeah, that would be awesome. Well, Jason, before I let you go, how about you tell my audience where they could find you and where they could find your company if they wanted to learn more and connect?

SPEAKER_01: 52:22

Yeah, absolutely. So the company is Arcanum Information Security, and so it's arcanum-sec.com. And uh I am my personal Twitter account is where I do most of my connecting with people or X, whatever you want to call it. It's uh at J Haddockx, J H A D D I X. So you can hit me up there, connect there, and then I'm Jason Haddock's on LinkedIn as well. And uh yeah, check out the training courses. But there are two resources that are absolutely free that we have out there right now. One is called the Arcanum AI Security Resource Hub, and that's on our GitHub. So if you look for Arcanum Information Security on GitHub, we have that project, which has over 24 labs that we have bookmarked for you to start training and attacking LLMs because that's our specialty. And then also our prompt injection taxonomy to learn those tips and tricks is on our GitHub as well, as well as other stuff there. If you're a consultant, like, you know, what type of threat modeling questions should you be asking about AI systems and stuff? So that's all open source and on our GitHub. We're really big believers in getting back to the community. So you can grab all that for free and just kind of start playing around with it.

SPEAKER_02: 53:24

Oh, that's awesome. I'm gonna go ahead and do that too then. Awesome. Cool. Well, thanks everyone. I really hope that you enjoyed this episode. Go ahead and check out, you know, all the all the resources that Jason just mentioned. I'll put the links to them, you know, in the description of the episode. Thanks, everyone.

Joe South

Host