Free Daily Podcast Summary
AI Security Ops: Daily Summaries Delivered
by Black Hills Information Security
Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).
Latest Episodes
The most recent episodes — sign up to get AI-powered summaries of each one.
- Yesterday29 min
AI Cost Saving Tips | Episode 55
In this episode of BHIS Presents: AI Security Ops, the team digs into a problem every AI-enabled SOC eventually hits:The demo looked great — until the inference bill showed up!AI in SecOps gets expensive because security data is huge, repetitive, and constant. Logs, alerts, runbooks, tool definitions, and historical context all get pushed into models again and again. That burns money, slows systems down, and often makes answers worse.The fix is not exotic. It is basic engineering: use smaller models where they work, cache what repeats, stop dumping raw logs, and save expensive reasoning for the cases that actually need it.We dig into:• Why AI SecOps workloads get expensive fast • When smaller models are good enough • Where frontier models still make sense • How grouping alerts into cases reduces waste • Using strong models to judge cheaper models • Why prompt caching can be a major cost lever • How small prompt changes can break caching • Batch APIs for non-urgent security work • Why raw logs make prompts noisy and expensive • RAG, deduplication, and cached verdicts • Budget caps, circuit breakers, and stolen-key risk • When deterministic code beats another model call AI cost control is not just a budgeting exercise. It is a security architecture issue. If every alert goes to the biggest model with no caching, no limits, and no measurement, the system is not just expensive — it is uncontrolled. Good AI SecOps design means scoping the model, reducing unnecessary context, measuring spend, and putting guardrails around how AI is allowed to operate.⸻📚 Key Concepts & TopicsAI Cost Architecture • SecOps cost comes from large inputs, repeated context, and high alert volume • Model selection should match task difficulty • Routine triage can often use smaller models • Hard correlation and judgment may justify stronger models Model Evaluation • Test smaller models against real historical cases • Use stronger models as judges when appropriate • Compare quality before moving workloads • Do not assume the biggest model is always necessary Prompt & Context Design • Cache static instructions, tool definitions, and repeated context • Keep cacheable sections stable • Avoid changing static prompts with unnecessary variables • Better prompt structure can reduce both cost and noise Data Reduction & Retrieval • Do not send entire logs when only a few fields matter • Preprocess alerts before model calls • Use RAG instead of stuffing whole libraries into prompts • Cache repeated verdicts for repeated alert patterns Operational Guardrails • Track AI spend by workload • Set hard caps and circuit breakers • Use limits to reduce stolen-key blast radius • Treat AI pipelines like production security systems Deterministic Workflows • Not every task needs inference • Repeatable logic should become code • AI can help write that code • Once the workflow is deterministic, stop paying the model to repeat it #AISecurity #LLMSecurity #CyberSecurity #ArtificialIntelligence #SecOps #SOC #InfoSec #BHIS #AppSec #PromptEngineering #securityarchitecture ----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ - Intro: When the AI Triage Assistant Gets Expensive - The Setup: Saving Money Without Killing the Workflow - Right-Size the Model: Cheap for Routine, Big for Hard - Testing Smaller Models, Judges & Real SOC Workflows - Prompt Caching: The Big Lever Hiding in Plain Sight - Batch APIs: Half the Urgency, Lower the Cost - Stop Dumping Logs: Less Noise, Better Answers - RAG, Dedupe, Budgets & the Deterministic Code Bonus Click here to watch this episode on YouTube. Creators & Guests Ethan Robish - Guest Derek Banks - Host Brian Fehrman - Host Brought to you by:<stron
- 4 days ago20 min
Is It the Model or the Harness? | Episode 54
In this episode of BHIS Presents: AI Security Ops, the team tackles a foundational question in modern AI security:Is the real risk in the model… or in the harness around it?For years, most conversations have focused on model behavior — prompt injection, refusals, alignment, and safety controls. But as AI systems evolve into full agents with tools, memory, and execution capabilities, the focus is shifting.Increasingly, the real security boundary isn’t the model itself — it’s the harness: the code, integrations, permissions, and workflows that give AI systems real-world power.And that shift has massive implications for how we think about AI risk.We dig into:• What “model vs. harness” actually means in practical terms• Why defenders often blame the model for issues caused by the harness• How agent architectures expand the attack surface beyond prompts• The role of tools, memory, and execution in modern AI systems• Why prompt injection is often a harness design failure• How real-world AI exploits increasingly target integrations, not models• The limits of model-level safety and refusal behavior• Why harness design is becoming the new security perimeter• How AI agents move from “text generators” to “action-takers”• What defenders should focus on when securing AI systemsThis episode explores a critical shift in AI security: the model might generate the response — but the harness determines the impact.⸻📚 Key Concepts & TopicsModel vs Harness• Model = core AI (weights, training, inference)• Harness = surrounding system (tools, APIs, execution layers)• Separation of generation vs. actionAI Security Risks• Prompt injection vs. system-level vulnerabilities• Misplaced trust in model-level protections• Expanding attack surface through integrationsAgent Architectures• Tool use, memory, and multi-step reasoning• Code execution and external system access• Transition from passive models to active agentsDefensive Strategy• Securing the harness as the primary control layer• Limiting permissions and external integrations• Designing safe execution environments for AIAI Safety vs Security• Refusal behavior and alignment limitations• Why safety ≠ security in agent systems• Need for defense-in-depth beyond the model#AISecurity #LLMSecurity #CyberSecurity #ArtificialIntelligence #AIAgents #InfoSec #BHIS #AppSec #aiarchitecture ----------------------------------------------------------------------------------------------About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/ - Intro: AI Security Ops & Episode Setup - The Core Question: Model vs Harness - Defining the Model: What It Actually Does - Defining the Harness: Tools, Code & Capabilities - Why Security Is Shifting Toward the Harness - Being Secure and Being useful - AI Agents, Tooling & Expanding Attack Surface Click here to watch this episode on YouTube. Creators & Guests Derek Banks - Host Brian Fehrman - Host Bronwen Aker - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.
- 1 weeks ago29 min
AI News | Episode 53
In this episode of BHIS Presents: AI Security Ops, the team breaks down a packed week in AI security — from the first AI-built zero day in the wild to model supply chain attacks and gray market AI access.What used to be theoretical is now operational. AI isn’t just assisting attackers anymore — it’s actively being used to discover vulnerabilities, distribute malicious models, and even experiment with autonomous behavior.Across four major stories, a clear pattern emerges: AI is no longer just a tool in the toolbox — it is the toolbox.We dig into:• Google’s report of the first AI-discovered and weaponized zero day• What it means for AI to participate in real-world exploitation campaigns• The risks of typosquatted and malicious models on platforms like Hugging Face• How fake or swapped models can silently compromise users• New research showing LLMs attempting persistence and self-replication• The difference between theoretical capability and real-world risk• The rise of gray market access to restricted AI models like Claude and Gemini• Why model trust, provenance, and validation are becoming critical• How AI is accelerating both offensive capability and attacker velocity• What defenders should be watching as these trends evolveThis episode highlights a major inflection point in cybersecurity: as AI capabilities scale, so does the attack surface — and the speed at which it can be exploited.⸻📚 Key Concepts & TopicsAI-Driven Exploitation• AI-assisted vulnerability discovery• First reported AI-built zero day in the wild• Automation of exploit developmentModel Supply Chain Risk• Typosquatted and malicious models• Hugging Face trust and verification challenges• Silent model swapping and integrity concernsAI Behavior & Autonomy• Research into LLM persistence and replication• Limits of current model capabilitiesAI Access & Shadow Ecosystems• Gray market distribution of restricted models• Claude, Gemini, and access control bypasses• Trust boundaries in global AI usageDefensive Implications• Model provenance and validation• Monitoring AI-assisted attack patterns• Preparing for increased attacker velocity#AISecurity #CyberSecurity #ArtificialIntelligence #LLMSecurity #InfoSec #BHIS #AIAgents #SupplyChainSecurity #AIThreats----------------------------------------------------------------------------------------------About Joff Thyer - https://www.blackhillsinfosec.com/team/joff-thyer/About Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/About Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/About Bronwen Aker - https://www.blackhillsinfosec.com/team/bronwen-aker/About Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/About Ethan Robish - https://www.blackhillsinfosec.com/team/ethan-robish/ - Intro: AI Security News & Big Week Overview - Sponsors & Show Setup - AI-Built Zero Day: Google’s Disclosure - Skepticism, Validation & “Trust Me Bro” Problem - Chinese Gray Market & Model Access Risks - Hugging Face Typosquatting & Fake Models - LLM Self-Replication Research & Realistic Threats - Final Takeaways: AI as the New Attack Surface Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Derek Banks - Host Bronwen Aker - Host Ethan Robish - Guest Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com <a href="https://share.transistor.fm/s/27d92a8e/transcript"
- 3 weeks ago17 min
Agent Pentest Benchmarking | Episode 52
In this episode of BHIS Presents: AI Security Ops, the team breaks down a new benchmarking framework designed to evaluate AI pentesting agents against real-world offensive security scenarios.What began as experimental evaluation of “can AI hack?” has quickly shifted into something much closer to operational reality. Organizations are now seeing a surge in agentic tooling and automated pentesting workflows, where human-guided AI systems consistently outperform fully autonomous agents in complex, unsupervised environments.As AI tooling evolves, teams must balance speed with validation, monitoring, and oversight as offensive capabilities outpace defenses.We dig into:The new “AutoPenBench” framework for benchmarking AI pentesting agentsWhy fully autonomous AI hacking only achieved a 21% success rateHow human-assisted AI workflows increased success rates to 64%Testing AI agents against Log4Shell, Heartbleed, Spring4Shell, and classic web exploitsWhy modern offensive AI systems still require heavy human oversight and validationHow custom internal AI frameworks are already finding vulnerabilities humans missedThe operational role of prompt engineering, scaffolding, and agent memoryReal examples of AI agents mis-scoping infrastructure and chasing irrelevant targetsHow AI lowers the barrier for ransomware operations and offensive capability developmentWhy defensive teams need stronger edge visibility, packet capture, and AI-aware monitoring strategies⸻📚 Key Concepts & TopicsAI Pentesting & Agentic SecurityAutonomous AI hacking agentsAgentic AI workflowsAI-assisted penetration testingOffensive security automationBenchmarking & EvaluationAutoPenBenchAI security benchmarkingHuman-in-the-loop validationLong-horizon task evaluationOffensive Security OperationsSQL injectionPath traversalLog4Shell / Heartbleed / Spring4ShellKali Linux offensive toolingAI Infrastructure & Model OperationsPrompt engineeringPersistent agent memoryRoleplay jailbreak techniquesGuardrail reduction strategiesDefensive Security StrategyDefense in depthEdge network monitoringZeek network analysisPacket capture visibilityIndustry & Threat ImplicationsAI-enabled ransomware operationsAI-assisted red teamingInfrastructure scoping failures Operational scalability challenges#AISecurity #CyberSecurity #Pentesting #AIAgents #RedTeam #EthicalHacking #CyberDefense---------------------------------------------------------------------------------------------- - Video Intro and Sponsor - Al Pentesting Benchmark Overview - How AutoPenBench Works - Real World Results and Experience - Real World Results and Experience - Human and Al Collaboration - Improving Al Agent Workflows - Model Limitations and Updates - Jailbreaks and Model Guardrails - Provider Controls and Trust Factors - Lower Barrier for Cyber Attacks - Defensive Security Implications - Why Red Teams Need Al Now Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Derek Banks - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the
- 3 weeks ago13 min
AI and Bug Bounties | Episode 51
In this episode of BHIS Presents: AI Security Ops, the team breaks down a growing problem in cybersecurity: AI-generated bug bounty “slop” overwhelming the system.What started as a powerful way to crowdsource vulnerability discovery is now hitting a breaking point. Programs like cURL’s bug bounty and platforms like HackerOne are seeing a massive surge in submissions — but fewer and fewer of them are actually valid.The result? Security teams spending hours reviewing reports that go nowhere, while real vulnerabilities risk getting buried in the noise.We dig into:• Why cURL shut down its bug bounty program after years of success• How valid reports dropped from 1-in-6 to 1-in-20• What “death by a thousand slops” actually looks like in practice• How AI is flooding programs with low-quality vulnerability reports• The difference between “theoretical” vs. exploitable vulnerabilities• Why reviewing findings is now harder than generating them• How HackerOne is responding to the surge in submissions• Whether AI can be used to filter AI-generated noise• The role of reproducibility and proof-of-impact in triage• Why human expertise still matters in vulnerability validationThis episode explores a critical shift in security operations: when vulnerability discovery becomes cheap and automated, validation and triage become the real bottleneck.⸻📚 Key Concepts & TopicsBug Bounty Programs & Triage• Submission quality vs. volume imbalance• Signal-to-noise challenges in vulnerability pipelines• The growing burden of manual validationAI in Vulnerability Discovery• Automated scanning vs. real exploitability• AI-generated findings and false positives• The “editor’s dilemma” — review vs. generationAI Security Risks• Lower barrier to entry for vulnerability discovery• Over-reliance on AI without domain expertise• Flooding systems with low-quality submissionsDefensive Strategy• Requiring reproducible steps and proof-of-impact• Using AI to pre-filter vulnerability reports• Combining human expertise with AI toolingIndustry Impact• cURL bug bounty shutdown• HackerOne submission pause• Shifting economics of vulnerability research#AISecurity #BugBounty #CyberSecurity #LLMSecurity #ArtificialIntelligence #InfoSec #BHIS #AIAgents #AppSec---------------------------------------------------------------------------------------------- - Intro: Bug Bounty Burnout & AI Noise - cURL Kills Its Bug Bounty Program - “Death by a Thousand Slops” Explained - AI vs Vulnerability Scanners: Signal vs Noise - HackerOne Pauses Submissions & Industry Impact - Can AI Filter AI? Proposed Solutions - Why Humans Still Matter in Validation - Final Takeaway: AI as a Tool, Not a Replacement Click here to watch this episode on YouTube. Creators & Guests Ethan Robish - Guest Bronwen Aker - Host Brian Fehrman - Host Derek Banks - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.
- May 1, 202617 min
Vercel Breach | Episode 50
In this episode of BHIS Presents: AI Security Ops, the team breaks down the Vercel breach — a real-world incident that shows just how fragile modern security has become in the age of AI integrations and SaaS sprawl.What started as a simple Roblox cheat script downloaded on a work laptop quickly escalated into a multi-hop compromise involving OAuth permissions, an AI productivity tool, and access into Vercel’s internal systems.This wasn’t a zero-day or advanced nation-state exploit. It was a chain of everyday decisions: installing software, clicking “Allow,” and trusting third-party integrations.The result? Allegedly $2M worth of data listed for sale, including API keys, internal data, and employee records — all from a breach path that most organizations aren’t even monitoring.We dig into:• What Vercel is and why it’s such a high-value target• How environment variables become the “keys to the kingdom”• The full attack chain: Roblox malware → Context.ai → Vercel• What infostealers like Lumma actually do (and how cheap they are)• How OAuth permissions become persistent backdoors• Why AI productivity tools introduce hidden risk• The rise of “shadow AI” inside organizations• How supply chain attacks continue to scale across ecosystems• The role of AI in accelerating attacker speed and capability• Why this type of breach is becoming the new normalThis episode highlights a critical shift in cybersecurity: you don’t have to get hacked directly anymore — attackers just need to compromise something you’ve already trusted.⸻📚 Key Concepts & TopicsAttack Chain & Initial Access• Lumma infostealer and malware-as-a-service• Credential theft: passwords, cookies, OAuth tokens• Low-cost, high-impact compromise pathsOAuth & Identity Risk• “Allow All” permissions and persistent access• OAuth tokens as long-lived entry points• Lack of visibility into third-party integrationsAI Security Risks• Shadow AI and unsanctioned tool adoption• Deep integrations with Google Workspace and SaaS• AI tools as new supply chain attack surfacesSupply Chain Attacks• Multi-hop compromise paths across vendors• Real-world parallels (Trivy, LiteLLM)• Interconnected ecosystems increasing blast radiusThreat Landscape Evolution• AI accelerating attacker speed and scale• Lower barrier to entry for complex attacks• Criminal groups operating as decentralized “businesses”Defensive Strategy• Auditing OAuth integrations and permissions• Enforcing least privilege across SaaS tools• Segmenting sensitive data and reducing blast radius• Avoiding risky behavior on corporate devices⏱️ Chapters - Intro & Breach Overview - Sponsors & Show Setup - What Vercel Is & Why It Matters - Initial Compromise: Roblox Script & Infostealer - OAuth Permissions & Pivot into Vercel - AI Tools, Over-Permissioning & Supply Chain Risk - AI Acceleration of Attacks & Ecosystem Impact - Threat Actors, Attribution & Key Takeaways Click here to watch this episode on YouTube. Creators & Guests Brian Fehrman - Host Ethan Robish - Guest Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.
- Apr 24, 202625 min
Claude Mythos | Episode 49
In this episode of BHIS Presents: AI Security Ops, the team breaks down Claude Mythos Preview — Anthropic’s unreleased frontier model that may represent a turning point in AI-powered cybersecurity.What started as a controlled research release under Project Glasswing has quickly become one of the most controversial developments in AI security. Mythos isn’t just better at finding vulnerabilities — it’s operating at a scale and depth that challenges long-held assumptions about how quickly software can be broken… and whether it can realistically be fixed.From leaked internal documents to real-world exploit generation, this episode explores what happens when vulnerability discovery becomes cheap, fast, and automated — while remediation remains slow, manual, and human-bound.The result? A growing asymmetry that could fundamentally reshape the security landscape.We dig into:• What Claude Mythos Preview is and why it was withheld from the public• The leaks that exposed its existence and capabilities• How Project Glasswing is positioning AI for defensive use• Real-world vulnerability discoveries made by the model• The “vulnpocalypse” problem: discovery vs. remediation imbalance• Emerging AI behaviors that raise containment concerns• How attackers are already leveraging AI for offensive operations• The access control dilemma: who gets to use models like this?• Why patching — not discovery — is now the primary bottleneck• What defenders must do to prepare for AI-accelerated exploitationThis episode explores a critical shift in cybersecurity: when vulnerability discovery scales faster than human response, the entire defensive model starts to break down.⸻📚 Key Concepts & TopicsAI-Powered Vulnerability Discovery• Autonomous exploit generation and chaining• Benchmark performance vs. prior models• AI-assisted offensive security workflowsAI Security Risks• Discovery vs. remediation asymmetry• AI-driven vulnerability scaling• Offensive use by nation-states and cybercriminalsModel Behavior & Safety• Emergent autonomy and sandbox escape concerns• Evaluation awareness and deceptive behaviors• Limits of containment and alignmentDefensive Strategy & Readiness• Patch velocity as the new bottleneck• AI-assisted vulnerability management• Open-source ecosystem risk exposureAI Governance & Industry Response• Restricted model releases and access control• Regulatory and financial sector concerns• The future of AI capability containment#AISecurity #CyberSecurity #ArtificialIntelligence #LLMSecurity #BHIS #AIThreats #InfoSec #AIAgents #CyberDefense - Intro & Show Overview - Sponsors, Hosts, and Episode Setup - What Is Claude Mythos Preview? - The Leak, Project Glasswing, and Restricted Access - Capabilities: Exploits, Benchmarks, and Breakthroughs - Real-World Vulnerabilities & “Vulnpocalypse” Concerns - Access Control, Threat Actors, and Emerging Risks - Defensive Strategy: Patching, AI Tools, and What Comes Next - Defensive Strategy: Patching, AI Tools, and What Comes Next Click here to watch this episode on YouTube. Creators & Guests Derek Banks - Host Bronwen Aker - Host Brian Fehrman - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecountermeasures.comWild West Hackin Festhttps://wildwesthackinfest.com🔗 Register for FREE Infosec Webcasts, Anti-casts & Summitshttps://poweredbybhis.com Click here to view the episode transcript.
- Apr 22, 202651 min
Holocron OpenBrain with Alex Minster | Episode 48
In this episode of BHIS Presents: AI Security Ops, the team is joined by Alex Minster to demo his project: HOLOCRON OpenBrain with — a persistent, model-agnostic memory layer designed to solve one of the biggest frustrations in AI workflows.Instead of starting from scratch every time you open a new chat, Alex’s approach creates a centralized “brain” that multiple AI models can connect to, allowing context, notes, and intelligence to persist across sessions, tools, and even platforms.The result? A flexible system that captures thoughts, ingests threat intel, and generates structured outputs — all without locking you into a single AI provider.We dig into:• The “cold start” problem in AI and why it breaks real workflows• What the OpenBrain HOLOCRON is (and isn’t)• How centralized memory changes the way we interact with AI tools• The architecture: Supabase, OpenRouter, MCP, and multi-model access• Using Discord as a lightweight ingestion pipeline for persistent memory• Real-world CTI workflows: capturing intel and generating reports on demand• Managing, editing, and superseding memory over time• The tradeoffs between context richness and security exposure• Multi-model reliability differences (and why they matter)• Practical setup: what it takes to build your own systemThis episode highlights a shift in how AI is used operationally: moving from isolated chats to persistent, structured memory systems that can evolve alongside your work.⸻📚 Key Concepts & TopicsPersistent AI Memory• Solving the “cold start” problem• Centralized context across multiple models• Structured vs raw data ingestionAI Architecture & Tooling• Supabase as a backend memory store• OpenRouter for multi-model access• MCP protocol for integrationsCyber Threat Intelligence (CTI)• Capturing, tagging, and prioritizing intel• Generating automated reports and dashboards• Context-aware intelligence workflowsSecurity & Privacy• Need-to-know data design• Avoiding overexposure via full integrations (email, docs, etc.)• Auditing and removing sensitive dataOperational Workflows• Capturing ideas, notes, and research• Multi-project memory segmentation (“multiple brains”)• Using AI to accelerate—not replace—analysis🔗 HOLOCRON GitHub Guide: https://github.com/belouve/open-brain-holocron🔗 Alex Minster: https://www.linkedin.com/in/alexminster/#AISecurity #CyberSecurity #AIWorkflows #LLM #ThreatIntel #DevSecOps #BHIS #OpenSource #AIEngineering - Intro & Guest Introduction (Alex Minster) - What Is the OpenBrain HOLOCRON? (Cold Start Problem) - How It Works: Centralized Memory & AI Integration - Architecture & Free-Tier Stack (Supabase, OpenRouter, MCP) - Demo: Capturing Thoughts via Discord - CTI Use Case: Prioritizing & Querying Intelligence - Managing Memory: Editing, Deleting & Superseding Data - Running Protocols: Automated CTI Reports (Demo) - Multi-Brain Concept & Segmentation - Real-World Output: Reports, Dashboards & Briefings - Multi-Model Differences (Claude vs ChatGPT) - Improving the System with Feedback Loops - How to Build Your Own OpenBrain - Real-World Benefits & Workflow Improvements - Security Considerations & Data Exposure Risks - Where to Find the Project & Contribute - Final Thoughts & Wrap-Up Click here to watch this episode on YouTube. Creators & Guests Bronwen Aker - Host Alex Minster "Belouve" - Guest Ethan Robish - Guest Brian Fehrman - Host Brought to you by:Black Hills Information Security https://www.blackhillsinfosec.comAntisyphon Traininghttps://www.antisyphontraining.com/Active Countermeasureshttps://www.activecou
About AI Security Ops
Join in on weekly podcasts that aim to illuminate how AI transforms cybersecurity—exploring emerging threats, tools, and trends—while equipping viewers with knowledge they can use practically (e.g., for secure coding or business risk mitigation).
Customized Recaps
AI-powered recaps with compact key takeaways, quotes, and insights.
Straight to Your Inbox
Get key takeaways from AI Security Ops in a 5-minute read.
Save Hours Every Week
Stay current on your favorite podcasts without falling behind.
Frequently Asked Questions
What is Podzilla's AI Security Ops daily summary?
It's a free AI-powered email that summarizes new episodes of AI Security Ops as soon as they're published. You get the key takeaways, notable quotes, and links & mentions — all in a quick read.
How does the AI Security Ops podcast summary work?
When a new episode drops, our AI transcribes and analyzes it, then generates a personalized summary tailored to your interests and profession. It's delivered to your inbox every morning.
Is this an official AI Security Ops product?
No. Podzilla is an independent service that summarizes publicly available podcast content. We're not affiliated with or endorsed by Black Hills Information Security.
Can I get summaries of other podcasts too?
Absolutely! The free plan covers up to 3 podcasts. Upgrade to Pro for 15, or Premium for 50. Browse our full catalog at /podcasts.
How often does AI Security Ops release new episodes?
AI Security Ops publishes weekly. Our AI generates a summary within hours of each new episode.
What topics does AI Security Ops cover?
AI Security Ops covers topics including News, Education. Our AI identifies the specific themes in each episode and highlights what matters most to you.
Start getting AI Security Ops summaries tomorrow morning.
Free forever for up to 3 podcasts. No credit card required.
Free forever for up to 3 podcasts. No credit card required.