| ▲ | danieltk76 8 hours ago | |
There are never ending ways to make agents better at hacking. Defense is clearly behind. At my startup we are constantly coming up with new defensive measures to put our hacking agent Sable against, and I've determined that you basically need to be air gapped in the future for a chance of survival. A SOC of AI agents can't keep up with 1 AI hacker on a network that is even remotely stealthy. it is a disaster. wrote an article about it: https://blog.vulnetic.ai/evading-an-ai-soc-with-sable-from-v... | ||
| ▲ | dangero 8 hours ago | parent | next [-] | |
Agree with this — the economics have completely changed. Along these lines, we all need to re-scope our personal cybersecurity. For example, developers should no longer run dev environments on the same machine where they access passwords, messages, and emails — no external package installation on that box at all. SaaS Password Managers — assume your vault will be stolen from whichever provider is hosting it. Ubikeys will be more important than ever to airgap root auth credentials. | ||
| ▲ | ofjcihen 4 hours ago | parent | prev [-] | |
“Sable began with an initial port scan of 10.10.1.10 and then authenticated to the target.” That would have started a P2 and woken up a senior IR responder anywhere that I’ve worked. Are you sure you’re running a realistic defender environment? | ||