Sign in Subscribe
1 min read

NEBULA:FOG:PRIME – AI x Security Panel Discussion

It was an privilege to participate on this panel at the NEBULA:FOG:PRIME AI x Security Hackathon event on the 25th of January.
NEBULA:FOG:PRIME – AI x Security Panel Discussion
It was an awesome privilege to participate on this panel at the NEBULA:FOG:PRIME AI x Security Hackathon event! You can find out more about NEBULA:FOG here. If you want to stay up to date on next steps from the hackathon (or check out some of the hackathon projects and their demos) check out the NEBULA:FOG Reddit or Youtube Channel.

Panelists

  • Ariel Herbert-Voss: Founder of RunSybil and first security hire at OpenAI.
  • Will Pearce: CEO and founder of Dreadnode.io, with extensive experience as a network operator and security consultant, including building ERA teams at Microsoft and Nvidia.
  • Casey Ellis: Founder of Bugcrowd and co-founder of disclose.io, bringing over 20 years of offensive security expertise to help the community proactively tackle vulnerabilities.
  • Caleb Sima: Founder of Whiterabbit.vc, a YC-style accelerator for cybersecurity companies, and an industry veteran with over 25 years of experience, including senior roles at Capital One, Databricks, and Robinhood.

Some take aways from the panel...

  • LLMs enable faster and more scalable offensive security capabilities, allowing security researchers and attackers to automate and parallelize tasks. This "offense at scale" can outpace current defensive capabilities.
  • However, the widespread availability of LLMs has also enabled faster development of exploits and attacks, reducing the time defenders have to respond.
  • Bridging the gap between academic AI research and real-world security applications has been challenging, as academics focus more on benchmarks while security practitioners care more about practical outcomes.
  • When developing with LLMs, common pitfalls include having unrealistic expectations about their capabilities and not properly evaluating their reliability and consistency under real-world conditions.
  • To evaluate LLM-based security startups, key questions to ask include: What is the long-term defensibility of the solution? Does it actually require an LLM, or is it just "rubbing some AI on it"? And how well does it scale and perform consistently?

Published by:

caseyjohnellis