Offensive security resources for security practitioners.
Guides on autonomous pen testing, red teaming, BAS, and COST.
Insights from a closed-door roundtable on AI agent safety and governance, chaired by Bruce Schneier and hosted by FireCompass founder Bikash Barai. Participant comments are kept anonymous by agreement. The most useful thing about this roundtable was that nobody pretended to have the answer. A room of senior security leaders spent an hour on AI… Read More »AI Agents Are Doing Real Work. Governing Them Is the Unsolved Problem
Plenty of organizations end a quarter with a clean Breach and Attack Simulation (BAS) dashboard and a real breach in the same window. That is not a contradiction. It is a category being asked to answer a question it was never built to answer. BAS tells you whether your controls catch known attacker techniques. That… Read More »Breach and Attack Simulation (BAS): What It Validates, and How It Differs from CART, AI Pen Testing, and COST
AI is accelerating how fast attackers find vulnerabilities, build exploits, and make decisions. The question for security leaders is how to adapt without overreacting to the hype. A CISO Platform community panel of the same name took up that question with a global group: FireCompass founder and CEO Bikash Barai moderating, co-founder Arnab Chattopadhayay, a… Read More »The Mythos Threat Is Real: How CISOs Should Respond