In this episode, Nico Waisman, CISO at XBOW, explains how XBOW uses autonomous AI agents to run continuous, incremental penetration testing without triggering false-positive avalanches or taking down production systems. Joining him are Jacob Combs, CISO at Tandem Diabetes Care, and Davi Ottenheimer, president at Flying Penguin.
Want to know:
- Why can't traditional pen tests keep up with modern attack surfaces?
- How XBOW's attack credit model maps to the way security teams already size testing effort?
- What stops an autonomous pen testing agent from causing real damage in production?
- How incremental testing works when a new pull request changes the application?
- Where XBOW is headed on prompt injection and LLM-specific vulnerabilities?
- How you audit what the AI actually did during an assessment?
- What novel vulnerability chains are emerging as AI reasoning models get more capable?
Check out the episode for the answers you need.
Huge thanks to our sponsor, XBOW
