Episode 189: The Present and Future of AI-enabled Pentesting
In episode 189 of Cybersecurity Where You Are, Sean Atkinson sits down with Ed Skoudis, President of SANS Technology Institute. Together, they discuss the present and future of pentesting enabled by artificial intelligence (AI).
Here are some highlights from our episode:
- 00:39. Introductions to Ed
- 01:49. The promise of AI-enabled pentesting in creating more secure infrastructure
- 04:52. AI-enabled and AI-centric workflows in the realm of penetration testing
- 08:03. Wranglers, matadors, and centaurs, oh my! Metaphors for AI-enabled pentesters
- 13:00. How AI can assist with reporting, enumeration, and scanning as part of a pentest
- 14:57. AI-enabled source-assisted pentesting and the types of vulnerabilities it finds
- 19:50. A learning opportunity for the broader cybersecurity community
- 23:44. How AI and human analysts could split the workload in a future penetration test
- 25:54. AI-enabled pentesting vs. AI pentester in a box
- 29:51. Why "human in the loop" might be too passive a phrase
- 30:37. The use of AI for source code development
Resources
- Mythos AI: What Actually Matters for Cybersecurity Leaders
- Secure by Design
- SEC543: AI-Assisted Source Code Analysis and Exploitation for Penetration Testers
- Episode 108: Gaming and Competition in Cybersecurity
- Episode 59: Probing the Modern Role of the Pentest
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].
As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.