AI Security Ops

In this episode of BHIS Presents: AI Security Ops, the team tackles one of the most urgent — and misunderstood — problems in modern security:

How do you actually secure AI agents?

Not hypothetically. Not in theory. But in the real world — where agents have access to your filesystem, your credentials, your network… and are making decisions on their own.

The answer isn’t a single control or tool — it’s a maturity model.

From “YOLO agent with full access” to fully instrumented, controlled, and observable systems, this episode walks through a five-level maturity model for...

In this episode of BHIS Presents: AI Security Ops, the team introduces a new approach to offensive security:

Fusion AI Pentesting.
https://www.blackhillsinfosec.com/fusion-penetration-testing/

As AI continues to reshape cybersecurity, one question keeps coming up — is AI replacing pentesters, or just changing how they work?

This episode answers that directly.

Rather than replacing human expertise, Fusion combines AI-driven discovery with human-led validation and exploitation, creating a workflow that’s faster, more scalable, and far more effective than either approach alone.

The result isn’t just more findin...

In this episode of BHIS Presents: AI Security Ops, the team looks at what it actually means to own your AI stack.

Open-weight models and open-source harnesses are no longer just lab toys. They are becoming practical options for security teams that care about where their prompts, code, client data, findings, and tooling actually live.

The core question: when your work depends on AI, how much control are you willing to give away?

We dig into:
- What data sovereignty means for security teams
- Why token sovereignty matters in agentic...

In this episode of BHIS Presents: AI Security Ops, the team digs into a problem every AI-enabled SOC eventually hits:

The demo looked great — until the inference bill showed up!

AI in SecOps gets expensive because security data is huge, repetitive, and constant. Logs, alerts, runbooks, tool definitions, and historical context all get pushed into models again and again. That burns money, slows systems down, and often makes answers worse.

The fix is not exotic. It is basic engineering: use smaller models where they work, cache what repeats, stop dumping raw logs, and sa...

In this episode of BHIS Presents: AI Security Ops, the team tackles a foundational question in modern AI security:

Is the real risk in the model… or in the harness around it?

For years, most conversations have focused on model behavior — prompt injection, refusals, alignment, and safety controls. But as AI systems evolve into full agents with tools, memory, and execution capabilities, the focus is shifting.

Increasingly, the real security boundary isn’t the model itself — it’s the harness: the code, integrations, permissions, and workflows that give AI systems real-world power.

And that...

In this episode of BHIS Presents: AI Security Ops, the team breaks down a packed week in AI security — from the first AI-built zero day in the wild to model supply chain attacks and gray market AI access.

What used to be theoretical is now operational. AI isn’t just assisting attackers anymore — it’s actively being used to discover vulnerabilities, distribute malicious models, and even experiment with autonomous behavior.

Across four major stories, a clear pattern emerges: AI is no longer just a tool in the toolbox — it is the toolbox.

We dig into:<...

In this episode of BHIS Presents: AI Security Ops, the team breaks down a new benchmarking framework designed to evaluate AI pentesting agents against real-world offensive security scenarios.

What began as experimental evaluation of “can AI hack?” has quickly shifted into something much closer to operational reality. Organizations are now seeing a surge in agentic tooling and automated pentesting workflows, where human-guided AI systems consistently outperform fully autonomous agents in complex, unsupervised environments.

As AI tooling evolves, teams must balance speed with validation, monitoring, and oversight as offensive capabilities outpace defenses.

We dig into...

In this episode of BHIS Presents: AI Security Ops, the team breaks down a growing problem in cybersecurity: AI-generated bug bounty “slop” overwhelming the system.

What started as a powerful way to crowdsource vulnerability discovery is now hitting a breaking point. Programs like cURL’s bug bounty and platforms like HackerOne are seeing a massive surge in submissions — but fewer and fewer of them are actually valid.

The result? Security teams spending hours reviewing reports that go nowhere, while real vulnerabilities risk getting buried in the noise.

We dig into:
• Why cURL shut down...

In this episode of BHIS Presents: AI Security Ops, the team breaks down the Vercel breach — a real-world incident that shows just how fragile modern security has become in the age of AI integrations and SaaS sprawl.

What started as a simple Roblox cheat script downloaded on a work laptop quickly escalated into a multi-hop compromise involving OAuth permissions, an AI productivity tool, and access into Vercel’s internal systems.

This wasn’t a zero-day or advanced nation-state exploit. It was a chain of everyday decisions: installing software, clicking “Allow,” and trusting third-party integrations.

The resu...

In this episode of BHIS Presents: AI Security Ops, the team breaks down Claude Mythos Preview — Anthropic’s unreleased frontier model that may represent a turning point in AI-powered cybersecurity.

What started as a controlled research release under Project Glasswing has quickly become one of the most controversial developments in AI security. Mythos isn’t just better at finding vulnerabilities — it’s operating at a scale and depth that challenges long-held assumptions about how quickly software can be broken… and whether it can realistically be fixed.

From leaked internal documents to real-world exploit generation, this episode expl...

In this episode of BHIS Presents: AI Security Ops, the team is joined by Alex Minster to demo his project: HOLOCRON OpenBrain with — a persistent, model-agnostic memory layer designed to solve one of the biggest frustrations in AI workflows.

Instead of starting from scratch every time you open a new chat, Alex’s approach creates a centralized “brain” that multiple AI models can connect to, allowing context, notes, and intelligence to persist across sessions, tools, and even platforms.

The result? A flexible system that captures thoughts, ingests threat intel, and generates structured outputs — all without locking yo...

In this episode of BHIS Presents: AI Security Ops, the team breaks down the LiteLLM supply chain compromise–a real-world attack that shows how AI systems are being breached through the same old software supply chain weaknesses.

What initially looked like a bad release quickly escalated into a full-scale compromise affecting a library downloaded millions of times per day. But LiteLLM wasn’t the starting point–it was just one link in a much larger attack chain involving compromised security tools, CI/CD pipelines, and stolen publishing credentials.

The result? Malicious packages distributed at scale, harves...

In this episode of BHIS Presents: AI Security Ops, the team breaks down model ablation — a powerful interpretability technique that’s quickly becoming a serious concern in AI security.

What started as a way to better understand how models work is now being used to remove safety mechanisms entirely. By identifying and disabling specific components inside a model, researchers — and attackers — can effectively strip out refusal behavior while leaving the rest of the model fully functional.

The result? A fast, reliable way to “de-safety” AI systems without prompt engineering, fine-tuning, or significant compute.

We dig into...

In this episode of BHIS Presents: AI Security Ops, the team explores embedding space attacks — a lesser-known but increasingly important threat in modern AI systems — and how attackers can manipulate the mathematical foundations of how models understand data.

Unlike prompt injection, which targets instructions, embedding attacks operate at a deeper level by influencing how data is represented, retrieved, and interpreted inside vector spaces. By subtly altering embeddings or poisoning data sources, attackers can manipulate AI behavior without ever touching the model directly.

Through a hands-on walkthrough of a custom notebook with rich visualizations, this episode brea...

In this episode of BHIS Presents: AI Security Ops, the team breaks down indirect prompt injection — the #1 risk in the OWASP Top 10 for LLM Applications — and why it represents one of the most dangerous and misunderstood threats in modern AI systems.

Unlike traditional attacks, indirect prompt injection doesn’t require malware, credentials, or even user interaction. Instead, attackers hide malicious instructions inside everyday content like emails, documents, or web pages — and wait for AI systems to unknowingly execute them.

From real-world exploits like EchoLeak to in-the-wild attacks observed by Palo Alto Unit 42, this episode explores how atta...

In this episode of BHIS Presents: AI Security Ops, Bronwen Aker and Dr. Brian Fehrman break down some of the top AI security concerns being discussed by researchers, security firms, and government agencies this year.

As AI capabilities rapidly expand, so does the attack surface. From agentic AI systems being used by attackers, to deepfakes at industrial scale, to the persistent challenge of prompt injection, security teams are trying to understand what risks are real, what’s hype, and where defenders should focus first.

We dig into:
- Why agentic AI is emerging as a...

We discuss the meaning of AI life In episode 42 of "BHIS Presents: AI Security Ops." Derek Banks is joined by Bronwen Aker and Brian Fehrman to break down Anthropic’s latest agentic desktop experiment: Claude Cowork.

Claude Cowork brings large language models directly onto the endpoint — giving Claude the ability to read, write, and organize files on your local machine. It’s designed to make powerful AI workflows accessible to non-technical users… but as with any tool that operates at the OS level, the security implications are significant.

We explore what happens when AI moves closer t...

In this episode of BHIS Presents: AI Security Ops, we’re joined by Beau Bullock and Hayden Covington to unpack one of the most talked-about AI agent experiments in recent memory: OpenClaw and its companion platform, Moltbook.

OpenClaw exploded onto the scene as an autonomous AI agent capable of operating Claude Code from the command line — executing tasks, monitoring output, and iterating with minimal human involvement. Shortly after, Moltbook emerged as a social platform designed specifically for AI agents to interact with one another.

But as with most cutting-edge AI experiments, things moved fast… and broke...

AI in the SOC: Interview with Hayden Covington and Ethan Robish from the BHIS SOC | Episode 40

In this episode of BHIS Presents: AI Security Ops, we sit down with Hayden Covington and Ethan Robish from the BHIS Security Operations Center (SOC) to explore how AI is actually being used in modern defensive operations.

From foundational machine learning techniques like statistical baselining and clustering to large language models assisting with alert triage and reporting, we dig into what works, what doesn’t, and what SOC teams should realistically expect from AI today.

We break do...

AI News | Episode 39

In this episode of AI Security Ops, we break down the latest developments in AI-driven threats, identity chaos caused by autonomous agents, NIST’s focus on securing AI in critical infrastructure, and new visibility tooling for AI exposure.

We cover real-world abuse of LLMs for phishing, how AI agents are colliding with IAM governance, and what defenders should be watching right now.

Chapters:
00:00 – Introduction and Sponsors
Black Hills Information Security - https://www.blackhillsinfosec.com/
Antisyphon Training - https://www.antisyphontraining.com/

01:08 – LLM-Generated Phishing JavaScript (Unit 4...

Click here to watch this episode on YouTube.

Creators & Guests Brian Fehrman - Host Joff Thyer - Host Derek Banks - Host

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com 

Click here...

In Episode 37 of AI Security Ops, the team breaks down the most important AI security frameworks and vulnerability databases used to track risks in machine learning and large language models. The discussion covers emerging AI vulnerability databases, the OWASP Top 10 for LLMs, CVE challenges, and frameworks like MITRE ATLAS, highlighting why standardizing AI threats is still difficult. This episode is a practical guide for security professionals looking to stay ahead of AI vulnerabilities, attack techniques, and defensive resources in a fast-moving landscape.

Chapters

This week on AI Security Ops, the team breaks down how attackers are weaponizing AI and the tools around it: a critical n8n zero-day that can lead to unauthenticated remote code execution, prompt-injection “zombie agent” risks tied to ChatGPT memory, a zero-click-style indirect prompt injection scenario via email/URLs, and malicious Chrome extensions caught siphoning ChatGPT/DeepSeek chats at scale. They close with a reminder that the tactics are often “same old security problems,” just amplified by AI—so lock down orchestration, limit browser extensions, and keep sensitive data out of chat tools.

Key stories discussed

1) n8...

AI Security Ops | Episode 35 – 2026 Predictions

In this episode, the BHIS panel looks into the crystal ball and shares bold predictions for AI in 2026—from energy constraints and drug development breakthroughs to agentic AI risks and cybersecurity threats.

Chapters

https://poweredbybhis.com

Join the 5,000+ cybersecurity professionals on our BHIS Discord server to ask questions and share your knowledge about AI Security.
https://discord.gg/bhis

AI Security Ops | Episode 34 – Why Did We Create This Podcast?
In this episode, the BHIS team explains the purpose behind AI Security Ops, what you can expect from future episodes, and why this show matters for anyone at the intersection of AI and cybersecurity.

Chapters

Community Q&A on AI Security | Episode 34

In this episode of BHIS Presents: AI Security Ops, our panel tackles real questions from the community about AI, hallucinations, privacy, and practical use cases. From limiting model hallucinations to understanding memory features and explaining AI to non-technical audiences, we dive into the nuances of large language models and their role in cybersecurity.

We break down:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

AI News | Episode 33
In this episode of BHIS Presents: AI Security Ops, the panel dives into the latest developments shaping the AI security landscape. From the first documented AI-orchestrated cyber-espionage campaign to polymorphic malware powered by Gemini, we explore how agentic AI, insecure infrastructure, and old-school mistakes are creating a fragile new attack surface.

We break down:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Model Evasion Attacks | Episode 32
In this episode of BHIS Presents: AI Security Ops, the panel explores the stealthy world of model evasion attacks, where adversaries manipulate inputs to trick AI classifiers into misclassifying malicious activity as benign. From image classifiers to malware detection and even LLM-based systems, learn how attackers exploit decision boundaries and why this matters for cybersecurity.

We break down:
- What model evasion attacks are and how they differ from data poisoning
- How attackers tweak features to byp...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Data Poisoning Attacks | Episode 31
In this episode of BHIS Presents: AI Security Ops, the panel dives into the hidden danger of data poisoning – where attackers corrupt the data that trains your AI models, leading to unpredictable and often harmful behavior. From classifiers to LLMs, discover why poisoned data can undermine security, accuracy, and trust in AI systems.

We break down:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

AI News Stories | Episode 30
In this episode of BHIS Presents: AI Security Ops, we break down the top AI cybersecurity news and trends from November 2025. Our panel covers rising public awareness of AI, the security risks of local LLMs, emerging AI-driven threats, and what these developments mean for security teams. Whether you work in cybersecurity, AI security, or incident response, this episode helps you stay ahead of evolving AI-powered attacks and defenses.

Topics Covered:

Only 5% of Americans are un...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

A Conversation with Dr. Colin Shea-Blymyer  | Episode 29

In this episode of BHIS Presents: AI Security Ops, the panel welcomes Dr. Colin Shea-Blymyer for a deep dive into the intersection of AI governance, cybersecurity, and red teaming. From the historical roots of neural networks to today’s regulatory patchwork, we explore how policy, security, and innovation collide in the age of AI. Expect candid insights on emerging risks, open models, and why defining your risk appetite matters more than ever.

Topics Covered:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

AI News Stories | Episode 28 – Questions from the Community
In this episode of BHIS Presents: AI Security Ops, the panel tackles real questions from the community, diving deep into the practical, ethical, and technical challenges of AI in cybersecurity. From red teaming tools to prompt privacy, this Q&A session delivers candid insights and actionable advice for professionals navigating the AI-infused threat landscape.

🧠 Topics Covered:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Azure AI Foundry Guardrails | Episode 27

In this episode of BHIS Presents: AI Security Ops, we explore how to configure content filters for AI models using the Azure AI Fooundry guardrails and controls interface. Whether you're building secure demos or deploying models in production, this walkthrough shows how to block unwanted content, enforce policy, and maintain compliance.

Topics Covered:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Questions from the Community | Episode 26
In this community-driven episode of BHIS Presents: AI Security Ops, the panel answers real questions from viewers about AI security, privacy, and risk. Featuring Brian Fehrman, Bronwen Aker, Jack Verrier, and Joff Thyer, the team dives into everything from guardrails and hallucinations to GDPR, agentic AI, and how to stay safe in an AI-saturated world.

💬 Topics include:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

AI News Stories | Episode 25
In this episode of BHIS Presents: AI Security Ops, the panel dives into the biggest AI cybersecurity headlines from late September 2025. From government regulation to zero-click exploits, we unpack the risks, trends, and implications for security professionals navigating the AI-powered future.

🧠 Topics Covered:

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Model Extraction Attacks | Episode 24
In this solo episode of BHIS Presents: AI Security Ops, Brian Fehrman explores the stealthy world of Model Extraction Attacks—where hackers clone your AI model without ever touching your code. Learn how adversaries can reverse-engineer your multimillion-dollar model simply by querying its API, and why this threat is more than just academic.

We break down:
- What model extraction is and how it works
- Real-world examples like DeepSeek’s alleged distillation of OpenAI...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

In this episode of AI Security Ops, Brian Fehrman and Joff Thyer dive into the latest AI news of the month, exploring how rapidly evolving technologies are reshaping cybersecurity.
Topics covered include:
 - How AI is changing cybersecurity monitoring
 - Expanding from email to Slack, Teams, and other chat platforms
 - Addressing insider threats and phishing campaigns in new channels
 - The rapid pace of AI innovation and industry trends
 - Why organizations should prioritize AI security...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Insider Threat 2.0 -  Prompt Leaks & Shadow AI | Episode 22

In this episode of BHIS Presents AI Security Ops, we dive into Insider Threat 2.0: Prompt Leaks & Shadow AI. The panel explores the hidden risks of employees pasting sensitive data into public AI tools, the rise of unauthorized “Shadow AI” in organizations, and how policies—or lack thereof—can expose critical information. Learn why free AI services often make you the product, how prompt history creates data leakage risks, and why companies must establish clear...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Episode 21 - Deepfakes And Fraudulent Interviews In Remote Hiring

In this episode of AI Security Ops by Black Hills Information Security, the crew explores the alarming rise of deepfakes and fraudulent interviews in remote hiring. As virtual work expands, cybercriminals are using AI-driven impersonation tactics to pose as job candidates, deceive recruiters, and gain unauthorized access to organizations. Joff, Bronwen Aker, Brian Fehrman, and Derek Banks break down real-world cases, explain the challenges of spotting deepfake job scams...

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com

Episode 20 - The Hallucination Problem

In this episode of AI Security Ops, Joff Thyer and Brian Fehrman from Black Hills Information Security dive into the hallucination problem in AI large language models and generative AI. 

They explain what hallucinations are, why they happen, and the risks they create in real-world AI deployments. The discussion covers security implications, practical examples, and strategies organizations can use to mitigate these issues through stronger design, monitoring, and tes...