Unsupervised Learning

Some thoughts on how novelty and attention magnify the time that we have. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Stay Ahead of Cyber Threats with AI-Driven Vulnerability Management with Maze:https://mazehq.com/ In this conversation, I speak with Harry about how AI is transforming vulnerability management and application security. We explore how modern approaches can move beyond endless reports and generic fixes, toward real context-aware workflows that actually empower developers and security teams. We talk about: The Real Problem in Vulnerability ManagementWhy remediation—not just prioritization—remains the toughest challenge, and how AI can help bridge the gap between vulnerabilities and the developers who need to fix them. Context, Ownership, and VelocityHow linking vulnerabilities to the right applications and teams inside their daily tools (like GitHub) reduces friction, speeds up patching, and improves security without slowing developers down. AI Agents and the Future of SecurityWhy we should think of AI agents as “extra eyes and hands,” and how they’re reshaping everything from threat detection to system design, phishing campaigns, and organizational defense models. Attackers Move FirstHow attackers are already building unified world models of their targets using AI, and why defenders need to match (or exceed) this intelligence to stay ahead. From Days to MinutesWhy the tolerance for vulnerability windows is shrinking fast, and how automation and AI are pushing us toward a future where hours—or even minutes—make the difference. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Welcome and Harry’s Background01:07 – The Real Problem: Remediation vs. Prioritization04:31 – Breaking Down Vulnerability Context and Threat Intel05:46 – Connecting Vulnerabilities to Developers and Workflows08:01 – Why Traditional Vulnerability Management Fails10:29 – Startup Lessons and The State of AI Agents13:26 – DARPA’s AI Cybersecurity Competition14:29 – System Design: Deterministic Code vs. AI16:05 – How the Product Works and Data Sources18:01 – AI as “Extra Eyes and Hands” in Security20:20 – Breaking Barriers: Rethinking Scale with AI23:22 – Building World Models for Defense (and Attack)25:22 – Attackers Move Faster: Why Context Matters27:04 – Phishing at Scale with AI Agents31:24 – Shrinking Windows of Vulnerability: From Days to Minutes32:47 – What’s Next for Harry’s Work34:13 – Closing ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Upgrade your presentations with Gamma, the best AI presentation maker: https://gamma.app In this conversation, I speak with Grant, co-founder of Gamma, about how their platform is transforming presentations and idea-sharing. Instead of starting with slides, Gamma helps you focus on the story first—then builds the visuals, structure, and delivery around it using AI. We talk about: From Slides to StoriesWhy presentations should begin with narrative flow and core ideas, not pre-existing slide templates. Gamma enables creators to design around the message rather than being trapped by the format. AI as Your Presentation PartnerHow Gamma acts like a personal design expert—adjusting layouts, visuals, and style in real time—similar to having a world-class presentation coach and designer by your side. Idea Propagation Beyond SlidesWhy Gamma isn’t just about “slides,” but about propagating ideas in the right medium: presentations, video overlays, mobile-first content, or even context-based imagery and clips. The Future of GammaWhere the platform is headed in the next few years, and how AI-driven storytelling will redefine the way we share ideas across industries. Subscribe to the newsletter:https://danielmiessler.com/subscribe Join the UL community:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Introduction to Unsupervised Learning00:17 – Welcome Grant and Gamma’s Background01:31 – AI Trends Driving Presentation Innovation03:20 – Story First: Rethinking Workflow Beyond Slides04:29 – Building Narrative Flow Before Design07:42 – Gamma as an AI Presentation Partner09:43 – What Gamma Does Differently from Other Tools12:27 – Idea Propagation: Matching Message, Medium, and Audience13:23 – Enhancing Presentations with Images, Clips, and Context15:15 – Current Graphics and Animation Options17:03 – Most Popular and Favorite Features in Gamma18:05 – What’s Coming Soon in Gamma19:08 – The Future of Idea Propagation with AI20:46 – Where to Learn More About Gamma21:21 – Closing ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 497: STANDARD EDITION | More NPM Shenanigans, I Open Sourced Kai, Blood Work Results, Finding Vulns in a 10-line Prompt, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-497 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 496: STANDARD EDITION | New Video on Building my Personal AI System, Anthropic Reveals One-person Hacking Company using Claude, Pentagon Says China Keeps Penetrating, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-496 Personal AI Video I'm so excited about Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode of Unsupervised Learning, I sit down with Michael Brown, Principal Security Engineer at Trail of Bits, to dive deep into the design and lessons learned from the AI Cyber Challenge (AIxCC). Michael led the team behind Buttercup, an AI-driven system that secured 2nd place overall. We discuss: -The design philosophy behind Buttercup and how it blended deterministic systems with AI/ML -Why modular architectures and “best of both worlds” approaches outperform pure LLM-heavy -designs -How large language models performed in patch generation and fuzzing support -The risks of compounding errors in AI pipelines — and how to avoid them -Broader lessons for applying AI in cybersecurity and beyond If you’re interested in AI, security engineering, or system design at scale, this conversation breaks down what worked, what didn’t, and where the field is heading. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-494 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows. We talk about: Unifying AppSec, Cloud, and SOC into One Data Lake How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board. From Detection to Dynamic Prevention Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production. AI-Powered Insight and the Future of Secure DevOpsHow their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it.   Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler   Chapters: 00:00 – Sarit’s Background and the Goal of Unifying Security Context01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec06:47 – Using Business Context to Drive Risk-Based Decisions10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact13:12 – Continuous Discovery and Bringing External Signals Into One View15:25 – Why App Grouping and Context-Rich Policies Increase Velocity17:58 – How Attackers Are Already Building Their Own Unified Context (UEC)20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control21:56 – Bringing In Data From External Scanners and Enriching Coverage24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation25:05 – Closing Thoughts: Security and Developers Working TogetherBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 489: STANDARD EDITION | My personal toolchain updates, Google tracking through DuckDuckGo, Anthropic’s Pentagon Deal, Grok4 NSFW, Substack Crushes WSJ, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-489 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 488: STANDARD EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-488 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 487: STANDARD EDITION: Iranian Critical Infra Attacks, Insane Recent Productivity, A Chinese Mosquito Drone, Marcus's Response to Our AI Debate, "Context Engineering" Ain't It, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-487 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Marcus and I debate AIs capabilities from nearly polar opposite ends. He thinks it's basically autocomplete, and I think it's the most important tech we've ever built as humans. It was a fantastic, and very civil conversation, so thanks to Marcus for that, and we're already planning on Part 2. This two-hour discussion covers: 🧠 The real risks of AI vs. the imagined ones🔐 How security researchers view AI's capabilities🤖 The blurry line between useful and dangerous automation ⚖️ Bias, alignment, and who gets to control intelligence 📉 Whether AI might ultimately collapse under its own complexity Marcus Hutchins is best known for stopping the WannaCry ransomware attack and brings a sharp, skeptical perspective to AI. Marcus' Website: https://marcushutchins.com Watch the interview on YouTube: https://youtu.be/I9-iD_rLRjA Subscribe to the UL newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Follow Marcus on LinkedIn: https://www.linkedin.com/in/malwaretech/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 486: STANDARD EDITION: Fully Automated AI Malware (Binary and Web), My Debate with Marcus Hutchins on AI, The 'Did You Notice?' Psyop, The METR AI Metric for Longterm Tasks, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-486 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

STANDARD EDITION: Netflix RCE, My Current AI Stack, All-in on Claude Code, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-485 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 484: STANDARD EDITION: OpenAI's Malicious AI Report, Disappointed with WWDC, AI's First Actual Science Breakthrough, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-484 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

A Chrome 0-Day, Meta Automates Security Assessments, New Essays, My New Video on Hacking with AI, Ukraine's Asymmetrical Attack, Thoughts on My AI Skeptical Friends, The Dangers of Winning the Wrong Game, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-483 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Sponsored by Vanta. Vanta takes the busywork out of GRC so you can focus on what actually matters—improving your security, not chasing compliance. https://ul.live/vanta This isn’t just another AI podcast. It’s about the deeper shift that’s happening in cybersecurity—away from individual tools and dashboards, and toward real-time, comprehensive world models of what we’re trying to protect or attack. I'll walk through how I came to this idea, what it means for security assessments, red teaming, vuln management, and beyond—and why context, not AI, is the actual revolution. 📽️Check out the full video here: https://youtu.be/UwTTcka1Wd8 Topics covered: Why the core problem in security is organizational knowledge Unified Entity Context (UEC) as the future architecture Modular, AI-augmented security stacks Why every attacker and defender will soon be running one How this flips the AI conversation on its head If you care about where hacking, automation, and AI are headed—this is the blueprint. 📬Subscribe for updates about trends and ideas in Cybersecurity, National Security, AI, Technology, and Society👇🏼 https://newsletter.danielmiessler.com/ 👉🏻 X (Twitter): https://ul.live/x 👉🏻 Instagram: https://ul.live/ig 👉🏻 BlueSky: https://ul.live/bluesky 👉🏻 LinkedIn: https://ul.live/liBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

AI Finds an 0-Day!, Postman Leaking Secrets, High Agency Mental Model, My Unified Entity Context Video, Github MCP Leaks Private Repos, Google vs. OpenAI vs. Apple on AI Vision, and more... You are currently listening to the Standard version of the podcast, consider upgrading and becoming a member to unlock the full version and many other exclusive benefits here: https://newsletter.danielmiessler.com/upgrade Read this episode online: https://newsletter.danielmiessler.com/p/ul-482 Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

🔹 Thanks to ProjectDiscovery for sponsoring today’s video. I've been using their tools like Nuclei and Subfinder for years, and now they’ve brought that power to the cloud with a full vulnerability management platform. ➡ Try it yourself at https://ul.live/PD1 For over a decade, I've been exploring how AI and context intersect—and I believe Unified Entity Context (UEC) is the key to unlocking what comes next. In this podcast, I walk through my journey—from security assessments and AI-powered tools to building real-world demos like Alma and Threshold. The core idea? That most hard decisions are only hard because we lack the necessary context. With rich, accurate, and fresh context, even complex decisions become simple. If you're building in security, investing in AI, or just trying to understand where things are heading, this concept might reframe everything. Check out the full video here: https://youtu.be/IHUqk90ch7IBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

What really happened at RSA 2024? Daniel Miessler and Jason Haddix break it down. Fresh off a whirlwind RSA week, Daniel sits down with Jason Haddix (Arcanum Information Security) to talk about what mattered—beyond the show floor noise. From off-site innovation summits to real-world AI implementation, this deep dive covers: -Where the real innovation happened (hint: not on the show floor)-Key takeaways from the OpenAI and Airbnb AI Security events-Jason’s talk on AI pentesting methodology and the Prompt Injection Taxonomy -The future of cybersecurity moats and the risk of AI-native disruption -Why agents aren’t the main character—data is -DARPA's AIxCC competition and the rise of Cyber Reasoning Systems -Challenges with evals, autonomous security workflows, and VDP backlash -Behind the scenes at RSA: puppies, parties, burnout, and brutal honesty They also explore content creation, the future of platform-native context, and why being opinionated (with receipts) matters more than ever in security and tech.  Jason's Company https://arcanum-sec.comBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.