CyberWire Daily Pentesting at the speed of thought. [CyberWire-X]
6 snips
Jan 19, 2026 Snehal Antani, co-founder and CEO of Horizon3.ai and former DoD CIO/CTO, dives deep into the world of autonomous penetration testing. He discusses the critical need for continuous testing over traditional vulnerability scans, emphasizing the importance of prioritizing actionable security insights. Antani reveals alarming findings, like how one misconfigured EDR can lead to domain compromise across thousands of endpoints. He also shares his vision of AI hackers augmenting human efforts, predicting a future where AI enhances security resilience.
AI Snips
Chapters
Transcript
Episode notes
Being Overwhelmed By Vulnerability Lists
- Snehal Antani recalls getting lists of 100,000 vulnerabilities as CIO and needing to decide what not to fix.
- He describes forcing admins to skip family events to patch issues that often weren't exploitable.
Prioritize Risk By Showing Consequences
- Reduce risk with compensating controls, blast-radius limits, and improved detection rather than only patching.
- Show specific exploitable consequences to boards so they can prioritize resources effectively.
You Don't Know You're Secure Until Tested
- Antani realized he didn't know he was secure until an attacker showed up, so he wanted frequent testing.
- JSOC told him: don't tell me we're secure, show me repeatedly as environments change.