We fine-tuned an 8B model to pop a GOAD domainβ¦using only synthetic training data. No real networks. No frontier model distillation. Just a world model that simulates AD environments and generates realistic pentesting trajectories.
See how we did it: dreadnode.io/blog/worlds-...
β¨ Read more in @dreadnode.bsky.social's latest "From Compute to Congress" policy blog on why offensive security R&D deserves a seat at the table. It's time to back up our ambition with rigorous stress-testing. (4/4)
dreadnode.io/blog/from-co...
AI systems are only as strong as the adversarial testing behind them. Stress-testing under real-world attack conditions helps map emerging threats and informs defensive prioritiesβbefore systems go live, not after. (3/4)
AI capability and cyber resilience aren't competing prioritiesβthey're inseparable.
Winning the AI race means building systems that can withstand a rapidly evolving threat landscape. Security has to be foundational, not bolted on after the breakthroughs arrive. (2/4))
β The White House just launched the Genesis Mission, a bold bet on AI-enabled science. But there's a layer we can't afford to treat as an afterthought: cybersecurity. (1/4)
dreadnode.io/blog/from-co...
π’ Machine Speed is live with a second entry!
βοΈ Every Thursday, I am tracking three fronts: AI-enabled cyber attacks, AI-enabled defenses, and the policy frameworks struggling to keep pace.
β‘οΈ You can subscribe and read more here: open.substack.com/pub/velvetha...
βΌοΈ Every Thursday, I'll track three fronts: AI-enabled cyber attacks, AI-enabled defenses, and the policy frameworks struggling to keep pace. It's the threat landscape update for people who need to understand what machine-speed conflict actually looks like.
β¨ First issue just dropped. Check it out!
π€ As head of policy at @dreadnode.bsky.social, an offensive AI security startup, I watch this gap between AI-enabled threats and policy response grow wider by the day.
β I just launched a weekly newsletter: Machine Speed.
ποΈ Why? The longest federal government shutdown has finally ended. And in the midst of this chaos, cyber policy has been stalled and increasingly used as political leverage.
open.substack.com/pub/velvetha...
VERY happy to see the Senate is resurrecting and rebranding CISA 2015 as the Protecting America from Cyber Threats Act or PACT Act. Thank you to @hsgac.senate.gov for continuing to advocate for information sharing pathways in the cyber domain: www.hsgac.senate.gov/library/file...
In cyber conflict, there is no neutral ground. We either establish superiority, or we cede it to those who will use it against us.
Full @dreadnode.bsky.social analysis: dreadnode.io/blog/from-co...
The AI-enabled threat landscape operates at machine speed. Adversaries use AI to automate attacks faster than human defenders can respond.
Every day we treat cyber defense as political collateral is a day our adversaries advance at our expense. (3/4)
π Legislative Track:
- Reauthorize CISA 2015 (voluntary info sharing)
- Renew SLCGP (state/local cyber funding)
βοΈ Regulatory Track:
- Finalize CIRCIA (mandatory incident reporting)
- Formalize CISA-National Guard coordination under Title 32
(2/4)
𧡠Tonight at midnight, CISA 2015 and SLCGP expire as Congress debates another shutdown.
We're witnessing a cyber identity crisis: threats don't discriminate between civilian and military sectors, but our defenses remain fragmented. What needs to happen immediately: π§΅(1/4)
π― Just published in @warontherocks.bsky.social!
π° US $774B procurement power can automate security standards & make American tech the obvious choice on merit.
π€ My DARPA's #AIxCC experience + the @dreadnode.bsky.social talent show what's possible when we invest in secure-by-design technology.
β After talking AI Action Plan on @cyberscoop.bsky.social, wrote up @dreadnode.bsky.social thoughts on implementation β‘οΈ dreadnode.io/blog/five-ta...
βΌοΈ While we debate frameworks, adversaries build AI attack capabilities. We need: evaluation ecosystems, red teaming, and procurement standards.
v3 of Rigging is out now. If youβre working with LLMs to build agents or run evaluations, check it out. We just added:
- Prompt caching for supported providers
- A unified tool system for function calling and fallbacks to xml/json parsing
- Native MCP integration
docs.dreadnode.io/open-source/...
π€ New blog just dropped. Whatβs @dreadnode.bsky.socialβan offensive AI security companyβdoing poking around the policy space? Read on to find out.
Couldn't agree more: "We're going to move fast because we're going to set standards. [. . .] If we don't collaborate here β if we throw down on politics instead of getting the policy right β we won't move fast." @cantwell.senate.gov
www.youtube.com/watch?v=Fikh...
π£ Excited to share the @dreadnode.bsky.social crew's first response to a federal Request for Information!
π€ Whether you're already immersed in the tech policy space or simply want to learn more, don't hesitate to reach outβit's all hands on deck and that starts with you!
Drop whatever you're doing at 1pm EST and join us for some exciting mic drops because that's what we at @dreadnode.bsky.social do best π€ π₯
www.linkedin.com/events/73000...
