Ep 9 | Brendan Dolan-Gavitt & Vincent Olesen - Agents Exploiting "Auth-by-One" Errors | [un]prompted 2026 episode artwork

EPISODE · May 28, 2026 · 18 MIN

Ep 9 | Brendan Dolan-Gavitt & Vincent Olesen - Agents Exploiting "Auth-by-One" Errors | [un]prompted 2026

from [un]prompted Security Practitioner Con 2026 · host [un]prompted

Day 1 | Stage 1Presents techniques for finding and validating access control flaws using AI agents. Uses strict validators for identifying successful logins (AuthN) and protected resource access (AuthZ) to build capable attack agents. Shows how to enable LLM-powered agents to discover and validate access control vulnerabilities at scale.Brendan Dolan-Gavitt is AI Researcher, XBOW.Vincent Olesen is AI Researcher, XBOW.Watch on YouTube: https://www.youtube.com/watch?v=996zolUsXog

Day 1 | Stage 1Presents techniques for finding and validating access control flaws using AI agents. Uses strict validators for identifying successful logins (AuthN) and protected resource access (AuthZ) to build capable attack agents. Shows how to enable LLM-powered agents to discover and validate access control vulnerabilities at scale.Brendan Dolan-Gavitt is AI Researcher, XBOW.Vincent Olesen is AI Researcher, XBOW.Watch on YouTube: https://www.youtube.com/watch?v=996zolUsXog

NOW PLAYING

Ep 9 | Brendan Dolan-Gavitt & Vincent Olesen - Agents Exploiting "Auth-by-One" Errors | [un]prompted 2026

0:00 18:19

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of [un]prompted Security Practitioner Con 2026?

This episode is 18 minutes long.

When was this [un]prompted Security Practitioner Con 2026 episode published?

This episode was published on May 28, 2026.

What is this episode about?

Day 1 | Stage 1Presents techniques for finding and validating access control flaws using AI agents. Uses strict validators for identifying successful logins (AuthN) and protected resource access (AuthZ) to build capable attack agents. Shows how to...

Can I download this [un]prompted Security Practitioner Con 2026 episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!