Unsupervised Learning (Member Edition)

There's tons of confusion about what we're all building towards with Personal AI. Are we building Agents? AI Harnesses? To what end? In this video I lay why I think we're all heading towards a single place that we should start getting ready for now. I think getting this early will put you 1-3 years ahead of everyone.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

A longer form discussion on exactly how and why AI will replace knowledge workers.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

I think the future is cheaper and Open Source SOTA models combined with context, not custom, narrow models.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

A troubling thought about what we will think about high-quality content in the future. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

There are a bunch of different transitions happening right now—all at the same time, all (I think) heading in the same direction. Here is a long-form exploration of the various pieces.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

A welcome back and early entry into 2026.  Sponsored by: Knocknoc!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

How we can use an output-based system to judge whether or not different kinds of technology achieve understanding or intelligence. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

How humans and AI models both share the weakness of deterioration without novel inputs. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Karpathy is confusing LLM limitations with AI system limitations, and that makes all the difference. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

How going from exploration to exploitation can help you as both a consumer and creator of everything.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Some thoughts on how novelty and attention magnify the time that we have. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Stay Ahead of Cyber Threats with AI-Driven Vulnerability Management with Maze:https://mazehq.com/ In this conversation, I speak with Harry about how AI is transforming vulnerability management and application security. We explore how modern approaches can move beyond endless reports and generic fixes, toward real context-aware workflows that actually empower developers and security teams. We talk about: The Real Problem in Vulnerability ManagementWhy remediation—not just prioritization—remains the toughest challenge, and how AI can help bridge the gap between vulnerabilities and the developers who need to fix them. Context, Ownership, and VelocityHow linking vulnerabilities to the right applications and teams inside their daily tools (like GitHub) reduces friction, speeds up patching, and improves security without slowing developers down. AI Agents and the Future of SecurityWhy we should think of AI agents as “extra eyes and hands,” and how they’re reshaping everything from threat detection to system design, phishing campaigns, and organizational defense models. Attackers Move FirstHow attackers are already building unified world models of their targets using AI, and why defenders need to match (or exceed) this intelligence to stay ahead. From Days to MinutesWhy the tolerance for vulnerability windows is shrinking fast, and how automation and AI are pushing us toward a future where hours—or even minutes—make the difference. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Welcome and Harry’s Background01:07 – The Real Problem: Remediation vs. Prioritization04:31 – Breaking Down Vulnerability Context and Threat Intel05:46 – Connecting Vulnerabilities to Developers and Workflows08:01 – Why Traditional Vulnerability Management Fails10:29 – Startup Lessons and The State of AI Agents13:26 – DARPA’s AI Cybersecurity Competition14:29 – System Design: Deterministic Code vs. AI16:05 – How the Product Works and Data Sources18:01 – AI as “Extra Eyes and Hands” in Security20:20 – Breaking Barriers: Rethinking Scale with AI23:22 – Building World Models for Defense (and Attack)25:22 – Attackers Move Faster: Why Context Matters27:04 – Phishing at Scale with AI Agents31:24 – Shrinking Windows of Vulnerability: From Days to Minutes32:47 – What’s Next for Harry’s Work34:13 – Closing ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Upgrade your presentations with Gamma, the best AI presentation maker: https://gamma.app In this conversation, I speak with Grant, co-founder of Gamma, about how their platform is transforming presentations and idea-sharing. Instead of starting with slides, Gamma helps you focus on the story first—then builds the visuals, structure, and delivery around it using AI. We talk about: From Slides to StoriesWhy presentations should begin with narrative flow and core ideas, not pre-existing slide templates. Gamma enables creators to design around the message rather than being trapped by the format. AI as Your Presentation PartnerHow Gamma acts like a personal design expert—adjusting layouts, visuals, and style in real time—similar to having a world-class presentation coach and designer by your side. Idea Propagation Beyond SlidesWhy Gamma isn’t just about “slides,” but about propagating ideas in the right medium: presentations, video overlays, mobile-first content, or even context-based imagery and clips. The Future of GammaWhere the platform is headed in the next few years, and how AI-driven storytelling will redefine the way we share ideas across industries. Subscribe to the newsletter:https://danielmiessler.com/subscribe Join the UL community:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 – Introduction to Unsupervised Learning00:17 – Welcome Grant and Gamma’s Background01:31 – AI Trends Driving Presentation Innovation03:20 – Story First: Rethinking Workflow Beyond Slides04:29 – Building Narrative Flow Before Design07:42 – Gamma as an AI Presentation Partner09:43 – What Gamma Does Differently from Other Tools12:27 – Idea Propagation: Matching Message, Medium, and Audience13:23 – Enhancing Presentations with Images, Clips, and Context15:15 – Current Graphics and Animation Options17:03 – Most Popular and Favorite Features in Gamma18:05 – What’s Coming Soon in Gamma19:08 – The Future of Idea Propagation with AI20:46 – Where to Learn More About Gamma21:21 – Closing ThoughtsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 497: MEMBER EDITION | More NPM Shenanigans, I Open Sourced Kai, Blood Work Results, Finding Vulns in a 10-line Prompt, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-497 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 496: MEMBER EDITION | New Video on Building my Personal AI System, Anthropic Reveals One-person Hacking Company using Claude, Pentagon Says China Keeps Penetrating, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-496 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 494:  MEMBER EDITION | AI Finds a P1, I Missed Chartbeat So I Made My Own, XBow Open-Sources Their AI Bot, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-494 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Prevent Risk At The Source with Cortex Cloud: https://www.paloaltonetworks.com/cortex/cloud/application-security In this sponsored conversation, I speak with Sarit Tager, VP of Product Management at Palo Alto Networks, about how Prisma Cloud and their new ASPM solution are transforming cloud and application security by unifying data and deeply integrating business context into AppSec workflows. We talk about: Unifying AppSec, Cloud, and SOC into One Data Lake How Palo Alto merged their products into a single system that consolidates runtime, code, identity, cloud, and SOC data, allowing for true context-aware risk prioritization and faster response times across the board. From Detection to Dynamic Prevention Why the future of application security isn’t just about discovering vulnerabilities, but enforcing smart, context-based guardrails during development, CI/CD, and build processes to prevent issues before they reach production. AI-Powered Insight and the Future of Secure DevOpsHow their system uses AI to analyze the full security posture, enrich findings, simulate attack paths, and recommend precise mitigations. The platform even helps guide security and engineering teams through better workflows, boosting velocity, and not blocking it.   Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler   Chapters: 00:00 – Sarit’s Background and the Goal of Unifying Security Context01:50 – Building a Single Data Lake for Cloud, SOC, and AppSec04:28 – From Noise to Clarity: Fixing the Prioritization Problem in AppSec06:47 – Using Business Context to Drive Risk-Based Decisions10:18 – True App Ownership, Developer Velocity, and Aligning with Business Impact13:12 – Continuous Discovery and Bringing External Signals Into One View15:25 – Why App Grouping and Context-Rich Policies Increase Velocity17:58 – How Attackers Are Already Building Their Own Unified Context (UEC)20:45 – Prisma’s Control Points: IDE, PR, CI/CD, Image, Admission Control21:56 – Bringing In Data From External Scanners and Enriching Coverage24:23 – Ecosystem Signals, Query Language, and Intelligent Workflow Automation25:05 – Closing Thoughts: Security and Developers Working TogetherBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 489:  MEMBER EDITION | My personal toolchain updates, Google tracking through DuckDuckGo, Anthropic’s Pentagon Deal, Grok4 NSFW, Substack Crushes WSJ, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-489 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 488: MEMBER EDITION | Google Granting Confusing Access to Gemini, A New Favorite Creator, Russia's new Autonomous Drones, Claude Code Madness and Neovim Config, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-488 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Iranian Critical Infra Attacks, Insane Recent Productivity, A Chinese Mosquito Drone, Marcus's Response to Our AI Debate, "Context Engineering" Ain't It, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-487 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

UL NO. 486: MEMBER EDITION: Fully Automated AI Malware (Binary and Web), My Debate with Marcus Hutchins on AI, The 'Did You Notice?' Psyop, The METR AI Metric for Longterm Tasks, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-486 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: Netflix RCE, My Current AI Stack, All-in on Claude Code, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-485 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: OpenAI's Malicious AI Report, Disappointed with WWDC, AI's First Actual Science Breakthrough, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-484 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

A Chrome 0-Day, Meta Automates Security Assessments, New Essays, My New Video on Hacking with AI, Ukraine's Asymmetrical Attack, Thoughts on My AI Skeptical Friends, The Dangers of Winning the Wrong Game, and more...Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Sponsored by Vanta. Vanta takes the busywork out of GRC so you can focus on what actually matters—improving your security, not chasing compliance. https://ul.live/vanta This isn’t just another AI podcast. It’s about the deeper shift that’s happening in cybersecurity—away from individual tools and dashboards, and toward real-time, comprehensive world models of what we’re trying to protect or attack. I'll walk through how I came to this idea, what it means for security assessments, red teaming, vuln management, and beyond—and why context, not AI, is the actual revolution. 📽️Check out the full video here: https://youtu.be/UwTTcka1Wd8 Topics covered: Why the core problem in security is organizational knowledge Unified Entity Context (UEC) as the future architecture Modular, AI-augmented security stacks Why every attacker and defender will soon be running one How this flips the AI conversation on its head If you care about where hacking, automation, and AI are headed—this is the blueprint. 📬Subscribe for updates about trends and ideas in Cybersecurity, National Security, AI, Technology, and Society👇🏼 https://newsletter.danielmiessler.com/ 👉🏻 X (Twitter): https://ul.live/x 👉🏻 Instagram: https://ul.live/ig 👉🏻 BlueSky: https://ul.live/bluesky 👉🏻 LinkedIn: https://ul.live/liBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: AI Finds an 0-Day!, Postman Leaking Secrets, High Agency Mental Model, My Unified Entity Context Video, Github MCP Leaks Private Repos, Google vs. OpenAI vs. Apple on AI Vision, and more... Read this episode online: https://newsletter.danielmiessler.com/p/ul-482 Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

🔹 Thanks to ProjectDiscovery for sponsoring today’s video. I've been using their tools like Nuclei and Subfinder for years, and now they’ve brought that power to the cloud with a full vulnerability management platform. ➡ Try it yourself at https://ul.live/PD1 For over a decade, I've been exploring how AI and context intersect—and I believe Unified Entity Context (UEC) is the key to unlocking what comes next. In this podcast, I walk through my journey—from security assessments and AI-powered tools to building real-world demos like Alma and Threshold. The core idea? That most hard decisions are only hard because we lack the necessary context. With rich, accurate, and fresh context, even complex decisions become simple. If you're building in security, investing in AI, or just trying to understand where things are heading, this concept might reframe everything. Check out the full video here: https://youtu.be/IHUqk90ch7IBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

What really happened at RSA 2024? Daniel Miessler and Jason Haddix break it down. Fresh off a whirlwind RSA week, Daniel sits down with Jason Haddix (Arcanum Information Security) to talk about what mattered—beyond the show floor noise. From off-site innovation summits to real-world AI implementation, this deep dive covers: -Where the real innovation happened (hint: not on the show floor)-Key takeaways from the OpenAI and Airbnb AI Security events-Jason’s talk on AI pentesting methodology and the Prompt Injection Taxonomy -The future of cybersecurity moats and the risk of AI-native disruption -Why agents aren’t the main character—data is -DARPA's AIxCC competition and the rise of Cyber Reasoning Systems -Challenges with evals, autonomous security workflows, and VDP backlash -Behind the scenes at RSA: puppies, parties, burnout, and brutal honesty They also explore content creation, the future of platform-native context, and why being opinionated (with receipts) matters more than ever in security and tech.  Jason's Company https://arcanum-sec.comBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Get full visibility, risk insights, red teaming, and governance for your AI models, AI agents, RAGs, and more—so you can securely deploy AI powered applications with ul.live/mend In this episode, I speak with Bar-El Tayouri, Head of AI Security at Mend.io, about the rapidly evolving landscape of application and AI security—especially as multi-agent systems and fuzzy interfaces redefine the attack surface. We talk about: • Modern AppSec Meets AI Agents How traditional AppSec falls short when it comes to AI-era components like agents, MCP servers, system prompts, and model artifacts—and why security now depends on mapping, monitoring, and understanding this entire stack. •  Threat Discovery, Simulation, and Mitigation How Mend’s AI security suite identifies unknown AI usage across an org, simulates dynamic attacks (like prompt injection via PDFs), and provides developers with precise, in-code guidance to reduce risk without slowing innovation. •  Why We’re Rethinking Identity, Risk, and GovernanceWhy securing AI systems isn’t just about new threats—it’s about re-implementing old lessons: identity access, separation of duties, and system modeling. And why every CISO needs to integrate security into the dev workflow instead of relying on blunt-force blocking. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 - From Game Hacking to AI Security: Barel’s Tech Journey03:51 - Why Application Security Is Still the Most Exciting Challenge04:39 - The Real AppSec Bottleneck: Prioritization, Not Detection06:25 - Explosive Growth of AI Components Inside Applications12:48 - Why MCP Servers Are a Massive Blind Spot in AI Security15:02 - Guardrails Aren’t Keeping Up With Agent Power16:15 - Why AI Security Is Maturing Faster Than Previous Tech Waves20:59 - Traditional AppSec Tools Can’t Handle AI Risk Detection26:01 - How Mend Maps, Discovers, and Simulates AI Threats34:02 - What Ideal Customers Ask For When Securing AI38:01 - Beyond Guardrails: Mend’s Guide Rails for In-Code Mitigation41:49 - Multi-Agent Systems Are the Next Security Nightmare45:47 - Final Advice for CISOs: Enable, Don’t Disable DevelopersBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, I break down what I believe is the emerging structure of the AI-powered world we're all building—consciously or not. I call it the “Four A’s”: Assistants, APIs, Agents, and Augmented Reality. This framework helps make sense of recent developments and where it’s all headed. I talk about: 1. Digital Assistants That Understand and Optimize Your LifeYour DA (like “Kai”) will know your goals, preferences, health, schedule, and context—and proactively optimize your day, from filtering messages to planning meals or surfacing relevant information in real time. 2. APIs and the Real Internet of ThingsEverything becomes an API—from businesses to people to physical objects. Your assistant interacts with these APIs to act on your behalf, turning the world into a navigable ecosystem of services, tools, and resources. 3. Agents and AR Bringing It All TogetherAgents act autonomously to complete multi-step goals, and AR glasses will display their outputs contextually as you move through the world.  These systems will collaborate, search, and act—quietly transforming how we live, work, and perceive reality. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Chapters: 00:00 - The AI Ecosystem We’re Building Without Realizing It01:33 - Assistant: Your Most Powerful Digital Companion03:08 - APIs: How DAs Interact with the World07:54 - Agents: The Step Beyond Automation11:00 - Augmented Reality: The Interface Layer of the AI Ecosystem14:20 - Combining APIs, Agents, and UI for Real-Time Situational Awareness17:17 - Summary: A Unified Ecosystem Driven by the Four A’s23:36 - Industry Trends: How Companies Like OpenAI, Apple, and Meta Fit In25:11 - Final Thoughts on Timelines, Winners, and Interpreting AI NewsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, I walk through a Fabric Pattern that assesses how well a given model does on a task relative to humans. This system uses your smartest AI model to evaluate the performance of other AIs—by scoring them across a range of tasks and comparing them to human intelligence levels. I talk about: 1. Using One AI to Evaluate AnotherThe core idea is simple: use your most capable model (like Claude 3 Opus or GPT-4) to judge the outputs of another model (like GPT-3.5 or Haiku) against a task and input. This gives you a way to benchmark quality without manual review. 2. A Human-Centric Grading SystemModels are scored on a human scale—from “uneducated” and “high school” up to “PhD” and “world-class human.” Stronger models consistently rate higher, while weaker ones rank lower—just as expected. 3. Custom Prompts That Push for Deeper EvaluationThe rating prompt includes instructions to emulate a 16,000+ dimensional scoring system, using expert-level heuristics and attention to nuance. The system also asks the evaluator to describe what would have been required to score higher, making this a meta-feedback loop for improving future performance. Note: This episode was recorded a few months ago, so the AI models mentioned may not be the latest—but the framework and methodology still work perfectly with current models. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Secure what your business is made of with Martial Security: https://material.security/ In this episode, I speak with Patrick Duffy from Material Security about modern approaches to email and cloud workspace security—especially how to prevent and contain attacks across platforms like Google Workspace and Microsoft 365. We talk about: • Proactive Security for Email and Cloud PlatformsHow Material goes beyond traditional detection by locking down high-risk documents and inboxes preemptively—using signals like time, access patterns, content sensitivity, and anomalous user behavior. • Real-World Threats and Lateral MovementWhat the team is seeing in the wild—from phishing and brute-force attacks to internal data oversharing—and how attackers are increasingly moving laterally through cloud ecosystems using a single set of compromised credentials. • Customizable, Context-Aware Response WorkflowsHow Material helps teams right-size their responses based on risk appetite, enabling fine-grained actions like MFA prompts, access revocation, or full session shutdowns—triggered by dynamic, multi-signal rule sets. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters: 00:00 - Welcome & High-Level Overview of Material Security02:04 - Common Threats: Phishing and Lateral Movement in Cloud Office05:30 - Access Control in Collaborative Workspaces (2FA, Just-in-Time, Aging Content)08:43 - Connecting Signals: From Login to Exfiltration via Rule Automation12:25 - Real-World Scenario: Suspicious Login and Automated Response15:08 - Rules, Templates, and Customer Customization at Onboarding18:46 - Accidental Risk: Sensitive Document Sharing and Exposure21:04 - Security Misconfigurations and Internal Abuse Cases23:43 - Full Control Points: IP, Behavior, Classification, Sharing Patterns27:50 - Integrations, Notifications, and Real-Time Security Team Coordination31:13 - Lateral Movement: How Attacks Spread Across the Workspace34:25 - Use Cases Involving Google Gemini and AI Exposure Risks36:36 - Upcoming Features: Deeper Remediation and Contextual Integration39:30 - Closing Thoughts and Where to Learn MoreBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

AI is changing cybersecurity at a fundamental level—but how do we decide what to build, and when? In this episode, I outline a structured way to think about AI for security: from foundational ideas to a future-proof system that can scale with emerging threats. • Rethinking Human Workflows as Intelligence PipelinesBy mapping tasks into visual workflows, we can pinpoint exactly where human intelligence is still required—and where AI agents are most likely to replace or enhance us. • Using AI to Understand and Manage Organizational StateI introduce the concept of AI state management: building systems that track your current and desired security posture in real time, and using AI to bridge the gap—automating insights, decisions, and even actions across your environment. • Building a Cyber Defense Program Inspired by Attacker PlaybooksInstead of waiting for threats, I propose a new framework based on attacker capabilities—what they wish they could do now and in the near future—and how to proactively prepare by building a continuously adapting AI-powered defense system. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler Chapters:00:00 - Framing the Future: Two Key Questions on AI and Cybersecurity01:28 - Intelligence Pipelines: Visualizing Human Work as Replaceable Workflow06:10 - Theory of Constraints: How Attackers Are Bottlenecked by Human Labor10:42 - Defining Agents: What Makes AI Different From Traditional Automation12:08 - AI State Management: The Universal Use Case for Automated Intelligence16:53 - Real-World Demo: Unified Context AI for Security Program Management26:30 - Advanced Uses: Reassigning Projects, Updating KPIs, and Security Reports34:58 - Automating Security Questionnaires With AI Context Awareness38:43 - ACAD Framework: Predicting and Preparing for Future Attacker Capabilities47:40 - Defender Response: Building AI-Driven Red Teams and Internal UCCs52:25 - Final Answers: How Software and Security Change With AI AgentsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

The conversation around AGI and ASI is louder than ever—but the definitions are often abstract, technical, and disconnected from what actually matters. In this episode, I break down a human-centered way of thinking about these terms, why they’re important, and a system that could help us get there. I talk about:  • A Better Definition of AGI and ASIInstead of technical abstractions, AGI is defined as the ability to perform most cognitive tasks as well as a 2022 U.S.-based knowledge worker. ASI is intelligence that surpasses that level. Framing it this way helps us immediately understand why it matters—and what it threatens. • Invention as the Core Output of IntelligenceThe real value of AGI and ASI is their ability to generate novel solutions. Drawing inspiration from the Enlightenment, we explore how humans innovate—and how we can replicate that process using AI, automation, and structured experimentation. • Scaling the Scientific Method with AIBy building systems that automate idea generation, recombination, and real-world testing, we can massively scale the rate of innovation. This framework—automated scientific iteration—could be the bridge from human intelligence to AGI and beyond. Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerChapters: 00:00 - Why AGI and ASI Definitions Should Be Human-Centric01:55 - Defining AGI as a 2022-Era US Knowledge Worker03:04 - Defining ASI and Why It’s Harder to Conceptualize04:04 - The Real Reason to Care: AGI and ASI Enable Invention05:04 - How Human Innovation Happens: Idea Collisions and Enlightenment Lessons06:56 - Building a System That Mimics Human Idea Generation at Scale09:00 - The Challenge of Testing: From A/B Tests to Biotech Labs10:52 - Creating an Automated, Scalable Scientific Method With AI12:50 - A Timeline to AGI and ASI: Predictions for 2027–2030Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Build, run, and monitor workflows with Tines at: tines.com In this episode, I speak with Matt Muller, Field CSCO at Tines, about how automation and AI are transforming security operations at scale. We talk about: • Tines' Mission to Eliminate Manual Security Work Through Automation How Tines helps security teams streamline incident response and workflow automation without needing to write code, saving time and reducing burnout. • Applying AI to Security Operations and Analyst Workflows How AI is used in phishing analysis, threat intel reporting, and data transformation—integrated safely into workflows using tools like Workbench with private LLMs. • Tines Workbench and the Future of Agentic AI How Workbench combines chat with deterministic automation to help analysts take action securely, and how Tines is exploring agentic AI to take automation even further. Chapters: 00:00 - How Tines Automates Security to Solve SOC Burnout07:19 - The AI Arms Race: How Attackers and Defenders Are Evolving09:08 - Why Security Still Comes Down to Workflow, Logging, and Action13:41 - How CISOs Are Balancing AI Adoption and Enterprise Risk17:36 - Using AI in Tines to Transform and Automate Security Workflows20:40 - How AI Detects Business Email Compromise Better Than Rules25:26 - From Security to Data Pipelines: Tines as Workflow Orchestration28:59 - Inside Workbench: Secure AI-Powered Chat for Analysts36:00 - Automating Phishing Investigations with Trusted Tool Integrations39:19 - Where to Learn More and Try Tines for FreeBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: Signal OPSEC, White-box Red-teaming LLMs, Unified Company Context (UCC), New Book Recommendations, Single Apple Note Technique, and much more... Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

➡ Allow what you need, block everything else with ThreatLocker: threatlocker.com In this episode, I speak with Slava Konstantinov, ThreatLocker's MacOS Lead Architect, about their zero-trust approach to endpoint security and their latest cybersecurity innovations. We talk about: • ThreatLocker’s Zero Trust Approach to Cybersecurity:How ThreatLocker enforces a default deny security model, ensuring only explicitly allowed applications and actions can run, reducing attack surfaces and unauthorized access. • Key ThreatLocker Products and Features:How ThreatLocker’s solutions—Application Control, Storage Control, Ring Fencing, Network Control, and ThreatLocker Detect—help organizations enhance security through granular policy enforcement. • New & Upcoming ThreatLocker Features:How new solutions like Patch Management, Web Control, Insights, and Cloud Detect will provide even greater security, automation, and compliance for businesses managing complex IT environments. Chapters:00:00 - Intro to ThreatLocker and Zero Trust Security01:24 - How ThreatLocker’s Application Control Blocks Unauthorized Software06:52 - Storage Control: Preventing Unauthorized Data Access and USB Threats08:19 - Ring Fencing: Controlling App Permissions and Network Access12:37 - Elevation Control: Granting Admin Privileges Without Risk16:23 - Network Control: Restricting Internet and Internal Network Access19:26 - AI-Driven Security Policies: The Future of ThreatLocker Management24:07 - Mac vs. Windows Security: Key Differences and Challenges29:49 - ThreatLocker’s Expansion: New Products and Future Plans32:32 - Where to Learn More About ThreatLocker’s Security SolutionsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, Daniel Miessler explores how to supercharge your macOS workflow with Raycast, transforming everyday tasks into lightning-fast, AI-powered actions. He talks about: Raycast as a Universal Launcher:Daniel explains how Raycast replaces traditional launchers like Spotlight and Alfred, offering an all-in-one shortcut to apps, files, and bookmarks for unparalleled efficiency. Quick Links and Custom Searches:He demonstrates how quick links streamline navigation by replacing outdated bookmarks and enabling custom search commands that let you bypass the browser for faster access. Integrated Utilities and Window Management:Discover how Raycast consolidates everyday tools—from color pickers and process killers to custom window arrangements—ensuring that all your essential utilities are just a keystroke away. Advanced AI Integration:Learn how Raycast’s innovative AI commands integrate with platforms like ChatGPT and Fabric, allowing you to interact with, summarize, and analyze web content directly from your command line. Custom Commands and Productivity Hacks:Daniel reveals his secrets for creating personalized hotkeys, snippets, and aliases that reduce friction in your digital workflow, making your daily tasks smoother and more intuitive. Subscribe to the newsletter at:https://danielmiessler.com/newsletter Watch the video on YouTube at:https://www.youtube.com/c/UnsupervisedLearning Follow on Twitter at:https://twitter.com/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: 28 Open Cyber Jobs, Real-world AI Propaganda Poisoning, MCP Explained, Cline vs. Windsurf, and more...Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

MEMBER EDITION: Cyber Standing Down, China's Innovation Burst, PC vs. NPC, Why AI Can't Understand, and more... Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Attacking Signal, Blogging Getting MORE Important, AI's Final Form, Claude 3.7 vs. World, Censorship as a Service, and more... Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Also: A new threat modeling framework for AI, an API security report, and being paralyzed by crisis Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://x.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Plus: DeepSeek's open database, Using o3 with Fabric, Chinese backdoors in health monitors, and much more... Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X: https://x.com/danielmiessler Follow on LinkedIn: https://www.linkedin.com/in/danielmiesslerBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

I want to explore how AI can assist in fiction writing, especially using open-source models that allow for greater control, creativity, and long-form storytelling. With tools like LM Studio and Hugging Face, we can download powerful AI models capable of maintaining story coherence, helping authors generate complex narratives, and even unlocking new storytelling possibilities. So, the idea is to create a structured approach to fiction writing with AI. By organizing story elements—characters, setting, mystery, and plot—into a detailed text file ("Telus file"), we can guide AI models to produce high-quality, structured narratives. The goal is not to replace authors but to empower them with AI-assisted storytelling. Who wants to experiment with this approach? Or does anyone know of better AI tools for fiction writing? With larger context models and improving AI capabilities, we might be close to AI-assisted novels that rival human-written stories! Subscribe to the newsletter at:https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X: https://x.com/danielmiessler Follow on LinkedIn: https://www.linkedin.com/in/danielmiessler  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this conversation, I speak with Alastair Paterson, CEO and co-founder of Harmonic Security. We talk about: Harmonic Security’s Unique Approach to AI Data Protection: How Harmonic Security’s Zero-Touch Data Protection uses small language models to identify and prevent sensitive data leaks, differentiating it from traditional DLP solutions. Challenges of AI Adoption & Enterprise Security Risks: How enterprises are struggling to adopt Generative AI safely, as employees unknowingly expose sensitive data. The risks of shadow AI usage, and why visibility into AI applications is essential for organizations. Harmonic’s Browser-Based Solution for Secure AI Adoption: How Harmonic Security’s browser-based extension provides real-time monitoring and intervention, allowing enterprises to track AI adoption, prevent data leaks, and enforce security policies without disrupting productivity. ➡️ Get a DEMO and Take Advantage of Harmonic's GenAI Securely  ul.live/harmonic ➡️ Check out Harmonic's Data leakage report "From Payrolls to Patents"ul.live/harmonic-data-leaked00 Intro00:12 Guest Introduction - Alistair and Harmonic Security01:16 Background on Digital Shadows and Transition to Harmonic Security02:50 The Impact of ChatGPT and Generative AI on Security04:35 The Problem with AI Data Leakage and Enterprise Risks06:20 The Evolution of Data Protection: From DLP to AI Readiness08:45 The Challenge of Shadow AI in Enterprises10:30 Understanding Harmonic Security's Zero-Touch Data Protection12:15 How Harmonic Security Works - Browser Extension Overview14:40 Detecting Sensitive Data in AI Prompts16:50 Live Demo - Preventing Data Leaks in AI Chatbots19:35 Visibility and Monitoring of AI Usage Across the Enterprise22:10 Risk Classification and Training Data Considerations24:05 Policy Enforcement and Customization Options26:30 Future Developments - Expanding Coverage Beyond AI Apps28:15 Final Thoughts and Where to Learn MoreBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Plus: The AI Vulnerability Glut, Remotely Hacking Subarus, Criticism of CVSS, the United Breach, and much more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

In this episode, I speak with Faisal Khan, a GRC Solution Specialist at Vanta, about how their platform is transforming trust management for organizations. We talk about: Vanta as a Trust-Management Platform:How Vanta helps organizations build, scale, and showcase their security and compliance programs through automation, efficiency, and tools like the Trust Center. Key Features and Solutions Offered by Vanta:How Vanta’s integrations automate compliance checks, streamline vendor risk management, and address industry standards like SOC 2, ISO 27001, and CMMC to save time and improve efficiency. Future Directions and AI Integration:How Vanta is expanding into new frameworks like the EU AI Act and leveraging AI to simplify compliance, optimize workflows, and address evolving trends in governance and security.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

also...Joseph goes independent, Perplexity's new search API, Stoicism's gift, and much more... Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

also...Russia's actual playbook, CISA's new rating system, and everyone's doing robots now Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Navigating AI's impact on work, the rise of transnational threats, a grim new reality in air travel, and how to harness the chaos of 2025 for personal and professional growth. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.