What’s New with AI and Cybersecurity: AI and the New Era of Ecosystem-Wide Supply Chain Compromise
Published by Pearson
Join Omar Santos and guest David Bianco for a live deep dive into systemic software supply chain attacks and defenses
In recent months, a wave of high-impact attacks exposed systemic weaknesses across trusted ecosystems—from the compromise of Aqua Security’s Trivy scanner to CI/CD supply chain attacks and the hijacking of the Axios npm package, which reaches over 100 million weekly downloads. These incidents signal a broader shift: supply chain attacks are now the preferred model for scalable cybercrime and state aligned operations, exploiting trust, identity, and inherited access rather than isolated vulnerabilities.
Join Omar Santos, with special guest -cybersecurity researcher and strategist David Bianco, for a focused exploration of this new era of software supply chain security. Examine modern attack techniques such as GitHub Actions tag hijacking, malicious dependency publishing, and compromised maintainer credentials, and learn the concrete defensive shifts required to respond—including immutable dependency pinning, CI/CD permission segmentation, and credential hardening. You’ll leave with a practical framework for securing software supply chains against the next generation of ecosystem-wide attacks.
What you’ll learn and how you can apply it
- Learn the latest trends in AI and cybersecurity.
- Apply AI-driven tactics for threat detection, automate incident response, and proactively hunt for risks using the latest AI tools.
- Assess the security implications of advanced AI, such as coding agents, agentic AI applications, and large language models (LLMs).
- Design strategic methodologies for integrating AI into cybersecurity programs.
This live event is for you because...
- You’re an AI/ML Engineer or Data Scientist who wants to learn the latest trends in AI and cybersecurity.
- You’re a Cybersecurity Professional (Analyst, Engineer, Architect, or Consultant) looking to upgrade your skills for the AI-driven era.
- You’re an Ethical Hacker seeking to automate and enhance your offensive security capabilities.
- You’re a Software Developer or DevOps Engineer focused on building secure applications and infrastructure.
- You’re a Security Leader, CISO, or Project Manager who needs to understand the strategic implications of agentic AI.
Prerequisites
Recommended Follow-up
- Read: Redefining Hacking: A Comprehensive Guide to Red Teaming and Bug Bounty Hunting in an AI-driven World by Omar Santos, Savannah Lazzara, and Wesley Thurner
- Watch: Build Your Own AI Lab by Omar Santos
- Watch: Securing Generative AI by Omar Santos
- Watch: Defending and Deploying AI by Omar Santos
- Practice: Ethical Hacking Labs by Omar and Derek Santos
- Attend: AI and LLM Cyber Risks and Mitigations by Omar Santos
Schedule
The time frames are only estimates and may vary according to how the class is progressing.
Segment 1: AI Research, Tools, and Emerging Threats (25 minutes)
- Latest AI research and tools, including coding agents, agentic AI systems, and AI model architecture
- Real-world AI-powered cyberattacks, including AI-generated malware and sophisticated attack techniques
- Automated attack tools, AI-assisted reconnaissance, and sophisticated social engineering
Break (5 minutes)
Segment 2: AI-Driven Defense and Strategic Integration (25 minutes)
- Latest agentic AI platforms for cybersecurity and other implementations
- The most recent tools for automating incident response and security orchestration with AI tools
- Latest trends for integrating AI into cybersecurity programs and governance frameworks
- Learn the latest techniques and tools for securing AI systems, featuring guidance from Coalition for Secure AI (CoSAI), OWASP, and other leading organizations
Event wrap-up and Q&A (5 minutes)
Your Hosts and Guests
Omar Santos
Omar Santos is a Distinguished Engineer at Cisco focusing on advanced AI security research, cybersecurity, incident response, and vulnerability disclosure. He is the co-chair of the Coalition for Secure AI (CoSAI) alongside leading AI companies such as OpenAI, Google, Anthropic, and NVIDIA. Omar has served in the board of the OASIS Open standards organization and is also the chair of the OpenEoX and the Common Security Advisory Framework (CSAF) technical committee. His work led the creation of the CSAF ISO standard. Omar's collaborative efforts extend to numerous organizations, including OWASP, FIRST, and he was the lead of the DEF CON Red Team Village for several years. Omar is the author of over 25 books, 21 video courses, and over 50 academic research papers. Omar is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. Omar's work in cybersecurity is also recognized through multiple granted patents. Prior to Cisco, Omar served in the United States Marines focusing on the deployment, testing, and maintenance of Command, Control, Communications, Computer, and Intelligence (C4I) systems.
David Bianco
David is a Cybersecurity Researcher with Cisco Talos, where he studies practical and effective uses of AI for defensive security operations. He is also a SANS Certified Instructor, where he teaches network forensics. David has nearly 30 years of experience in the information security field, primarily in incident detection and response, threat hunting, and Cyber Threat Intelligence (CTI). He is the creator of the Pyramid of Pain and lead author of the PEAK threat hunting framework. Really, he just wants to make security better for everyone. You can follow David on Bluesky as @DavidJBianco.bsky.social or on Mastodon as @DavidJBianco@infosec.exchange.