#195 - Pentesting for Readiness not Compliance (with Snehal Antani)

In this episode of CISO Tradecraft, host G Mark Hardy is joined by special guest Snehal Antani, co-founder of Horizon3.AI, to discuss the crucial interplay between offensive and defensive cybersecurity tactics. They explore the technical aspects of how observing attacker behavior can enhance defensive strategies, why traditional point-in-time pen testing may be insufficient, and how autonomous pen testing can offer continuous, scalable solutions. The conversation delves into Snehal’s extensive experience, the importance of readiness over compliance, and the future of cybersecurity tools designed with humans out of the loop. Tune in to learn how to elevate your cybersecurity posture in a rapidly evolving threat landscape. Horizon3 - https://www.horizon3.ai Snehal Antani - https://www.linkedin.com/in/snehalantani/ Transcripts: https://docs.google.com/document/d/1IFSQ8Uoca3I7TLqNHMkvm2X-RHk8SWpo Chapters: 00:00 Introduction and Guest Welcome 01:43 Background and Experience of Snehal Antani 03:09 Challenges and Limitations of Traditional Pen Testing 14:47 The Future of Pen Testing: Autonomous Systems 23:10 Leveraging Data for Cybersecurity Insights 24:02 Expanding the Attack Surface: Cloud and Supply Chain 24:46 Third-Party Risk Management Evolution 44:37 Future of Cyber Warfare: Algorithms vs. Humans