Dirty South Security Podcast

Ep. 15 - We Replicated the Anthropic AI Espionage Report… and Claude Code Lied

Did Anthropic’s November AI espionage report tell the full story? In this episode of the Dirty South Security Podcast, host Tony UV sits down with returning guest Dan Tentler, Executive Founder at Phobos, to replicate and mythbust Anthropic’s claims that Claude Code autonomously executed a large-scale cyber espionage campaign. Over the course of three days of live testing, we attempted to reproduce the behavior described in the report. What we discovered raises serious questions about AI autonomy, model behavior, safety guardrails, and something even more concerning — Claude Code presenting false information during testing. In this episode we break down: • What the Anthropic November report claimed  • How we attempted to replicate the AI-orchestrated attack scenario  • Where Claude Code failed  • Evidence of deceptive or fabricated responses  • The difference between AI hallucination and intentional-seeming behavior  • What this means for cybersecurity professionals  • Implications for AI governance and enterprise adoption This is not a hot take. This is hands-on testing. If you work in cybersecurity, AI safety, red teaming, or enterprise security strategy, this episode is essential listening. Watch until the end for the full breakdown of what happened during our three-day replication attempt. Subscribe for more deep technical security discussions and mythbusting. #DirtySouthSecurity #Anthropic #ClaudeCode #AISecurity #CyberSecurity #DanTentler #TonyUV #AIHallucinations #AITransparency #RedTeam #Infosec #AIResearch // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // * VerSprite: https://versprite.com/ [https://versprite.com/] * LinkedIn: https://www.linkedin.com/versprite-llc/ [https://www.linkedin.com/versprite-llc/] * Twitter: https://twitter.com/versprite/ [https://twitter.com/versprite/] * YouTube: https://www.youtube.com/c/VerSprite [https://www.youtube.com/c/VerSprite] // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

Ep. 14 – Leadership in the AI Era

Episode 14 – Leadership in the AI Era with Ruby Agarwal (VP Cloud Platform & Operations @ Avaya) The game has permanently changed. AI isn’t coming for your job tomorrow; it’s already rewriting the operating system of every security and technology organization today. In this no-BS episode, Tony UV sits down with Ruby Agarwal to separate leadership theater from what actually works when LLMs, automation, and agentic workflows are collapsing timelines that used to take years into weeks. We get real about: * Why the old “I’ve got all the answers” CISO/CIO playbook is now a liability * Moving from control-freak management to radical curiosity and productive discomfort * How to build actual AI fluency in your teams without turning everyone into a prompt engineer * Redefining performance when AI eats 70% of the repetitive work SecOps used to own * Why ethical guardrails aren’t a “nice-to-have” compliance checkbox; they’re your last line of defense against career-ending mistakes * The hard conversations leaders must have when roles inevitably morph or disappear * Three dead-simple moves you can execute this week to stop lagging and start leading the AI wave If you’re a security leader who’s tired of generic “embrace change” platitudes and wants battle-tested tactics for thriving in the chaos, this is the episode you’ve been waiting for. #Cybersecurity #InfoSec #AILeadership #SecurityLeadership #ArtificialIntelligence #CISO #CloudSecurity #SecOps #Leadership #AISecurity #DirtySouthSecurity // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // * VerSprite: https://versprite.com/ [https://versprite.com/] * LinkedIn: https://www.linkedin.com/versprite-llc/ [https://www.linkedin.com/versprite-llc/] * Twitter: https://twitter.com/versprite/ [https://twitter.com/versprite/] * YouTube: https://www.youtube.com/c/VerSprite [https://www.youtube.com/c/VerSprite] // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

Ep. 13 - Small Firms, Big Impact - Why Offensive Security Matters More Than Ever

🔥 Nobody Got Fired for Hiring IBM... But Maybe They Should Have In this episode of Dirty South Security, we're pulling back the curtain on the security industrial complex. Tony UV sits down with Dan Tentler to discuss why small boutique security firms are running circles around the big consulting giants, and why that matters more than ever in the age of AI. Host: Tony UV Guest: Dan Tentler What We Cover: The Boutique Advantage We break down why procurement processes favor mediocrity, the difference between checkbox security and actual security, and why small firms' "unfair advantages" (speed, skin in the game, and actually giving a damn) are reshaping the industry. Real Offensive Security Most pentests are security theater. We discuss what adversary emulation actually looks like, the attack techniques keeping security professionals up at night (supply chain attacks, LOLBins, modern C2 frameworks), and the massive gap between what vendors sell and what attackers actually do. AI: The Offensive Security Inflection Point When everyone has AI, attack surface becomes intelligence surface. We explore how LLMs are being weaponized for polymorphic malware, why prompt injection is the new SQL injection, and why companies building AI without offensive security expertise are sitting ducks. The Business of Staying Small and Deadly Why we don't want to be a 500-person firm, the scaling trap that kills quality, and how to build sustainable boutique practices through high-value, low-volume models. Hot Takes & Hard Truths We tackle controversial topics: Are most cybersecurity certifications worthless? Is MITRE ATT&CK just intimidating wallpaper? Zero trust products vs. real zero trust. Bug bounties: innovation or race to the bottom? The ethics of red teaming and where we draw the line. Key Takeaway: If your security team can't think like attackers, you're already compromised. // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // * VerSprite: https://versprite.com/ [https://versprite.com/] * LinkedIn: https://www.linkedin.com/versprite-llc/ [https://www.linkedin.com/versprite-llc/] * Twitter: https://twitter.com/versprite/ [https://twitter.com/versprite/] * YouTube: https://www.youtube.com/c/VerSprite [https://www.youtube.com/c/VerSprite] // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

Ep. 12 - AI in Offensive Security - Cutting Through the Hype

Episode 12 - AI in Offensive Security: Cutting Through the Hype  Host: Tony UV - https://www.linkedin.com/in/tonyuv/ Guest: Andrew Wilson - https://www.linkedin.com/in/awilsonaz/ Is AI revolutionizing offensive security, or simply accelerating what humans already do? In this episode, we cut through the hype and get real about how AI is reshaping vulnerability discovery, exploit development, and red team operations. 🔍 Topics Covered: 1. AI-Powered Vulnerability Discovery - Static analysis vs LLMs - AI-guided fuzzing performance - Signal-to-noise improvements - Case study: AI vs human researcher - Scaling AI across enterprise vs startup teams 2. Exploit Development Automation - Can AI reliably build working exploits? - Adaptability to target environments - Evasion techniques vs modern defenses - What red teams are actually using 3. Large-Scale Offensive Operations - AI orchestration across thousands of assets - Prioritization and continuous assessment - Managing AI-generated data - Measuring ROI of AI-enhanced testing 4. The AI Arms Race - Offensive vs defensive AI - Behavioral mimicry and detection evasion - Speed, scale, and resource asymmetry - Autonomous threat modeling 5. Implementation Reality Check - Where to start with AI in OffSec - Tool integration and team training - Budgeting and vendor evaluation - Compliance and regulatory concerns 💡 Whether you're a security leader, red teamer, or just trying to separate signal from noise, this episode delivers practical insights and strategic foresight. 📺 Watch, subscribe, and join the conversation.  #AIinSecurity #OffensiveSecurity #RedTeamOps #ThreatModeling #CybersecurityPodcast #DirtySouthSecurity #VerSprite #TonyUV #AndrewWilson // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // * VerSprite: https://versprite.com/ [https://versprite.com/] * LinkedIn: https://www.linkedin.com/versprite-llc/ [https://www.linkedin.com/versprite-llc/] * Twitter: https://twitter.com/versprite/ [https://twitter.com/versprite/] * YouTube: https://www.youtube.com/c/VerSprite [https://www.youtube.com/c/VerSprite] // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.

Ep. 11 - Building Resiliency: The New Paradigm in Security Leadership

In this episode, we’re flipping the script on traditional security thinking. As security champions, we know that resiliency isn’t just a buzzword—it’s the backbone of modern cybersecurity strategy. Join us as we unpack: 🔐 From Security to Resiliency – Were we too confident in the early days of CISO-ship? We reflect on the evolution of security leadership and what it means to lead with resilience today. 🛡️ Is Product Resiliency Subjective? – What really defines a “resilient” product? We challenge assumptions and explore how context, threat models, and business goals shape the answer. ⚙️ Top 3 Fundamentals for CISOs – We break down the core pillars every CISO should build from to create sustainable, secure, and resilient programs or products. 🔥 CISO Hot Takes – No fluff, just real talk. We share bold opinions on what’s working, what’s not, and where the industry needs to level up. Whether you're a CISO, security engineer, or just passionate about building better defenses, this episode is packed with insights to help you lead with clarity and confidence. // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // * VerSprite: https://versprite.com/ [https://versprite.com/] * LinkedIn: https://www.linkedin.com/versprite-llc/ [https://www.linkedin.com/versprite-llc/] * Twitter: https://twitter.com/versprite/ [https://twitter.com/versprite/] * YouTube: https://www.youtube.com/c/VerSprite [https://www.youtube.com/c/VerSprite] // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is crucial to protect your organization’s assets, protect your clients, and maintain the same, excellent reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and business outcomes.