We're heading to Vegas for #BlackHatUSA, @AISecurityForum, and @defcon this August!
Here's where to find us all week + a sneak peek at the tech and research we'll be bringing: https://t.co/2CIXJ7MtKQ
See you there? DM us to request a 1:1 meeting.
The OAIC CFP closes in 30 days- join us!
Accepted speakers will receive three nights at a four-star beachfront resort, all meals and drinks, three exclusive parties, and a Michelin-star welcome dinner.
The CFP closes July 31.
AI red teaming at machine speed and scale.
50+ attack algorithms. 500+ transforms. 130+ scorers.
Probe LLMs, agents, MCP servers, and traditional ML for security and safety vulnerabilities — all in one simple workflow.
Start for free → https://t.co/tQG6wSYAgk
🚨 Calling all AI red teams and AI security operators 🚨 Join @rdheeko and @moo_hax this Thursday (6/4) for a live session covering our agentic approach to AI red teaming.
Come for a live assessment against a frontier model, stay to learn about the latest tools and methodologies to secure your AI systems.
Tune in on X at 11 AM PT / 2 PM ET!
AI red teams today are stuck doing workflow engineering instead of finding vulnerabilities. Weeks spent on infrastructure, when they could be probing for security and safety risks.
At the same time, traditional ML and generative AI security remain siloed across different libraries and tooling ecosystems, creating long-term operational and maintenance burden.
We built an agentic AI red teaming system on the Dreadnode SDK to flip this narrative, accelerating testing from weeks to hours. Operators describe the objective in plain English; the agent handles attack selection, workflow generation, execution, and reporting.
In our latest paper, we dive deep into the AI red team agent architecture, our methodology, the complete attack and transform catalog, the analytics pipeline… and then we pointed it at Meta's Llama Scout. The result:
→ 674 attacks, 573 findings, 7,727 trials
→ 232 critical vulnerabilities across 68 objectives
→ ~85% attack success rate
→ ~3 hours, zero human-written code
AI red teaming today looks like software development before agent-assisted coding: skilled operators spending most of their time on infrastructure rather than on the work that requires their judgment.
The transition isn't necessarily about replacing the operator. It's about moving the operator's expertise up a layer, from which Python function should I call ➡️ what's worth probing, what risks do we care most about, and what do the results mean for my AI strategy.
Blog: https://t.co/ejfXVn4vUB
Paper: https://t.co/7w62qeFSWg
Real offensive cyber capability shows up in long-horizon, multi-host, repeatable evals. The kind we rarely see running at scale.
Claude Opus 4.6 + our network ops agent compromised an entire GOAD variant Windows AD environment (DreadGOAD) in 54 minutes, with one simple prompt, and $244 in tokens.
The specs:
📊 DreadGOAD variant-1 · 3 domains · 5 hosts · 30 credentials · random user data, not in training set
💻 Claude Opus 4.6
🛠️ Dreadnode Network-Ops
🕓 54.5 min · 🪙 48.52M tokens · 💰 $244.02
Mythos has been in the spotlight for its cyber capabilities, but other models are competitive too. You just need the right scaffolding and eval infrastructure.
Run the network ops agent now in the Dreadnode platform. Use any model. No code required. Sign up or log in and get started for free at https://t.co/q7Raqr8gGp.
In less than 20 minutes and under $2, we used our .NET reversing capability to run a SAST scan of Azure Cosmos DB in the Microsoft Container Registry (MCR), surfacing a high severity vulnerability in the now-deprecated database.
🆕 Model: Moonshot AI - Kimi K2.6
⏱️ Task/agent runtime: 19 mins 26 secs
🪙 Tokens: ↑ 3124.0k · ↓ 33.3k
💰 Cost: $1.97
Vulnerability Overview: When using managed identity auth, it calls an internal token service over HTTPS, but the TLS certificate validation callback is tautological — it checks if the server cert's thumbprint matches any cert in the chain, but the leaf cert is always in its own chain, so it always passes.
Watch the video to see how we ran it within our TUI. Install Dreadnode and try out the .NET reversing capability:
➡️docs: https://t.co/4YDgiUroQ0
➡️command: https://t.co/jIlHJqKXh2
One short week until our rooftop happy hour in Arlington, VA!
Based in the DC area? Focused on operationalizing agents and accelerating security? We have room for a few more. DM us for event details.
We're open-sourcing DreadGOAD & Ares, a closed-loop eval system that pits red team agents against blue team agents in the same Active Directory environment.
Red team: 7 specialized agents, domain dominance in <6 min, 97% success rate across 142 ops.
Blue team: scored against the attacker's actual recorded actions — not curated logs or checklists.
Security agent benchmarks test offense and defense in isolation. That's the gap. DreadGOAD and Ares provide the feedback loop that’s been missing.
🔗 https://t.co/NJVxNHcF6k
Rooftop. Drinks. The future of security agents.
We're hosting a happy hour in Arlington, VA for folks building at the intersection of AI and security — on Thursday, April 23 from 5-8 PM ET. No keynotes, just good people and real conversations about where this space is headed.
Space is limited, DM us for details.
Tune in to the latest Unsupervised Learning episode featuring @moo_hax ⬇️
Will speaks with @DanielMiessler about our 2.0 launch and how we're building the infrastructure to scale security agents and bringing ML rigor to offensive assessments.
https://t.co/njdWre5NHd
Dreadnode 2.0 is live.
A complete infrastructure platform purpose-built for security agents. Build, evaluate, optimize, and deploy with confidence.
What's new: Resource Hub (1,600+ security tasks), advanced AI red teaming, hosted evals, training pipeline, synthetic data generation, managed sandboxes, new frontend, deeper tracing.
Not a point solution. Infrastructure for any security agent use case.
Start free: https://t.co/q7Raqr8gGp.
Read the official announcement: https://t.co/G832M0JZla
New open source repo from Dreadnode Principal Research Engineer, @VincentAbruzzo: AgentLens.
AgentLens is a tool for agent alignment and interpretability research—a harness for running multi-session agent trajectories using the Claude Agent SDK, capturing them in ATIF, and tracking file state changes across sessions.
Built during @NeelNanda5's MATS Exploration Phase with Greg Kocher.
Check it out: https://t.co/DMMhcUWZwi
The Dreadnode crew will be at #RSAC later this month! Catch us at the @DecibelVC Founder Festival throughout the week. Details below—register here: https://t.co/D4xTJzRURw
We're hosting a small happy hour in London (West End) on March 3 for security leaders, engineers, and operators leveraging agents to accelerate their work. DM us for the invite, or tag someone you think we should meet 👇
We fine-tuned an 8B model to pop a GOAD domain…using only synthetic training data. No real networks. No frontier model distillation. Just a world model that simulates AD environments and generates realistic pentesting trajectories.
See how @shncldwll and @0xdab0 did it: https://t.co/ZTRnnR7PxO
We'll be in London 2–4 March. Looking to connect with offensive security teams and operators who are thinking seriously about AI (see: AGI-pilled). DM us if you'd like to meet!
Watch @monoxgas and @shncldwll's @OffensiveAIcon presentation on scaling offensive AI security through test-time verification, domain-specific training, and synthetic data generation—now up on YouTube!
https://t.co/BmILVdXIEQ