Olivia
Online
Steve Wilson
@virtualsteve
Leading the charge in AI security. Chief AI and Product Officer @ Exabeam, Author @ O'Reilly, Project Lead at OWASP #cybersecurity #ai #cloud
San Jose, CA
Joined May 2008
668 Following
4.3K Followers
18.3K Posts
Pinned Tweet
How will we use AI Agents in cyber defense? Check out this snippet from my interview in Davos.
Earnings Before Tokens
Until last year, #AI overtaking humans was the stuff of science fiction. But now we face a grim reality: AI is now the biggest insider threat. Read how CISOs worldwide are justifying spend: https://t.co/bqOlJ2nXP9 @exabeam @virtualsteve
AI agents aren't just tools — they're digital workers. And like any insider, they can malfunction, misalign, or get compromised. OWASP LLM Top 10 co-author Steve Wilson breaks down the agentic insider threat and what AppSec teams need to do about it.
Read here: https://t.co/3cmqSg2yRW
#AppSec #AISecuity #ThreatIntelligence #OWASP w/ @virtualsteve
Who to follow
Alexander Ervik Johnsen
@ervik
Senior SE at Arctic Wolf -ex Nutanix -ervik.as -Citrix CTP-NGCA-Tech Evangelist & speaker.Husband,father of 2 - Interista! Surf🏄🏻nSnow🏂- Tweets are my own!
Neil Spellings
@neilspellings
Enterprise & Cloud infrastructure architect & owner @XenCentric, ex-Citrix CTP & @eucforumuk leader, father, husband. Often outspoken & ever so slightly cheeky!
#100patent100days #RocketSingh #innovation
@RocketSikh
#InnovationAdvisor #RocketSikh #InventionMachine #InnovationMachine #RunningMachine #RunningSingh Security Champion Musician Tweets are my own
Andrej Karpathy admits he’s struggling with AI
Electric surfboards are about to make jet skis look ancient.
Silent, fast, and way too fun.
Gone are the days where sharing MTTR or a vulnerability patching rate will satisfy the board. CISOs must articulate how AI is optimizing security operations from a business perspective, and many struggle with that. Learn more: https://t.co/hxLnCFxLsh @virtualsteve
For 50 years, software engineering ran on code rationing. Writing code was expensive, so we rationed it carefully through roadmaps, RFCs, prioritization meetings, and scope reviews.
This created a role: the No Engineer. No, that won't scale. No, we don't have bandwidth. No, that's out of scope. No, we need a design doc first. The No Engineer was valuable for 50 years. Every "no" saved real money. Their judgment was the rationing system.
LLMs will be the end of code rationing. Code is cheap now. And while the No Engineer is explaining why something can't be done, the Yes Engineer has already shipped three versions of it.
If you're a Yes Engineer, the next decade is yours.
Gen Xers have a new anthem!
This is too funny. I do love the early bird dinner prices though!
Sound UP!
AI agents are turning into insiders, fast. In new coverage from @ISMG_news, @virtualsteve sat down with @UnderArmour #CISO Alex Attumalil at #GoogleCloudNext to get blunt about why security teams must treat agents less like apps and more like employees. https://t.co/ypzTGviklk
My biggest takeaways from Claude Code's Head of Product @_catwu:
1. Anthropic’s product development timelines have gone from six months to one month, sometimes one week, sometimes one day. Part of this acceleration is access to the latest models (i.e. Mythos). Another is shipping new products into “research preview,” making clear it's early, experimental, and might not be supported forever. Another is an evergreen "launch room "where engineers post ready features and marketing turns around announcements the next day.
2. The PM role is shifting from coordinating multi-month roadmaps to enabling teams to ship daily. As Cat puts it, “There should be less emphasis on making sure you are aligning your multi-quarter roadmaps with your partner teams and more emphasis on, OK, how can we figure out the fastest way to get something out the door?”
3. The most efficient shipping unit is an engineer with great product taste. On Cat’s team, many engineers go end-to-end—from seeing user feedback on Twitter to shipping a product by the end of the week—without a PM involved. Also, almost all the PMs on the Claude Code team have either been engineers or ship code themselves, and the designers have been front-end engineers. The roles are merging, and the most valuable skill is product taste, not job title.
4. Build products that are on the edge of working. Claude Code’s code review product failed multiple times because earlier models weren’t accurate enough. But because the prototype was already built, they could swap in Opus 4.5 and 4.6 and immediately test whether the gap was closed. Teams that wait for the model to be ready will always be a cycle behind.
5. The most underrated skill for building AI products is asking the model to introspect on its own mistakes. Cat regularly asks the model why it made an unexpected decision. The model will explain that something in the system prompt was confusing, or that it delegated verification to a subagent that didn’t check its work. This reveals what misled the model so the team can fix the harness.
6. Every model release forces their team to revisit existing products and audit their system prompt to remove features the model no longer needs. Claude Code’s to-do list was a crutch for earlier models that couldn’t track their own work. With Opus 4, the model handles it natively. Features built as scaffolding for weaker models become debt when the model catches up—so the team actively strips them.
7. Anthropic employees build custom internal tools instead of buying SaaS products. A sales team member built a web app that pulls from Salesforce, Gong, and call notes to auto-customize pitch decks—work that used to take 20 to 30 minutes now takes seconds. Their core stack is Claude Code, Cowork, and Slack. No Notion, no Linear, no Figma.
8. People underestimate how much Claude’s personality contributes to its success. As Cat describes it, “When you reflect on everyone you’ve worked with, there’s just some people where you’re like, I really like their energy, their vibe.” Claude is designed to be low-ego, positive, competent, and earnest—qualities that make it feel like a great coworker, not just a tool. This isn’t cosmetic; it’s what makes people want to use Claude for hours every day. The team has a dedicated person, Amanda, who “molds Claude’s character,” and it’s one of the hardest roles at the company because success is so subjective.
9. The future of work is managing fleets of AI agents, not doing the work yourself. Cat sees a clear progression: first, individual tasks become successful. Then people start running multiple tasks at the same time (multi-Clauding). Next, people will run 50 or 100 tasks simultaneously, which will require new infrastructure—remote execution, better interfaces for managing tasks, agents that fully verify their work, and self-improving systems that incorporate feedback. The human role shifts from doing the work to knowing which tasks to look into, verifying outputs, and giving feedback that makes the system better over time.
10. Hire people who lean into chaos and face every challenge with a smile. At Anthropic, there are weeks when a P0 on Sunday becomes a P00 by Monday and a P000 by Monday afternoon. If you get too stressed about any one thing, you’ll burn out. Their team looks for people who can look at a hard challenge and say, “Wow, that’s gonna be hard. But I’m excited to tackle it and I’m gonna do the best that I possibly can.” This mindset—optimism, resilience, and comfort with constant change—is increasingly essential as the pace of AI development accelerates.
Don't miss the full conversation: https://t.co/1wOUHcdYQN
What a moment for Exabeam. Accepting the 2026 Google Cloud Partner of the Year Award for Security: Analytics & Operations on stage is powerful recognition of the leadership, innovation, and momentum driving our business forward.
Read the press release: https://t.co/3LVKu8YAKP
Claude Design is insane.
❤️🔥Just recorded a 18-min tutorial on how to build animated, award-winning websites with Claude Design + Opus 4.7!
Don't Confuse #Automation For #Innovation: Why Security Needs Accelerated Operations
by @virtualsteve @Forbes
Learn more: https://t.co/Xl5OxrBa3q
#EmergingTech #Innovation #Technology
This is not a hot take: #AI can't fully replace human expertise in security operations. As @virtualsteve says, that idea is just hype. Find out how CISOs are using it to complement #security teams instead: https://t.co/yffUvkuZu9
No grudges here. I put promise in quotes because no one actually "promised" anything.
I think the originally quoted research is important for people to see that Vector RAG isn't a free lunch to agent eidetic memory.
I do think there's lots going on in the field of agent memory now, that's quite promising!
It's an old idea that works for problems that are "like" this, but I'm sure it gets very application-specific in terms of how you do it. The "nice" thing about the vector DB solution was it "promised" you could just put stuff there and the LLM would "remember" it - https://t.co/MF4b7waz0z
RAG is broken and nobody's talking about it.
Stanford researchers exposed the fatal flaw killing every "AI that reads your docs" product in existence.
It’s called "Semantic Collapse," and it happens the second your knowledge base hits critical mass. If you've noticed your AI getting "dumber" as you add more data, this is exactly why.
Right now, companies are dumping thousands of documents into their AI, thinking it’s getting smarter.
When you add a document to RAG, it converts it into a high-dimensional vector.
Under 10,000 documents, this works perfectly. Similar concepts cluster together.
But past 10,000 documents, the space fills up. The clusters overlap. The distances compress.
Everything starts to look "relevant."
It is a mathematical law called the Curse of Dimensionality. In a 1000-dimensional space, 99.9% of your data lives on the outer edge. All points become equidistant from each other.
That perfect, relevant document you are looking for now has the exact same mathematical similarity as 50 completely irrelevant ones.
The Stanford findings are brutal:
At 50,000 documents, precision drops by 87%. Semantic search actually becomes worse than old-school keyword search.
Adding more context doesn’t fix the AI. It makes the hallucinations worse.
Your "nearest neighbor" search isn't finding the best answer anymore. It's finding everyone.
We thought RAG solved hallucinations.
It didn't. It just hid them behind math.
Today is a big day! We're launching a ~ new ~ version of Claude Code in the desktop app. It's been redesigned from the ground up for parallel work and is a lot faster.
It's been my main way to use Claude Code for the last few weeks.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers