各位CSO好,这是一档分享网络安全建设干货的双人对话播客,emm~和全麦面包一样干
Podcast Overview
各位CSO好,这是一档分享网络安全建设干货的双人对话播客,emm~和全麦面包一样干
Language
🇨🇳
Publishing Since
11/4/2024
1 verified contact email on file for 网络安全AI说
Pitch yourself as a guest, propose sponsorships, or reach out directly to the host.
Recent Episodes
June 14, 2026
AI攻击时代,零信任为何成必选项?
* 主题:从四个真实攻防故事看零信任建设的必要性<br>* 核心观点:AI攻击让补丁窗口期失效,零信任通过"分层防御"实现安全左移,止战于未战<br>开场引入:Mythos炸圈,安全圈变天<br>* 近期安全圈最热话题:Anthropic推出的Mythos AI攻击工具<br>* Mythos核心能力:代码理解接近人类顶尖工程师,漏洞发现+exploit生成一条龙<br>* 核心矛盾:AI攻击工具进化速度远超传统防御节奏<br>故事一:沉睡17年的幽灵 — AI让补丁窗口期失效<br>* 漏洞档案:Linux内核NFS模块(fs/nfsd/nfs4xdr.c),远程代码执行(RCE)<br>* 沉睡17年:无数次安全审计、500万次模糊测试均未发现<br>* Mythos唤醒过程:扫描识别逻辑缺陷 → 自动生成攻击代码 → 几分钟完成从发现到远程控制<br>* 关键数据:<br> * SWE-bench Verified:93.9%(代码理解能力接近人...<a href="https://www.xiaoyuzhoufm.com/episode/6a2e38fc43a22a69558365d2?utm_source=rss&as=cHQ9MTIyNjE5MjQ3JmN0PWFwcGxlcG9kY2FzdF9zaG93bm90ZXMmbXQ9OA%3D%3D">去小宇宙查看完整单集简介</a><br><a href="https://www.xiaoyuzhoufm.com/episode/6a2e38fc43a22a69558365d2?utm_source=rss&as=cHQ9MTIyNjE5MjQ3JmN0PWFwcGxlcG9kY2FzdF9zaG93bm90ZXMmbXQ9OA%3D%3D">前往小宇宙评论区与主播互动</a>
May 26, 2026
深信服 VS 字节火山引擎,智能体安全治理理解
<h2><strong>📋 本期简介</strong></h2><p>当AI智能体从"只会说话的聊天框"进化成"能动手操作的数字员工",安全问题就从"防止说错话"升级成了"防止做错事"——而且它真的能删库、能泄露机密、能绕过权限。</p><p>本期聚焦两份代表性方案:深信服与字节跳动火山引擎。两家对智能体安全的理解路径截然不同——深信服用人力资源管理的逻辑来"治理"数字员工,火山引擎则用云原生的"1+4+1"体系来"防护"智能体。谁更接地气?谁更有实战底气?逐层拆解。</p><p>深信服将智能体带来的安全挑战系统化为五个"难":</p><figure><img src="https://image.xyzcdn.net/FtsivsvHMjhq7LQIVTHdOJkcBuO9.png"></figure><p>火山引擎从AI应用架构视角将风险分为三层:</p><figure><img src="https://image.xyzcdn.net/Fh2AL7hjJaeSSn_gtSYLRre1Qi9v.png"></figure><p></p><br><a href="https://www.xiaoyuzhoufm.com/episode/6a15aee9ff7b9a8c0a5b9d43?utm_source=rss&as=cHQ9MTIyNjE5MjQ3JmN0PWFwcGxlcG9kY2FzdF9zaG93bm90ZXMmbXQ9OA%3D%3D">前往小宇宙评论区与主播互动</a>
April 17, 2026
Mythos级AI攻击——安全恐慌启示录
<h2><strong>📌 节目概要</strong></h2><blockquote><p><strong>2026年4月7日,网络安全领域迎来了分水岭时刻。</strong></p></blockquote><p>Anthropic发布了迄今为止最强大的前沿模型——<strong>Claude Mythos Preview</strong>,其展现出的安全能力远超预期,立即引发美国国家战略层面的高度关注。这不是一次普通的技术迭代,而是一场改写网络安全攻防规则的根本性变革。</p><h2><strong>⚡ 核心看点</strong></h2><h3><strong>🔥 Mythos为何令人恐慌?</strong></h3><figure><img src="https://image.xyzcdn.net/FvjGyuvqBcHBAnHrYqtxc5dJdidq.png"></figure><p><strong>关键数据</strong>:</p><ul><li><p>Firefox漏洞利用成功率:其他模型 <strong>4.4%</strong> → Mythos <strong>84%</strong></p></li><li><p>单次漏洞发现成本:<strong>不足50美元</strong></p></li><li><p>CyberGym漏洞复现率:<strong>83.1%</strong></p></li></ul><h3><strong>🏛️ 美国在做什么?</strong></h3><p><strong>美联储紧急会议</strong></p><ul><li><p>参会者:财政部长、美联储主席、摩根大通/高盛/花旗CEO</p></li><li><p>核心议题:严肃对待Anthropic新型AI模型带来的网络安全风险</p></li></ul><p><strong>Project Glasswing防御计划</strong></p><ul><li><p>仅向约40家关键基础设施维护者开放Mythos访问权限</p></li><li><p>创始成员:<strong>AWS、Apple、Google、Microsoft、CrowdStrike、Palo Alto Networks、JPMorganChase</strong></p></li><li><p>目标:在攻击者获得同等能力之前,优先修补最重要的系统</p></li></ul><blockquote><p>⚠️ <strong>中国被排除在Glasswing项目之外</strong></p></blockquote><p></p><h3><strong>🚨 七大攻击向量</strong></h3><figure><img src="https://image.xyzcdn.net/FoRzUsRc2UYZh5w4mP_ZCeUUcdMX.png"></figure><h3><strong>🌏 中国面临的挑战</strong></h3><p><strong>技术差距对比</strong></p><figure><img src="https://image.xyzcdn.net/Fvs4VRg65HRkKmpsueTUm9ivxOum.png"></figure><p><strong>核心困境</strong>:</p><ul><li><p>技术封锁让国内模型滞后于国外</p></li><li><p>攻击者可用国外模型,防守方只能用国内模型</p></li><li><p>0day挖掘与利用能力差固定存在</p></li></ul><h2></h2><h2><strong>📝 金句摘录</strong></h2><blockquote><p>"基于'摩擦=安全'的传统防御措施面临系统性失效风险"</p></blockquote><p></p><blockquote><p>"防御者需修补所有漏洞,攻击者只需找到一个——但现在攻击者有了Mythos"</p></blockquote><p></p><blockquote><p>"Mythos的能力是不确定的,但技术封锁会持续存在是确定的"</p></blockquote><p></p>
74 total episodes available
Recent guests on 网络安全AI说
Guests from recent episodes — sign up to see every guest that has ever appeared on this show.
Christoph Schuhwerk
Guest
Ethan
Guest
李明博士
Guest
[Guest Name]
Guest
Deep-dive analytics for 网络安全AI说
Frequently asked questions
Have a different question and can't find the answer you're looking for? Reach out to our support team by sending us an email and we'll get back to you as soon as we can.
- What is 网络安全AI说?
- How often does this podcast release new episodes?
This podcast updates daily.
- Where can I listen to this podcast?
This podcast is available on 4 platforms including Apple Podcasts, Spotify, and more. You can also use the RSS feed directly.
- Does this podcast accept guests?
Yes, this podcast regularly features guests.
Legal Disclaimer
Pod Engine is not affiliated with, endorsed by, or officially connected with any of the podcasts displayed on this platform. We operate independently as a podcast discovery and analytics service.
All podcast artwork, thumbnails, and content displayed on this page are the property of their respective owners and are protected by applicable copyright laws. This includes, but is not limited to, podcast cover art, episode artwork, show descriptions, episode titles, transcripts, audio snippets, and any other content originating from the podcast creators or their licensors.
We display this content under fair use principles and/or implied license for the purpose of podcast discovery, information, and commentary. We make no claim of ownership over any podcast content, artwork, or related materials shown on this platform. All trademarks, service marks, and trade names are the property of their respective owners.
While we strive to ensure all content usage is properly authorized, if you are a rights holder and believe your content is being used inappropriately or without proper authorization, please contact us immediately at hey@podengine.ai for prompt review and appropriate action, which may include content removal or proper attribution.
By accessing and using this platform, you acknowledge and agree to respect all applicable copyright laws and intellectual property rights of content owners. Any unauthorized reproduction, distribution, or commercial use of the content displayed on this platform is strictly prohibited.