Exploring the Human Side of Red Team Operations with Brian Fox, Tom Tovar, and T. Gwyddon ‘Data’ Owen

Vaibhav April 21, 2026
Exploring-the-Human-Side-of-Red-Team-Operations-with-Brian-Fox-Tom-Tovar-and-T-Gwyddon-Data-Owen
Post Views: 7

Red Team Exercises: Educating Organizations to Improve Security

In the ever-evolving landscape of cybersecurity, organizations must continually assess and enhance their defenses against potential threats. One effective way to achieve this is through red team exercises, which simulate attacks to identify vulnerabilities and educate staff on improving security measures.

The Importance of Red Team Exercises

The primary objective of a red team exercise is to test the organization’s defenses and determine whether a particular outcome can be achieved through a simulated attack. However, the ultimate goal goes beyond mere testing; it is to educate the organization on how to improve its tools and processes, making attacks more difficult to succeed.

According to Gwyddon “Data” Owen, a seasoned cybersecurity expert, building a red team requires careful consideration and planning. The process involves creating an exercise, gathering intelligence on potential weaknesses, and leveraging the results to inform security improvements.

Coding Agents: Still a Source of Avoidable Risk

Despite the advancements in AI-powered coding models, they continue to pose risks to software security. A recent study has shown that while frontier AI models are hallucinating less than they did a year ago, they still retain a significant amount of avoidable software risk when left ungrounded.

By connecting these models to real-time software intelligence, organizations can significantly improve remediation quality and reduce critical and high-severity vulnerability exposure by up to 70%.

From “Do-It-Yourself” to “Do-It-For-Me”

As the threat landscape continues to evolve, organizations are shifting towards “do-it-for-me” agentic AI delivery models. This approach focuses on using platforms that unify data, execute policy, and automate outcomes, rather than relying on manual intervention.

Cybersecurity Leaders Must Navigate the Shift

Cybersecurity leaders must navigate this shift by staying ahead of the curve and embracing the transformative power of AI. By doing so, they can create a more agile and responsive security posture that addresses the complex challenges posed by emerging threats.

Expert Voices

  • Brian Fox, CTO and Co-founder of Sonatype:

    Emphasizes the need for a balanced approach to security. He suggests that organizations should strive for a combination of speed and caution, recognizing that the two are not mutually exclusive.

  • Tom Tovar, CEO of Appdome:

    Highlights the importance of adopting a proactive stance towards security. He advocates for the use of AI-powered solutions to streamline security processes and free up resources for more strategic initiatives.

  • T. Gwyddon “Data” Owen:

    Underscores the significance of human expertise in the context of cybersecurity. He stresses the need for organizations to invest in the skills and knowledge required to stay ahead of emerging threats.

Conclusion

Red team exercises offer a valuable opportunity for organizations to assess their defenses and enhance their security posture. By striking a balance between speed and caution, organizations can create a robust security posture that protects against various types of threats. As the threat landscape continues to evolve, it is essential for organizations to adopt a proactive stance towards security, leveraging AI-powered solutions to streamline processes and free up resources for more strategic initiatives. By doing so, they can stay ahead of the curve and ensure that their security posture remains robust and effective.



About Author

Vaibhav

See author's posts

More Stories

Cisco-Catalyst-SD-WAN-Manager-Bug-Exploited-New-CVE-Identified

Cisco Catalyst SD-WAN Manager Bug Exploited, New CVE Identified

Vaibhav April 21, 2026
Apache-ActiveMQ-Flaw-Affects-Over-6-400-Servers-Globally

Apache ActiveMQ Flaw Affects Over 6,400 Servers Globally

Vaibhav April 21, 2026
Securely-Collecting-Threat-Intelligence-Without-Compromising-Your-Identity-or-Infrastructure

Securely Collecting Threat Intelligence Without Compromising Your Identity or Infrastructure

Vaibhav April 21, 2026

Latest Cyber Security News

Cisco-Catalyst-SD-WAN-Manager-Bug-Exploited-New-CVE-Identified

Cisco Catalyst SD-WAN Manager Bug Exploited, New CVE Identified

Vaibhav April 21, 2026
Beware-of-Scammers-Using-Fake-APK-Links-to-Steal-from-PM-KISAN-Beneficiaries

Beware of Scammers Using Fake APK Links to Steal from PM-KISAN Beneficiaries

Vaibhav April 21, 2026
Apache-ActiveMQ-Flaw-Affects-Over-6-400-Servers-Globally

Apache ActiveMQ Flaw Affects Over 6,400 Servers Globally

Vaibhav April 21, 2026
Securely-Collecting-Threat-Intelligence-Without-Compromising-Your-Identity-or-Infrastructure

Securely Collecting Threat Intelligence Without Compromising Your Identity or Infrastructure

Vaibhav April 21, 2026
Data-Breaches-Hit-Healthcare-Organizations-in-IL-and-TX-Impacting-600K-Individuals

Data Breaches Hit Healthcare Organizations in IL and TX Impacting 600K Individuals

Vaibhav April 21, 2026
en_USEnglish
en_USEnglish