Programmable Defense Summit: A Transparent, Community-driven Movement

As cyber threats evolve, so must our defenses. Decibel recently held the inaugural Programmable Defense Summit and discussed developing and deploying transparent, programmable solutions so security engineering teams can stay ahead of AI-enhanced cyber attacks vs. waiting on traditional black box vendors.

Bringing together some of the most forward-thinking cybersecurity leaders and founders, the Programmable Defense Summit conversations centered on how the security industry is shifting toward a more transparent, adaptable, and customer-centric, rather than vendor-centric, security posture.

‍A special thank you to the incredible security leaders in attendance including Prudential, Cribl, Ro, Vanta, Workato, Crowdstrike, Maven Clinic, FanDuel, Dropbox and founders from Sublime Security, Panther Labs, Pixee, Authentik, Prowler, Censys, Pangea whose insights and energy are contributing to the momentum of the Programmable Defense movement!

Security Secular Trends

"Programmable defense puts power back in the hands of security engineers—moving fast is no longer a luxury but a necessity."

The security landscape is shifting rapidly, driven by both technological advances and evolving threat vectors:

1. AI-Enhanced Threat Actors:
   Threat actors are leveraging AI to scale their operations. Tools like ChatGPT make it possible for attackers to generate convincing phishing emails or automate reconnaissance. The barrier to entry for orchestrating complex cyberattacks has plummeted, resulting in a significant uptick in both volume and variety of threats.
2. A New Generation of Security Leaders:
   Today’s security teams have grown up in a world shaped by DEFCON and Black Hat conferences. These leaders are now reaching the C-suite, bringing with them expectations of in-house security engineering expertise. Unlike in previous eras, outsourcing security to vendors is no longer the default—security leadership expects sophisticated operations and expertise to live in-house rather than with the vendor.
3. Collaborative Defense Communities:
   Security professionals are organizing on platforms like X and Mastodon to share intelligence and counter common threats. Much like the 1% of social media users who create content consumed by the 99%, a small but growing group of defenders is publishing actionable insights for broader community benefit.

From Click-Ops to Programmable Security

"The black box might scale, but it doesn’t solve enough problems. The future is transparent and programmable."

Security tooling is evolving, and a fundamental shift is underway:

• The Demand for Transparency:
  Black-box solutions are increasingly seen as insufficient for modern security challenges. Instead, forward-thinking organizations expect their tools to be programmable, consumable via APIs, and tailored to their unique environments and needs of an organization.
• Parallels with DevOps:
  Just as open-source software and agile DevOps tooling empowered developers, programmable security will unleash creativity and innovation within security teams. Leaders envision a future where security engineers can adapt tools in real time, fostering collaboration and sharing knowledge across organizations.

Programmable Defense: A Foundation for the Autonomous Defense

"LLMs are the bridge—making security decisions understandable to executives and actionable for engineers."

• The Autonomous Defense: Programmable defense is the cornerstone of a future autonomous cybersecurity ecosystem, as effective AI requires vast amounts of high-quality first-party data. By enabling security experts to contribute directly to the system, programmable defense becomes a powerful, community-driven engine for innovation—one capable of evolving into the most effective security system in the world. However, implementing this strategy today is not without challenges. It demands deep technical expertise, including an understanding of code and detection engineering, skills that not all security teams possess. This gap often limits organizations’ ability to operationalize programmable tools effectively.

Sublime Security, utilizes BERT LLM, enhances Sublime's Natural Language Understanding and brings improved contextual awareness and understanding, language comprehension, and performance to better identify GenAI in phishing attacks.

• Enter AI: LLMs democratize access to sophisticated defense strategies by translating complex, technical threat intelligence into actionable steps that engineers can implement and executives can understand. In essence, AI serves as the bridge between human expertise and machine learning, enabling real-time integration of threat intelligence into systems for greater efficacy. This collaboration between AI and humans is a critical step toward autonomous defense—where systems can dynamically adapt to threats in real time, powered by first-party data collected from real attacks and responses.

Programmable defense is as much about culture as technology, relying on transparency, collaboration, and shared knowledge. AI makes this vision achievable, enabling adaptive, ever-improving cybersecurity systems for the future.

Looking Ahead

The discussions at the Programmable Defense Summit confirmed what many of us already believed: the future of cybersecurity is programmable, transparent, and community-driven.

Join the Programmable Defense movement! Contact Dan or Stacey to engage with this active community.