In this session, Tod Beardsley and HD Moore (runZero) are joined by Jonathan Cran (Mallory) to discuss how AI-powered threat intelligence is providing defenders with a much-needed advantage in an increasingly noisy security landscape. Cran introduces Mallory, a platform designed to aggregate signal from diverse sources — including vendor blogs, OSINT, and the dark web — to provide real-time, contextualized intelligence. By moving beyond traditional CVE-based tracking and utilizing AI to filter out slop and fake exploits, defenders can answer critical questions about their exposure in minutes, often beating official vulnerability databases to the punch.
The conversation highlights a major shift in vulnerability management: the transition from waiting for official CVE numbers to tracking emerging threats through GitHub issues, mailing lists, and security advisories. HD Moore explains that as of 2026, the volume of new vulnerabilities has exploded while official enrichment from sources like the NVD has lagged, creating a gap that attackers frequently exploit. Mallory addresses this by performing entity resolution, identifying significant vulnerabilities before they have a formal name and helping organizations like runZero provide their customers with immediate search queries to find exposed systems in their environments.
Meet Our Speakers
todb
VP of Security Research, runZero
HD Moore
Founder & CEO, runZero
Get the latest news and expert insights delivered in your inbox.
