Hacking Exposed has been the foundational text of the cybersecurity industry since Stuart McClure co-authored the first edition in 1999. By 2018, the book's central premise — that understanding how attackers think is the foundation of effective defense — had never been more relevant, and the methods attackers use had never been more sophisticated. Stuart's RSAC 2018 session, "Hacking Exposed: NextGen (AI Powered)," applied that foundational mindset to the new landscape of AI-augmented attacks and AI-powered defenses.
The session demonstrated next-generation hacking techniques that leverage AI capabilities — showing how attackers can use machine learning to automate reconnaissance, generate more convincing phishing content, bypass behavioral analysis, and accelerate the exploitation of newly discovered vulnerabilities. Alongside this threat assessment, Stuart presented the state of AI-powered defense as it existed in 2018, including Cylance's own approach, and examined where the current generation of AI defenses was strong and where it remained vulnerable.
The session took its format from the "live hacking demo" tradition of the Hacking Exposed series — showing actual techniques in action rather than describing them abstractly — which made it one of the most viscerally impactful security presentations of the year. Seeing AI-powered attacks in real time communicates their threat in a way that slides cannot.
This presentation was delivered in April 2018, the year before BlackBerry announced its $1.5 billion acquisition of Cylance, at the peak of the company's influence on how the security industry understood the role of AI in both offense and defense.