Evolve Security

Yesterday, Evolve Security's Co-Founder Paul Petefish continued his Continuous Penetration Testing Methodology (CPTM) Roadshow and facilitated an interactive Tabletop Exercise Dinner with the San Diego ISSA Chapter. The room was full of security practitioners and leaders ready to have a real discussion about one of the most important questions in offensive security right now: How much pen testing is actually enough? Paul walked through the case against the Point-In-Time (PIT) testing and introduced the industry's 1st open-source framework, CC licensed, and community-driven Continuous Penetration Testing Methodology (CPTM), a framework designed to transform offensive security from a point-in-time event into an always-on Mythos-like capability that keeps pace with today's dynamic environments. The energy in the room was a reminder of why these community events matter. Real conversations. No fluff. Just practitioners who care about getting security right. Thank you to the San Diego ISSA and KPMG for hosting and to everyone who came out and engaged. The conversation doesn't stop here. If you weren't able to make it and want to learn more about CPTM, let's connect! 🔗 evolvesecurity.com #SDISSA #CTEM #COST #CPTM #CPT #VulnOps #OffensiveSecurity #EvolveSecurity

We're on the lookout for a Senior Accountant to join the Evolve Security team! 🎯   If you love owning your work, keeping financials tight, and making a real impact at a growing company — this one's for you.   You'll be stepping into a role where you're not just processing numbers — you're a key partner to Finance, Operations, and Leadership, helping drive the financial health of the business.   Here's a snapshot of what you'll be doing: ✔️ Running AP, AR, payroll & commissions ✔️ Leading monthly close and financial reporting ✔️ Managing journal entries, reconciliations & GL accuracy ✔️ Supporting audits and identifying process improvements   What we're looking for: 🎓 Bachelor's in Accounting or Finance 📊 3–5 years of full-cycle accounting experience 📋 Strong GAAP knowledge + ERP proficiency (QuickBooks, NetSuite, etc.) 🏙️ Based within commuting distance of Chicago (hybrid, 2 days/week in office)   📍 Hybrid – Chicago, IL   Sound like you? Or know someone who'd be a great fit? Apply Here: https://lnkd.in/gfe-vgTR   #EvolveSecurity #Hiring #AccountingJobs #ChicagoJobs #NowHiring #FinanceCareers

Can’t wait to meet the San Diego ISSA chapter on Thursday!

Ecstatic to share that Evolve Security is hosting an exclusive cyber executive dinner conversation in Indianapolis on June 16, 2026!  Join us for An Executive Conversation on Mythos & Daybreak, an evening of candid discussion on what these mean for vulnerability management programs, the emergence of VulnOps, and the practical actions security leaders should be taking right now. You’ll hear directly from industry leaders: • Mark Carney – CEO, Evolve Security • Jason Rowland – CDO, Evolve Security • Weryke Rader – DCISO, Openlane • Rob Tincher, CISSP – AppSec Manager, Openlane 📅 June 16, 2026 🍽️ Anthony’s Chophouse | Dinner at 6:00 PM 📍 201 W. Main Street, Carmel, IN 46032 Space is limited. Reserve your seat today! Event registration link in comments. 👇 #COST #ExecutiveDinner #Mythos #Daybreak #EvolveSecurity #CTEM

Thrilled to share that Evolve Security has partnered with AIUC-1, a leading framework for evaluating the security, safety, and reliability of AI agents and enterprise AI systems. Together, we're advancing how the industry thinks about offensive security in the context of AI agents. Prompt injection. Agentic trust boundaries. LLM data exposure. AI agents are the new attack surface. Making them safe requires someone who thinks like an adversary. We're proud to share that two members of our executive team, Mark Carney, CEO, and Jason Rowland, CDO, have joined AIUC-1 as Consortium Members. Both are committed to contributing their expertise to the community and advancing this important mission. Thank you to Rajiv Dattani, Emil Bender Lassen, Lena Smart, and the entire AIUC-1 team for the partnership! #AIUC1 #AISafety #AIAgents #PenTesting #OffensiveSecurity #Cybersecurity #AIGovernance #CTEM

On Saturday, Paul Petefish walked on stage at Chicago Security BSides312 and said penetration testing is busted. The room agreed. Anthropic's Claude Mythos and OpenAI's Daybreak can find zero day vulnerabilities autonomously, overnight. The window between discovery and exploitation has effectively closed. Scoped engagement. Fixed window. PDF at the end. Repeat next year. That model made sense 25 years ago. Against AI powered adversaries, that's not a gap in your program, it's a liability. Paul introduced our newly published Continuous Penetration Testing Methodology (CPTM), an open industry standard for continuous adversarial coverage. Free for any organization ready to move past the snapshot model. The industry is ready for this. The momentum behind CPTM is just getting started. #BSides312 #Chicago #PenTesting #CPTM #CTEM #Cybersecurity #ClaudeMythos #Daybreak #ContinuousTesting

Penetration testing is busted. That's not a hot take. That's the title of the session our President and Co-Founder, Paul Petefish at Evolve Security, is bringing to the Chicago Security BSides312 Conference on May 16th. And he can back it up. The industry has operated on the same point in time model for decades. Scoped engagement. Fixed window. PDF at the end. Repeat next year. Meanwhile, your environment changes daily. Your attack surface doesn't wait for your next assessment cycle. Paul will be presenting our newly published Continuous Penetration Testing Methodology (CPTM), an open industry standard built to fix what the legacy model was never designed to handle. This isn't a vendor pitch. It's a framework the entire industry can use. 📅 May 16th | 4:00 PM CST 📍 Chicago BSides312 Conference If you're in Chicago and want to see how the penetration testing industry is evolving, this is the session to attend. See you there! #BSides312 #Chicago #PenTesting #PTaaS #CTEM #Cybersecurity #ContinuousTesting

Thrilled to announce that Evolve Security's 3rd blog in our AI Red Team Field Guide series (Episode 3 of 4) on AI AppSec Champions is now "LIVE"! 💢 The ratio of AI-capable developers to engineers who understand AI security risks is somewhere between 20-to-1 and 50-to-1 in most enterprises. You cannot hire your way out of that gap. In Episode 3, we cover why the organizations getting AI security right aren't scaling headcount. They're scaling knowledge by embedding security expertise directly inside engineering teams through AI AppSec Champions. Within the AI threat modeling and technical pen testing Evolve Security conducts, the gap between "we have an AI security review process" and "we actually catch AI security issues before they ship" is almost always a people and process problem. Not a tooling problem. Here's what a functioning AI AppSec Champions program actually looks like: ✅ The role: An AI AppSec Champion is a developer or ML engineer who takes on distributed security responsibility. Not a full-time role. Real expertise embedded where AI is being built. ✅ The 5 competency domains: Prompt injection recognition, AI data flows, LLM trust architecture, third-party AI vendor risk, and knowing when to escalate. ✅ The relationship to pen testing: Champions don't replace professional AI pen testing. They make it faster and better targeted by handling baseline triage at the team level and collaborating on necessary threat modeling exercises. ✅ The timeline: A functioning program can be operational in 8 to 12 weeks. The CISOs who get ahead of this are building capability inside the teams already shipping AI. Our AI Red Team Field Guide series includes the full framework for standing up an AI Security Champions program. Link to the full blog in comments. 👇 #AIRedTeamFieldGuide #AppSec #AISecurity #SecurityChampions #VulnOps #CISO

🚨 We’re Hiring: Senior Application Security Tester & AI Red Team Subject Matter Expert 🛡️🤖 Evolve Security is looking for a senior offensive security pro who has mastered modern web and API testing — and is ready to lead how we red team LLMs, RAG systems, and agentic AI applications for our clients. This is a remote role for someone with 5–8+ years of AppSec experience and demonstrable hands-on work testing AI/ML systems. If you live for prompt injection chains, agent jailbreaks, and complex business logic flaws — and you want to define a practice rather than join one — let’s talk. 🔗 https://lnkd.in/ghr452ET #Hiring #AppSec #AIRedTeam #LLMSecurity #PenetrationTesting #CyberSecurityJobs #EvolveSecurity #RemoteJobs

🚨 San Diego — Evolve Security is coming to you! Evolve Security Co-Founder Paul Petefish will be the featured speaker at the upcoming SD ISSA Tabletop Exercise Dinner, hosted at KPMG in San Diego. Topic: How Much Pen Testing is Enough? Paul is the creator of the Continuous Penetration Testing Methodology (CPTM), a patent holder, published vulnerability researcher, guest lecturer at the University of Chicago, and a recognized cyber expert for ABC and CBS Chicago. He's spent 20+ years in offensive security and he has a few things to say about why the industry's default approach to pen testing isn't cutting it anymore. 📍 KPMG: First Floor Training Room 4655 Executive Dr, Suite #1100 | San Diego, CA 92121 Register now → luma.com/t74expkc Seats are limited, so don't sleep on this one. #SDISSA #PenTesting #CyberSecurity #OffensiveSecurity #CPTM #SanDiego #EvolveSecurity