
Aaron Portnoy on Pwn2Own, the End of Easy Bugs, and AI-Fueled Offense
From Three Buddy Problem by Security Conversations
May 27, 2026 · 40 min
About this episode
Aaron Portnoy discusses the evolution of Pwn2Own, the impact of AI on vulnerability discovery, and the future of cybersecurity.
( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem x Ekoparty Miami : Aaron Portnoy (Zero Day Initiative alum, early Pwn2Own organizer, and now at Mindgard) joins us at Ekoparty Miami to reminisce on the early days of the hacking contest, where vulnerabilities actually live (the boundaries between systems, not inside them), why LLMs will take out the trash but can't dream up the next speculative-execution-class bug, and the coming patching apocalypse when discovery 10x's overnight. Plus, why your SOC is a forensic historian, the promise of hijacking an attacker's reward loop with deception tech, and the legendary story of carrying a Walmart "fat stack" of cash to bootstrap Ekoparty in Buenos Aires. Cast: Juan Andres Guerrero-Saade , Ryan Naraine and Aaron Portnoy . Timestamps: 0:00 — Introductory banter 1:17 — Dropping out, iDefense, and getting good at reversing everything 2:19 — How Pwn2Own got started 4:15 — The most impressive Pwn2Own ever: Nils, VUPEN, and exploit "art" 5:59 — "iPhone hacked in 30 seconds" — and the 18 months…
People in this episode
Hosts: Juan Andres Guerrero-Saade, Ryan Naraine
Guest: Aaron Portnoy
Topics covered
- cybersecurity
- hacking contests
- AI in security
- vulnerability discovery
- deception technology
- Pwn2Own history
Keywords
- Pwn2Own
- cybersecurity
- AI
- vulnerabilities
- deception technology
- Ekoparty
- hacking
Sponsors
TLPBLACK
Mentioned in this episode
Organizations: Zero Day Initiative, Mindgard
Places: Ekoparty Miami, Buenos Aires
More episodes of Three Buddy Problem
- Mythos, Fable, and Anthropic's Big Trust Problem · June 12, 2026 · 1h 59m
- Fast16, Fanny, and Stuxnet: Cyber Paleontology Redux · June 5, 2026 · 2h 24m
- Microsoft Threatens Vuln Researchers; Shadow Brokers Revisited · May 30, 2026 · 1h 60m
- Perri Adams on Proof Engines, LLMs, and the New Era of Verifiable Code · May 26, 2026 · 40 min
- Find 50,000 Bugs, Fix Zero: Gabriel Bernadett-Shapiro on the AI Vuln Trap · May 26, 2026 · 50 min
- Federico Kirschbaum on XBOW, AI Hackers, and the Future of Pen Testing · May 25, 2026 · 58 min
Explore listener stats, chart rankings, contacts and more on the Three Buddy Problem podcast page.