Steve Wilson

How will we use AI Agents in cyber defense? Check out this snippet from my interview in Davos.

I run a lot of cron jobs, so I did ask my agent. Here's the answer I got, for anyone interested. I thought it was informative... ---------- Read Alex Finn's tweet. He's telling people to purge thousands of cron session transcripts under ~/.openclaw/agents/main/sessions/ and rebuild sessions.json because their assistants are reloading all of that JSONL history every turn, which can bog things down if you're carrying months of cron output in context. Our setup isn't in that state. We only have 30 session files (about 33 MB total) and the sessions.json manifest is just 27 KB. Even though we run a lot of scheduled jobs, their output lives in logs/action_log.md and the tool-specific logs, not inside the session transcripts, so there's no bloated context to trim. Deleting the existing sessions would just wipe our audit trail and any useful conversational history without giving us a measurable speed-up. So nothing to copy from that fix right now. If the session count ever explodes into the thousands I'll archive older runs and regenerate the manifest in a controlled way, but we're nowhere near that threshold today.

IF YOU'RE ON OPENCLAW DO THIS NOW: I just sped up my OpenClaw by 95% with a single prompt Over the past week my claw has been unbelievably slow. Turns out the output of EVERY cron job gets loaded into context Months of cron outputs sent with every message Do this prompt now: "Check how many session files are in ~/.openclaw/agents/main/sessions/ and how big sessions.json is. If there are thousands of old cron session files bloating it, delete all the old .jsonl files except the main session, then rebuild sessions.json to only reference sessions that still exist on disk." This will delete all the session data around your cron outputs. If you do a ton of cron jobs, this is a tremendous amount of bloat that does not need to be loaded into context and is MAJORLY slowing down your Openclaw If you for some reason want to keep some of this cron session data in memory, then don't have your openclaw delete ALL of them. But for me, I have all the outputs automatically save to a Convex database anyway, so there was no reason to keep it all in context. Instantly sped up my OpenClaw from unusable to lightning quick

AI agents now act autonomously, access sensitive systems, and execute tasks on behalf of humans. That makes them insiders. At #RSAC26, @virtualsteve explores why traditional insider risk programs are not built to detect them. ow.ly/Xs7850YtwXC

Notes from the live kick-off meeting for the OWASP Top 10 for LLM - 2026 Edition linkedin.com/pulse/owasp-to…

Prompt injection. Model manipulation. Data leakage through LLM workflows. @virtualsteve joins industry experts at #RSAC26 to explore how enterprises can scale AI responsibly while defending against LLM-specific threats. ow.ly/99iK50Yta7v

Yesterday Mark Cuban reposted my work, DM'd me, and told me to keep telling my story. So here it is. I'm a Master Electrician. IBEW Local 369. 15 years pulling wire in Kentucky. Zero coding background. I didn't go to Stanford. I went to trade school. Every week I'd show up to a home where someone just bought a Tesla or a Rivian. And every time, someone had already told them they needed a $3,000-$5,000 panel upgrade to install a charger. 70% of the time? They didn't need it. The math is in the NEC — Section 220.82. Load calculations. But nobody was doing them for homeowners. Electricians upsell. Dealers don't know. And the homeowner just pays. I got angry enough to build something about it. I found @claudeai. No coding experience. I just started talking to it like I'd explain a job to an apprentice. "Here's how load calcs work. Here's the NEC code. Now help me build a tool that does this." 6 months later — @ChargeRight is live. Real software. Stripe payments. PDF reports. NEC 220.82 calculations automated. $12.99 instead of a $500 truck roll. I'm still pulling wire. I still take service calls. I wake up at 5:05 AM for work. But something shifted. Yesterday @vivilinsv published my story as Claude Builder Spotlight #1. Mark Cuban saw it. The Claude community showed up. And for the first time, I felt like this thing I built in my kitchen might actually matter. I'm not a tech founder. I'm a dad who wants to coach little league and be home for dinner. I just happened to build something that helps people. If you're in the trades and thinking about using AI — do it. The barrier isn't technical skill. It's believing you're allowed to try. EVchargeright.com

#AI agents now act like digital employees, but many orgs still govern them like tools. Without identity, oversight and accountability, automation could trigger the next “fully authorized” breach, says @exabeam's Steve Wilson in this op-ed. #cybersecurity bit.ly/4s64YMD

@virtualsteve @openclaw Found quite some critical issues but thankfully it resolved everything as well.

@virtualsteve @openclaw Thanks for this article I got my OpenClaw agent to go through the entire article, understand if we suffer from the same issues and implement deterministic security checks to protect itself against such attacks. It worked flawlessly and it implemented those checks.

@aditya12anand @openclaw Wow! Cool!

I built an @openclaw digital lobster assistant and my CISO hacked it! linkedin.com/pulse/ciso-hac… #aisecurity #llmsecurity #airedteam #openclaw #agenticai #aiagents

@jordymaui This is great advice! My lobster got hacked becuase I didn't follow this rule. Read on here for the full blow-by-blow! linkedin.com/pulse/ciso-hac…

your OpenClaw agent is ignoring half your instructions and you probably don't know it. Anthropic's new skills guide confirms what i learned the hard way - language instructions drift. you tell your agent "always validate the output" and it skips it 40% of the time. the fix is stupidly simple. write a script instead. a 10-line python file that checks the output beats a paragraph of instructions every single time. code is deterministic. language isn't. i moved all my critical checks from instructions to scripts inside the skill folder. overnight difference. the agent stopped cutting corners because it couldn't - the script either passes or it doesn't. if your agent is producing inconsistent results, this is probably why. stop asking it nicely. make it mandatory. i can drop a thread on this to teach you how to do this!

Next steps for the OWASP Top 10 for LLM 2026 Edition linkedin.com/pulse/results-…

@SherriDouville If you play with fire, you might get burned...

Should agents touch infra, DevOps, or SysAdmin 👇 cc @virtualsteve

I had a great time tonight at the SnooSec cyber meetup at Reddit HQ in SF talking about AI Security

In case you're trying to handicap how much progress we'll see in the next three years.

We're introducing Cursor Automations to build always-on agents.

Agents are dead. Fight me! linkedin.com/pulse/death-ai…

Wow, just wow

"We used to debate using tabs vs spaces in code we'd type out"

I’m humbled to be nominated for AI Security Innovator of the Year in the 2026 Cybersecurity Excellence Awards. Recognition like this is never about one person. I’ve had the good fortune to work alongside some truly exceptional people at @exabeam , through @owasp , and with the team at @OReillyMedia. All of them are pushing hard to make AI more secure, more trustworthy, and more useful in the real world. If you are inclined to support the nomination, voting works a little differently. It is based on social reshares directly from the nomination page itself. No pressure at all. I am simply grateful to be part of this community and the broader conversation around securing AI. cybersecurity-excellence-awards.com/candidates/ste…