Zoom's Andy Grant on Offensive Intuition and Letting Hackers Hunt

What happens when you remove timeboxes, rigid scope, and checklist-driven testing from offensive security? In this episode of Ahead of the Breach, we sit down with Andy Grant to explore what it looks like to build an intuition-driven offensive security program, one designed to let skilled engineers follow the signal instead of the schedule.

Drawing from more than a decade in consulting and product security, Andy shares how traditional two-week pentests often cut off discovery just as understanding begins to form. His solution: hire exceptional hackers, give them space to explore, and focus on the most impactful risks rather than superficial coverage metrics.