We discuss the meaning of AI life In episode 42 of "BHIS Presents: AI Security Ops." Derek Banks is joined by Bronwen Aker and Brian Fehrman to break down Anthropic’s latest agentic desktop experiment: Claude Cowork.

Claude Cowork brings large language models directly onto the endpoint — giving Claude the ability to read, write, and organize files on your local machine. It’s designed to make powerful AI workflows accessible to non-technical users… but as with any tool that operates at the OS level, the security implications are significant.

We explore what happens when AI moves closer to your data, your filesystem, and your browser — and what that means for defenders.

We dig into:
- What Claude Cowork is and how it differs from Claude Code
- Agentic desktop tools vs. command-line workflows
- Local file access and OS-level interaction risks
- Skills, automation, and task iteration
- Chrome plugins and expanded attack surface
- Overly broad permissions and least-privilege concerns
- SaaS disruption and shifting trust boundaries
- Endpoint monitoring challenges
- The speed of AI releases vs. security review cycles
- Balancing innovation with responsible deployment

This conversation looks at the real-world operational and defensive considerations of agentic AI tools running directly on user systems. If you’re evaluating AI productivity tools inside your organization — or defending environments where they’re already being adopted — this episode will help you think through the risks and tradeoffs.

• (00:00) - Intro & Episode Overview
• (02:31) - What Is Claude Cowork?
• (04:26) - Desktop Agents vs. Command Line Users
• (06:35) - Agentic Workflows & Task Automation
• (08:31) - Building Fast with Claude (Speed of Development)
• (09:52) - Browser Plugins & Expanding Capabilities
• (11:29) - Permission Models & “Just Give It Access to Everything”
• (13:03) - SaaS Disruption & Enterprise Impact
• (15:01) - Overly Broad File Access Risks
• (16:50) - Organizational Disruption & Workforce Impact
• (18:32) - Security Lag vs. Rapid AI Releases
• (20:09) - Final Thoughts & Wrap-Up

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits
https://poweredbybhis.com

Click here to view the episode transcript.

🧦 SOC Summit 2026
https://www.antisyphontraining.com/event/soc-summit/