Drew Stelly, PhD

Security researcher. Company builder. Industrial AI safety.
cd@stelly.org GitHub gulfcoastcyber.com
Research leadership · Advisory boards · Keynotes · Industrial AI safety consulting

Current Work

Founder of Gulf Coast Cyber, helping industrial operators adopt AI safely — security assessments, governance, training, and custom implementation. Founder of the Council for Industrial AI Safety (CIAS), an industry body setting governance standards for AI in critical infrastructure. Previously spent a decade at Lockheed Martin red teaming classified weapons platforms, followed by building the AI Red Team function at Thomson Reuters. NOVA Award recipient. Peer-reviewed author and active vulnerability researcher with confirmed findings in libarchive, FreeType, and DjVuLibre.

Before the Incident: Building an Industrial AI Safety Framework

Foundational white paper from CIAS on AI safety governance for industrial operators — because after is too late. Covers risk frameworks, operational boundaries, and incident response for ML systems in environments where failure means vapor clouds, not error messages.

Beyond security.txt: When the Reporter and the Triager Are Both AI

Vulnerability disclosure infrastructure was built for humans on both ends. That’s ending. This paper proposes vuln-intake.json — a machine-readable intake protocol for when AI agents are doing the finding and the triaging. Includes a working protocol spec, reference architecture, and analysis of the volume problem heading toward bug bounty platforms.

The End of the Human-in-the-Loop: Agentic AI and the Future of Vulnerability Research

35.7 billion test executions, three confirmed findings including an RCE, 15 domain-specific harnesses built in under 30 minutes — all on a single desktop workstation. How coordinated AI agents are changing the economics of vulnerability research, and what it means for industrial AI safety.

Publications

  1. A Domain Specific Language for Digital Forensics and Incident Response Analysis — PhD Dissertation, University of New Orleans, December 2019. Designed and implemented a domain-specific language (DSL) enabling analysts to express complex forensic investigation workflows in a declarative, composable format — bridging the gap between ad-hoc investigation scripts and formal incident response frameworks.

  2. Language-based Integration of Digital Forensics & Incident Response — ARES/UK 2019, ACM. Presented a language-based approach to integrating disparate DFIR tools and workflows into a unified pipeline, reducing analyst cognitive load and enabling reproducible investigation artifacts across toolchains.

  3. Nugget: A Digital Forensics LanguageDigital Investigation, 2018. Introduced Nugget, a purpose-built DSL for digital forensics that enables analysts to write investigations as executable, auditable scripts — improving repeatability, collaboration, and chain-of-custody integrity.

  4. SCARF: A Container-Based Approach to Cloud-Scale Digital Forensic ProcessingDigital Investigation, 2017. Proposed SCARF, a Docker-based architecture for scaling forensic workload processing across cloud infrastructure — enabling forensic teams to handle evidence volumes that exceed on-premises capacity without sacrificing evidence integrity.

  5. Red Crawling for Perimeter IntelligenceLockheed Martin Journal of Software Engineering, 2016. Applied web crawling techniques to external-facing infrastructure discovery, turning passive reconnaissance into structured perimeter intelligence for defensive security operations.

  6. Dynamic Bytecode Instrumentation for Mobile SecurityLockheed Martin Journal of Software Engineering, 2015. Explored runtime bytecode instrumentation techniques for analyzing and securing mobile applications — enabling dynamic analysis of app behavior without requiring source code access.

  7. Dynamic Aspect-Oriented Bytecode Instrumentation — MS Thesis, University of New Orleans, March 2015. Developed a dynamic aspect-oriented framework for bytecode instrumentation that enabled runtime monitoring and modification of application behavior — with applications in security analysis and runtime verification.

Projects

CIAS — Council for Industrial AI Safety
Industry council bringing operators, engineers, and regulators together to set AI safety standards for industrial environments. Eight founding operator seats, Chatham House rules.
Gulf Coast Cyber
AI safety and cybersecurity services for the industrial sector. AI vendor due diligence, security risk assessments, governance reviews, and custom AI implementation support — helping plants adopt AI without blowing things up (literally).
IntrudeIQ
AI-powered red teaming platform. Autonomous offensive security operations using coordinated AI agents — reconnaissance, exploitation, lateral movement, and reporting. Bringing agentic AI to the attacker's side of the house so defenders know what's coming.
Agentic Vulnerability Research
Research into using coordinated AI agent teams to automate the full vulnerability research pipeline — from target selection and harness generation through crash triage and exploit development. Less about the bugs found (though we found an RCE), more about proving the model. Targets include libarchive, FreeType, DjVuLibre, libtiff, libexif, LibRaw, and Poppler.
ShiftSage
AI-powered shift handover analysis for industrial operations. Ingests operator logs and flags safety risks that get buried in the noise of a 12-hour shift change.
ControlWitness
Decision audit trail and compliance engine for industrial control systems. Tracks who changed what, when, and why — aligned to ISA/IEC 62443.
AlarmIQ
Alarm management analytics for industrial facilities, built on ISA-18.2. AI-driven recommendations to cut through alarm floods and surface the ones that actually matter.
ProcedureWatch
SOP deviation detection for industrial operations. Monitors operator actions against standard procedures, distinguishes dangerous shortcuts from genuine innovations, and closes the feedback loop between the field and the procedure manual.
cyberaiguy.com
Adversarial AI/ML explained for security practitioners — how attacks work and what to do about them.

Professional Engagements

Available for keynotes, workshops, training delivery, and advisory engagements.
Book an Engagement →

Selected Talks

AI Safety & Security Training

AI Safety for Industrial Operations — 5-day on-site intensive for engineers, operators, and HSE professionals. Covers AI fundamentals, the AI attack surface, data security, safe deployment in safety-critical environments, and organizational governance. Built from offensive security experience — we teach what actually goes wrong, not theory. Details →


Speaking Topics

The AI Attack Surface: A Red Team Perspective
How AI systems actually get broken. Prompt injection, data poisoning, adversarial ML, and AI-powered social engineering.


Before the Incident
AI safety governance for critical infrastructure. Frameworks, operational boundaries, and incident response — before regulators force your hand.


Agentic Vulnerability Research
35 billion test executions, three findings, one RCE. How coordinated AI agents are changing the economics of security research.


Shadow AI in Industrial Operations
Your engineers are already using AI without policies. What’s at risk and how to get ahead of it.


Securing Industrial AI Deployments
Practical guidance for bringing AI into safety-critical environments without introducing new risk.

Advisory

Available for advisory board roles and consulting engagements in industrial AI safety, AI security, offensive security automation, and vulnerability research programs.

Education

PhD, Engineering and Applied Sciences — University of New Orleans, 2019. Applied Engineering.
MS, Computer Science — University of New Orleans, 2015. Mobile Device Security.
BS, Computer Science — University of Louisiana, 2012. Artificial Intelligence and Cognitive Science.