About
Su is a cybersecurity leader driving the future of autonomous vehicle security.
As…
Activity
15K followers
-
Su Zhang, Ph.D. reposted thisSu Zhang, Ph.D. reposted thisTensor × Lyft: a new model for personal autonomy 🚀 . We’re thrilled to announce a transformative partnership with Lyft. • Fleet commitment: Lyft has reserved hundreds of Tensor Robocars, underscoring their commitment to this new model of mobility. This collaboration creates a clear pathway for consumers and fleet operators to benefit from autonomous technology. • Earn from day one: Together, we’ve built a seamless way to do just that. The Tensor Robocar—powered by NVIDIA DRIVE—is the first personal AV that can be monetized on the Lyft network the moment you own it. This partnership is set to change how we own and use cars—from private autonomy to on-demand earning. https://lnkd.in/gXWxZkEt #Tensor #TensorRobocar #TensorAI #TensorAuto #Robocar #AutonomousVehicles #AutonomousDriving #Mobility #AI #FutureOfMobility
-
Su Zhang, Ph.D. shared thisThe future of mobility is taking shape — where ride-sharing meets robocars. Thrilled to see Lyft and us working together to create a seamless ecosystem. Time to Own your mobility.Su Zhang, Ph.D. shared thisToday, we’re announcing a planned strategic partnership with Tensor Auto that will revolutionize how consumers access and monetize autonomous driving technology. Through this collab, Tensor's Robocar (powered by NVIDIA technology) will become the first personally-owned AV to become "Lyft-ready" directly from the manufacturer – meaning future owners can start earning as soon as they drive off the lot. This is our next big step in building a hybrid AV future. Learn more here: https://lnkd.in/gNwJiVfPLyft & Tensor partner to make Robocar, powered by NVIDIA, "Lyft-Ready"Lyft & Tensor partner to make Robocar, powered by NVIDIA, "Lyft-Ready"
-
Su Zhang, Ph.D. reposted thisSu Zhang, Ph.D. reposted thisTensor Auto unveiled the world's first personal Robocar, accelerated by NVIDIA. Tensor’s Robocar is built on NVIDIA’s cloud-to-car AV platform, trained with NVIDIA datacenter GPUs and running on eight DRIVE AGX Thor SoCs with Blackwell GPU architecture, delivering 8,000 TOPS of AI compute. At its core: NVIDIA’s safety certified DriveOS, enabling real-time perception, advanced safety, and true autonomous driving. ⚡Discover Tensor’s Robocar → https://nvda.ws/46XBWHm
-
Su Zhang, Ph.D. shared thisAmong all the companies I’ve worked for, Tensor has the best culture — no internal politics, everyone respects each other, and we move fast as one team. On top of that, our technology is truly world-leading. Proud to be part of this all-warriors squad. #CompanyCulture #Innovation #Teamwork #LeadingTech #ProudToBeTensorSu Zhang, Ph.D. shared thisHello, World! I am Tensor. Earth's first personal Robocar. Find out more at www.tensor.auto #Tensor #Robocar #TensorRobocar #TensorAuto #autonomousvehicles #autonomousdriving #autonomouscar
-
Su Zhang, Ph.D. shared thisWe’re hiring at AutoX — I’m currently still looking for an Embedded Security Engineer to join my team in San Jose. This role focuses on embedded system security in autonomous driving, covering areas like secure boot, runtime protection, HSM/TPM integration, and trusted execution environments. If you have a strong background in embedded security and are passionate about building real-world systems with safety implications, feel free to reach out directly or apply through the link below.
-
Su Zhang, Ph.D. shared thisI still have several roles to be filled! With the devsecops (https://lnkd.in/gHFnX4HK) and frontend role (https://lnkd.in/gMyWpQb6) with the highest priority, let me know if you are interested!
-
Su Zhang, Ph.D. shared thisI’m currently hiring multiple exciting roles in San Jose, CA. Barcelona (Spain), and Dubai (UAE). If you’re interested, feel free to reach out to me directly. JDs can be found below - Staff Security Engineer (Embedded) https://lnkd.in/guwFq4wP Staff Security Engineer (Backend) https://lnkd.in/ghNA2WDN Senior DevSecOps Engineer https://lnkd.in/gHFnX4HK IT Security Engineer https://lnkd.in/gc-AQpDX Frontend Engineer https://lnkd.in/gMyWpQb6
-
Su Zhang, Ph.D. shared thisURGENT Attention Needed 🚨 I urgently need your assistance. Someone is impersonating me on LinkedIn. For reference, here is the link to the imposter’s profile: [https://lnkd.in/e6DYWcD5]. To expedite resolution, I kindly request that you compare our profiles and report the imposter to LinkedIn. This isn’t just my problem; it could happen to anyone. If you’ve been through this before, your insights and suggestions in the comments would be invaluable. Let’s tackle this issue together. Your quick action will make a significant difference. #Impersonation #Fraud #LinkedInSu Qi - Head and Director of Security - AutoX | LinkedInSu Qi - Head and Director of Security - AutoX | LinkedIn
-
Su Zhang, Ph.D. shared thisI am hiring for the following roles, feel free to message me if you are interested. Join us to build and secure an autonomous AI driver together! Backend Security Software Engineer https://lnkd.in/eXxfMwJZ DevSecOps Engineer https://lnkd.in/eu-Rx_jr Embedded Security Software Engineer https://lnkd.in/e4AzytBv IT Security Engineer https://lnkd.in/ekxzaSfP
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisI spent five years deploying AI inside the federal government. Security research was always a step behind the systems we were building. Fast-forward to Perplexity, and the pace of innovation has only accelerated. Today, Perplexity is establishing the Secure Intelligence Institute to defend the next generation of frontier intelligence. We believe that security research can and should track the leading edge of AI innovation. The Secure Intelligence Institute will pursue a research agenda informed by our experience delivering Comet, Computer, and other category-defining products to millions of users. To lead this agenda, we're delighted to welcome Prof. Ninghui Li as the Institute's inaugural director. Ninghui is one of the foremost leaders in the security research community and a longtime mentor to countless in the field (myself included). Ninghui will bring his decades of distinguished leadership to serve both Perplexity's users and the broader AI ecosystem. We're also establishing a Research Network to foster industry-academia collaborations. We're currently working with research groups at Stanford and Duke, with more to follow. Our research and findings will be shared openly to strengthen AI security across the industry. Learn more about the Institute here: https://lnkd.in/e_9TZNSu
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisTensor Receives Federal Level 4 Autonomous Testing Approval in the UAE 🇦🇪 We are pleased to announce that we have received Federal approval from the UAE Government’s Regulations Lab (RegLab) for our Level 4 autonomous personal vehicles. This permit, issued in partnership with the RTA, ITC, and federal authorities, allows us to conduct on-road testing across the Emirates. It is a key step in our roadmap toward commercializing in Dubai and Abu Dhabi later this year. We value the collaborative support of RegLab and the UAE’s commitment to responsible AI innovation. Since 2019, we’ve worked closely with the UAE's mobility ecosystem. We look forward to this next phase of active evaluation as we bring autonomous technology to the region's roads. https://lnkd.in/ddqAQPpw #TensorRobocar #TensorAI #Tensor #AutonomousVehicles #UAE #Dubai #AbuDhabi #Mobility #AIThe Future of Mobility: Tensor Receives Federal Approval for Level 4 Autonomy in the UAEThe Future of Mobility: Tensor Receives Federal Approval for Level 4 Autonomy in the UAE
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisThe power of AI agents comes from: 1. intelligence of the underlying model 2. how much access you give it to all your data 3. how much freedom & power you give it to act on your behalf I think for 2 & 3, security is the biggest problem. And very soon, if not already, security will become the bottleneck for effectiveness and usefulness of AI agents as a whole (1-3), since intelligence is still rapidly scaling and is no-longer an obvious bottleneck for many use-cases. The more data & control you give to the AI agent: (A) the more it can help you AND (B) the more it can hurt you. A lot of tech-savvy folks are in yolo mode right now and optimizing for the former (A - usefulness) over the the latter (B - pain of cyber attacks, leaked data, etc). I think solving the AI agent security problem is the big blocker for broad adoption. And of course, this is a specific near-term instance of the broader AI safety problem. All that said, this is a super exciting time to be alive for developers. I constantly have agent loops running on programming & non-programming tasks. I'm actively using Claude Code, Codex, Cursor, and very carefully experimenting with OpenClaw. The only down-side is lack of sleep, and an anxious feeling that everyone feels of always being behind of latest state-of-the-art. But other than that, I'm walking around with a big smile on my face, loving life 🔥❤️ PS: By the way, if your intuition about any of the above is different, please lay out your thoughts on it. And if there are cool projects/approaches I should check out, let me know. I'm in full explore/experiment mode.
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisStop Raising "Human APIs" If you are still priding yourself on your child’s "error-free execution," "standardized excellence," and "perfectly balanced resume," you are unknowingly investing in a depreciating asset. In the age of cognitive industrialization, any task that can be optimized toward a "Standard Answer" is now AI’s home turf. By training humans for "zero-mistake execution," we are preparing them for a world where they cost too much and offer too little. The future belongs to the "Incalculable Human." To survive the AI-Native era, we must occupy the Dual Long-Tails: • The Peak of Intent: Defining the "Want" that algorithms can never spontaneously generate. • The Foundation of Stakes: The "Flesh Pledge"—the physical and causal responsibility that no AI can ever simulate. Leadership is the only moat left. It is the power to sign an "Expensive Signature" where logic ends and human accountability begins. 👇 Read the full manifesto on Causal Sovereignty and the future of education. https://lnkd.in/gS-NzVrCThe Educational Mission in the AI Era: Cultivating the "Incomputable" Human - ChenNativeThe Educational Mission in the AI Era: Cultivating the "Incomputable" Human - ChenNative
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked this🚀 Partnership Announcement: Tensor is proud to announce we have signed a strategic cooperation agreement with Abu Dhabi Mobility during DRIFTx Abu Dhabi 2025! Abu Dhabi Mobility and Abu Dhabi Investment Office مكتب أبوظبي للاستثمار - Thank you for this partnership opportunity hosted at DRIFTx Abu Dhabi . Tensor is excited to contribute to the development of a smart and integrated transport system that will support Abu Dhabi’s ambitious future vision. #DRIFTx2025 #Tensor #TensorAI #TensorRobocar #TensorAuto #AbuDhabiMobility #SmartCity #Robocar #AutonomousVehicles
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisLyft and Tensor Auto plan a partnership to launch “Lyft-ready” consumer-owned autonomous car with NVIDIA. The Tensor Robocar, built on NVIDIA DRIVE AGX Thor and trained on NVIDIA DGX Platform, will allow owners to onboard and deploy their vehicles on Lyft's platform. This partnership enables consumers to own a personal Level 4 Robocar engineered for consumer ownership and designed to seamlessly integrate with the Lyft network. 🔗 https://lft.to/3VUyerf
-
Su Zhang, Ph.D. liked thisProud to introduce Aardvark, our agentic security researcher powered by GPT-5. Aardvark hunts for vulnerabilities the way a security engineer would: by reading and analyzing code, writing and running tests, and proposing patches. Now in private beta. https://lnkd.in/g4KjVcKD OpenAISu Zhang, Ph.D. liked thisNow in private beta: Aardvark — an agentic security researcher that helps security teams discover and fix vulnerabilities at scale. Aardvark puts frontier research to work. It reads, reasons about, and tests code, catching subtle vulnerabilities and privacy issues traditional tools often miss. Then it proposes targeted fixes, helping teams secure software before issues ever reach production. Aardvark is already delivering impact — surfacing meaningful vulnerabilities across OpenAI and open-source projects — and we believe access to this level of security expertise should scale. We’re starting with a private beta and will broaden availability as we learn and refine. https://lnkd.in/g87huHSJ
-
Su Zhang, Ph.D. liked thisTen years, one massive robot, and the fun just keeps going up every day. They say when you love what you do, you never work a day in your life—guess that’s what happens when your “garage buddy” is a big robot. 🤖Su Zhang, Ph.D. liked thisTensor is the world's first personal Robocar, ushering in the era of AI defined vehicles. Built from the ground up for Level 4 autonomy, this isn't a car as we know it. It's an embodied personal agent that moves you. It’s time to Own Your Autonomy. #Tensor #TensorAI #TensorAuto #TensorRobocar #Robocar #OwnYourAutonomy #AI
-
Su Zhang, Ph.D. liked thisSu Zhang, Ph.D. liked thisWe’re excited to unveil our ninth-annual LinkedIn Top Startups list: an entirely data-driven ranking of the 50 emerging U.S. companies you should be paying attention to. From Perplexity to Function Health, these young companies are leading the next wave of innovation in their industries — all while growing fast and recruiting top talent along the way. See who made the cut this year and weigh in: What trends stand out to you on this year’s list? #LinkedInTopStartupsLinkedIn Top Startups 2025: The 50 U.S. companies on the riseLinkedIn Top Startups 2025: The 50 U.S. companies on the rise
Experience
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
-
Kansas State University
3.9/4.0
-
Ph.D Dissertation: Quantitative Risk Assessment under Multi-Context Environment
-
-
-
Publications
-
Assessing Attack Surface with Component-based Package Dependency
in Proceedings of the 9th International Conference on Network and System Security(NSS 15)
The very first work regarding quantitative risk assessment of software component dependency.
Other authors -
-
After we knew it: empirical study and modeling of cost-effectiveness of exploiting prevalent known vulnerabilities across IaaS cloud
in Proceedings of the 9th ACM symposium on Information, computer and communications security (ASIACCS 14)
-
Investigating the application of moving target defenses to network security
In 6th International Symposium on Resilient Control Systems (ISRCS)
This paper presents a preliminary design for a moving-target defense (MTD) for computer networks to combat an attacker’s asymmetric advantage. The MTD system reasons over a set of abstract models that capture the network’s configuration and its operational and security goals to select adaptations that maintain the operational integrity of the network. The paper examines both a simple (purely random) MTD system as well as an intelligent MTD…
This paper presents a preliminary design for a moving-target defense (MTD) for computer networks to combat an attacker’s asymmetric advantage. The MTD system reasons over a set of abstract models that capture the network’s configuration and its operational and security goals to select adaptations that maintain the operational integrity of the network. The paper examines both a simple (purely random) MTD system as well as an intelligent MTD system that uses attack indicators to augment adaptation selection. A set of simulation-based experiments show that such an MTD system may in fact be able to reduce an attacker’s success likelihood. These results are a preliminary step towards understanding and quantifying the impact of MTDs on computer networks.
Other authors -
-
An Empirical Study of a Vulnerability Metric Aggregation Method
in Proceedings of the 2011 International Conference on Security and Management (SAM 11)
Other authors -
-
Effective Network Vulnerability Assessment through Model Abstraction
in Proceedings of the Eighth Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 11)
Other authors -
-
Empirical study on using the National Vulnerability Database to predict software vulnerability
in Proceedings of the 22nd International Conference on Database and Expert Systems Applications (DEXA 11) ,
Other authors -
Other similar profiles
Explore more posts
-
Stanley Tsang
🎯 Finally, A Smarter Approach to Kerberoasting Detection! Just read an excellent piece from The Hacker News about BeyondTrust's research on revolutionizing Kerberoasting detection. As someone who's dealt with the frustration of legacy detection methods, this hits close to home. The Problem We've All Faced: For over a decade, we've been fighting Kerberoasting attacks with the same brittle tools: - Volume-based alerts that cry wolf on legitimate service spikes - Encryption-type analysis that misses sophisticated "low-and-slow" attacks - Static rules that generate more noise than signal The Game-Changer: BeyondTrust's research team developed a statistical model that actually learns normal behavior patterns instead of relying on rigid thresholds. Their approach focuses on four critical constraints: 🔍 Explainability - Results you can actually understand and act on 📊 Uncertainty - Confidence levels, not just binary alerts ⚡ Scalability - Efficient processing under 30 seconds 🔄 Nonstationarity - Adapts to changing environments over time Real-World Results: - Tested across 50 days of production data - Successfully identified 6 anomalies (including 2 pen tests and 1 simulated attack) - Handled extreme variability without drowning SOC teams in false positives - Adapted to infrastructure changes in real-time My Take: This is exactly the kind of innovation our industry needs. We can't keep fighting modern threats with decade-old detection logic. The combination of security expertise with advanced statistics is the path forward. Key Lesson: Sometimes the best defense isn't building higher walls—it's getting smarter about what's actually suspicious. #CyberSecurity #ThreatDetection #Kerberoasting #ActiveDirectory #SOC #InfoSec #MachineLearning #SecurityResearch https://lnkd.in/gph5528S
-
Eric Johnson
I just added support for AWS IAM Outbound Identity Federation to the Nymeria cross-cloud identity repository. Previously, AWS workloads required the target service to accept pre-signed Signature Version 4 headers for identity verification. This approach was not supported by Azure identity federation, so accessing Azure resources required an additional OIDC identity provider (for example, AWS EKS or Amazon Cognito) to issue tokens to AWS workloads. Now, with IAM Outbound Identity Federation, AWS workloads can request signed OIDC identity tokens (JWTs) using the sts:GetWebIdentityToken API. These identity tokens enable OIDC federation into external cloud services. This blog post demonstrates how to use AWS IAM Outbound Identity Federation to access data hosted in Azure Storage: https://lnkd.in/gcatS7FU GitHub repository: https://lnkd.in/gZHJg8cj
-
Zsolt N.
“Your AI stack sits still?" "That’s cute.” ADA rotates your AI workloads before the attacker can even lift a recon script. No honeypots. No deception. Just infrastructure that fights back. AMTD for the AI age—finally, security with teeth. #AISecurity #AMTD #Kubernetes #EdgeAI #AdaKnows https://lnkd.in/d9M2XWqi
-
Jym Cheong
SOTA agent frameworks rely on probabilistic "vibes" and lack deterministic User-to-Agent Authorization mapped to data classification. This makes them mission-unsuitable for military use, where multi-level security requires microsecond, pre-computed gating instead of slow, bypassable LLM reasoning...
-
Galit Lubetzky Sharon
“Who approved this agent?” AI agents are reshaping how work gets done across the enterprise. They schedule meetings, trigger workflows, access sensitive data, and can take action across systems. Productivity is accelerating, but so is the security risk. One of the most concerning issues for CISOs and security leaders is that shared organizational agents are becoming authorization bypass paths. A user who is not authorized to access certain data or perform specific actions directly may still be able to do so by operating a shared AI agent that has broader permissions. Because the agent acts under its own authorization, not the user’s, these actions appear legitimate to security systems. As a result, the user effectively gains capabilities beyond their own permissions, and traditional controls fail to detect or flag the activity. In my latest article in The Hacker News I break down this challenge. I'd love to hear how other pros in the cybersecurity world are approaching AI agent access and oversight. Link in the comments 👇 #AIsecurity #AIrisks #AIagents #agenticAI #AIagentsecurity
6 Comments -
Tom Sato
CAAM (Contextual Agent Authorization Mesh) framework draft at IETF you must read. https://lnkd.in/g_Gqemb9 In the past few months, we have seen agent chaos to such a level that has caused major upheaval in AI developer community. I would have thought that great engineers at Google and Anthropic had implemented policy enforcement for AI agents accessing their LLM via API, but that was not the case. How could they, without a protocol. Three weeks ago, three guys submitted their draft Contextual Agent Authorization Mesh protocol to IEFT. I read it because it utilizes the power of Shared Signal Framework which I have been supporting for years and at last AI resources will have Session Revoke and boot out rouge agents. Yay! In the CAAM (Contextual Agent Authorization Mesh) framework, resource providers enforce usage policies through a sidecar-based mediation model. This moves enforcement away from the agent's core logic (which can be manipulated by prompt injection) to a dedicated infrastructure layer. So, how do resources enforce policy using CAAM? Resources (like APIs, databases, or MCP servers) enforce policies by interacting with the CAAM sidecar in the following ways: Interception via Sidecar Proxy: The CAAM sidecar acts as a Policy Enforcement Point (PEP) that intercepts all outgoing tool calls from an agent. Before a request reaches the resource, the sidecar validates it against stored policies. Contextual Risk Scoring (CRS): The enforcement layer calculates a Contextual Risk Score. It evaluates the agent's "intent" by looking at its task history (stored in a DAG) and real-time security signals. Example: If an agent asks for "delete" permissions on a database but its task history only shows a "read" request from the user, the CRS increases, and the resource can deny the request. Relationship-Based Access Control (ReBAC): Instead of static roles, CAAM uses a Policy Inference Plane that pulls from an enterprise Knowledge Graph. A resource can enforce policy based on the relationship between the agent, the user, and the data (e.g., "Only allow the HR agent to access this file if the current user is a manager"). Session Context Objects (SCO): Authorization is carried in a Session Context Object (encoded as a JWT or CWT). This object contains the cryptographically verifiable evidence of the agent's authorization state, which the resource provider verifies before executing any action. Dynamic Revocation via SSF: If the Shared Signals Framework (SSF) broadcasts a "session revoked" signal for the human user, the CAAM sidecar immediately invalidates the agent's active SCO, effectively cutting off its access to resources in real-time. #IETF #AI #AIagent #CAAM #IAM #SharedSignal #OpenID #MCP #IPSIE #SPIFFE
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content