When Automation Outruns Control with Joshua Bregler

Jan 18, 2026

37:09

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

AI doesn’t break security, it exposes where it was already fragile. When automation starts making decisions faster than humans can audit, AppSec becomes the only thing standing between scale and catastrophe.

In this episode, Ron sits down with Joshua Bregler, Senior Security Manager at McKinsey’s QuantumBlack, to dissect how AI agents, pipelines, and dynamic permissions are reshaping application security. From prompt chaining attacks and MCP server sprawl to why static IAM is officially obsolete, this conversation gets brutally honest about what works, what doesn’t, and where security teams are fooling themselves.

Impactful Moments
00:00 – Introduction
02:15 – AI agents create identity chaos
04:00 – Static permissions officially dead
07:05 – AI security is still AppSec
09:30 – Prompt chaining becomes invisible attack
12:23 – Solving problems vs solving AI
15:03 – Ethics becomes an AI blind spot
17:47 – Identity is the next security failure
20:07 – Frameworks no longer enough alone
26:38– AI fixing insecure code in real time
32:15 – Secure pipelines before production

Connect with our Guest
Joshua Bregler on LinkedIn: https://www.linkedin.com/in/breglercissp/

Our Links

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:
https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Home Top podcasts Popular guests Top books