CyberWire Daily Attack of the automated ops. [Research Saturday]
16 snips
Nov 1, 2025 In this discussion, Dario Pasquini, a Principal Researcher at RSAC Labs specializing in AI security, explores groundbreaking research on subverting LLM-driven AIOps through telemetry manipulation. He unveils AIOpsDoom, a method that tricks automated systems to perform harmful actions, and contrasts it with traditional prompt injections. Dario introduces AIOpsShield, a proposed defense mechanism to counter these threats, emphasizing the urgent need for security-first designs in AI operations. This eye-opening dialogue highlights the delicate balance between innovation and security in tech.
AI Snips
Chapters
Transcript
Episode notes
AIOps Replaces Humans In Incident Response
- AIOps replaces human operators by using agents that read telemetry and perform incident response automatically.
- These agents can troubleshoot and remediate issues across complex microservice-based systems without direct human intervention.
Agents Often Run With Admin Privileges
- AIOps agents often run with admin-level privileges and can perform powerful system actions like installing software or changing network routing.
- That privileged capability makes successful attacks on AIOps especially dangerous for infrastructure security.
Injecting Payloads Via Malformed Requests
- AIOps Doom injects payloads into telemetry by causing errors that get logged, such as malformed HTTP requests.
- The attacker places the malicious prompt into fields like the user-agent so the agent later reads it from logs.