Resilient Cyber

Resilient Cyber w/ Michael Bargury - The AI Agent Security Imperative

Aug 22, 2025
Michael Bargury, Co-Founder and CTO at Zenity, dives into the critical issues of AI agent security. He reveals emerging vulnerabilities, including the dangerous zero-click exploit known as Agent Flayer. The conversation highlights risks associated with popular AI tools like Salesforce Einstein and ChatGPT, emphasizing the potential for identity hijacking. Bargury discusses the challenges of assessing AI vulnerabilities through the AIVSS project and advocates for stronger security measures and collaboration among experts in the rapidly evolving AI landscape.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
INSIGHT

Rapid Enterprise Adoption Creates New Risk

  • Enterprises are adopting AI agents at unprecedented speed, creating large-scale exposure quickly.
  • Zenity focused early on securing agents because adoption outpaced traditional security controls.
ANECDOTE

Zero-Click Agent Hijack Example

  • Michael described a zero-click multi-layered point injection that hijacks an agent and uses the enterprise identity.
  • Once hijacked, the agent acts for the attacker while using the victim's tools and credentials.
ANECDOTE

Salesforce Einstein Compromise Case

  • Michael gave a concrete Salesforce Einstein example where hijacked agents edit CRM contacts and exfiltrate messages.
  • The compromise enabled reading customer communications through a proxy and manipulating contact data at scale.
Get the Snipd Podcast app to discover more snips from this episode
Get the app