

A Conversation with Bar-El Tayouri from Mend.io
12 snips May 6, 2025
Bar-El Tayouri, Head of AI Security at Mend.io, specializes in the intersection of application and AI security. He discusses the challenges traditional AppSec faces in the AI era, emphasizing the need for comprehensive risk assessment and mitigation strategies. The conversation dives into innovative threat discovery techniques, including simulating dynamic attacks and the importance of security integrated into development workflows. Tayouri also highlights the evolving landscape of identity management and security in multi-agent systems, urging a reevaluation of existing governance practices.
AI Snips
Chapters
Transcript
Episode notes
Early Tech Journey and Growth
- Bar-el Tayouri began coding at age 12, focusing initially on game development and hacking scores.
- His early experiences evolved into expertise in network security, cryptography, and eventually AI security at Mend.io.
AI Components as AppSec Risk
- AI components inside applications are the biggest emerging risk in application security.
- Usage of AI by employees for productivity has less risk compared to embedded AI components and agents in production apps.
MCP Servers' Unique Risks
- MCP servers differ mainly by their usage and close connection to critical data.
- Their fuzzy text-based interfaces make it impossible to fully define input-output interactions as in traditional APIs.