AI + a16z TruffleHog Creator: You Can’t Have AI Agents Without Secrets
34 snips
Nov 11, 2025 
Dylan Ayrey, Cofounder and CEO of Truffle Security, shares insights on the escalating threat of leaked secrets in the world of AI. He discusses how the cloud has changed the landscape of secret vulnerabilities and the troubling trend of monetization by attackers. Dylan explains the intricate relationship between AI agents and secrets, detailing OAuth flows and how these agents interact with services. He also emphasizes the need for better secret management and the challenges developers face with current solutions, urging a more user-centric design.
AI Snips
Chapters
Transcript
Episode notes
Secrets Are The New Bottleneck
- Secrets are the new bottleneck for delivering software and AI agents.
- If you can't robustly protect secrets, you can't have reliable AI agents.
Uber Breach Illustrates Cloud Secret Risk
- Dylan recounts the Uber breach where an exposed AWS key allowed attackers to download full databases.
- Cloud-era secrets leaks enable direct, catastrophic data access compared with old on-prem failures.
Leaked Secrets Now Create Immediate Financial Loss
- Secrets now have immediate financial consequences because attackers can monetize leaked keys directly.
- That immediacy has increased enterprise willingness to invest in fixing secret leaks.