In this enlightening discussion, Daniel Miessler, a cybersecurity veteran and AI security researcher, demystifies AI agents and their capabilities. He reveals the difference between true intelligence and automation, highlighting common misconceptions about AI in cybersecurity. Miessler emphasizes the significant impact of AI agents on decision-making, their security implications, and the ethical challenges they introduce. He also warns against misleading claims from companies about their AI tools, urging a clearer understanding of AI's risks and opportunities.

In this engaging discussion, Dylan Williams, a seasoned cybersecurity practitioner with nearly ten years in detection engineering, shares his insights on AI's transformative effects on detection processes. He explores how AI is reshaping threat detection and reducing false positives while enhancing investigation speed. Dylan also delineates the difference between automation and agentic AI, emphasizes the importance of accurate signal identification, and introduces practical AI tools that detection engineers can utilize right now. Tune in for a glimpse into the future of detection engineering!

Welcome to the future of cybersecurity! The discussion dives into how agentic AI is reshaping business landscapes while presenting new security challenges. Key topics include the resurgence of Identity and Access Management and the necessity for least privilege strategies. The hosts share practical advice on crafting a robust AI security plan for 2025, highlighting incident response and monitoring essentials. Plus, real-world examples illustrate the evolving nature of AI in operations and safety, offering insights invaluable for CISOs and security leaders.

The discussion kicks off with AI predictions for cybersecurity in 2025, highlighting the transformative impact of generative AI on the industry. There's an exciting focus on SOC automation and its tangible effects. Data security emerges as a major winner, alongside the potential of agentic AI in revolutionizing security operations. Predictions for innovative AI startups tease a future filled with productivity and security advancements. Amidst optimism and caution, the hosts explore the need for strategic planning in integrating AI into cybersecurity.

Host Caleb Sima and Ashish Rajan caught up with experts Daniel Miessler (Unsupervised Learning), Joseph Thacker (Principal AI Engineer, AppOmni) to talk about the true vulnerabilities of AI applications, how prompt injection is evolving, new attack vectors through images, audio, and video and predictions for AI-powered hacking and its implications for enterprise security. Whether you're a red teamer, a blue teamer, or simply curious about AI's impact on cybersecurity, this episode is packed with expert insights, practical advice, and future forecasts. Don’t miss out on understanding how attackers leverage AI to exploit vulnerabilities—and how defenders can stay ahead. Questions asked: (00:00) Introduction (02:11) A bit about Daniel Miessler (02:22) A bit about Rez0 (03:02) Intersection of Red Team and AI (07:06) Is red teaming AI different? (09:42) Humans or AI: Better at Prompt Injection? (13:32) What is a security vulnerability for a LLM? (14:55) Jailbreaking vs Prompt Injecting LLMs (24:17) Whats new for Red Teaming with AI? (25:58) Prompt injection in Multimodal Models (27:50) How Vulnerable are AI Models? (29:07) Is Prompt Injection the only real threat? (31:01) Predictions on how prompt injection will be stored or used (32:45) What’s changed in the Bug Bounty Toolkit? (35:35) How would internal red teams change? (36:53) What can enterprises do to protect themselves? (41:43) Where to start in this space? (47:53) What are our guests most excited about in AI? Resources Daniel's Webpage - Unsupervised Learning Joseph's Website

Jason Clinton, CISO at Anthropic, Kristy Hornland, Cybersecurity Director at KPMG, and Vijay Bolina, CISO at Google DeepMind, discuss the pivotal intersection of AI and cybersecurity. They explore AI's transformative impact on secure coding practices and the evolution of software development. The guests highlight risks surrounding AI-generated code, the complexities of multimodal models, and the imperative of responsible AI use. They emphasize the need for robust data governance and proactive risk management within organizations as they prepare for 2024 and beyond.

In this episode of the AI Cybersecurity Podcast, Caleb and Ashish sat down with Vijay Bolina, Chief Information Security Officer at Google DeepMind, to explore the evolving world of AI security. Vijay shared his unique perspective on the intersection of machine learning and cybersecurity, explaining how organizations like Google DeepMind are building robust, secure AI systems. We dive into critical topics such as AI native security, the privacy risks posed by foundation models, and the complex challenges of protecting sensitive user data in the era of generative AI. Vijay also sheds light on the importance of embedding trust and safety measures directly into AI models, and how enterprises can safeguard their AI systems. Questions asked: (00:00) Introduction (01:39) A bit about Vijay (03:32) DeepMind and Gemini (04:38) Training data for models (06:27) Who can build an AI Foundation Model? (08:14) What is AI Native Security? (12:09) Does the response time change for AI Security? (17:03) What should enterprise security teams be thinking about? (20:54) Shared fate with Cloud Service Providers for AI (25:53) Final Thoughts and Predictions

What were the key AI Cybersecurity trends at ⁠BlackHat USA⁠? In this episode of the AI Cybersecurity Podcast, hosts ⁠Ashish Rajan⁠ and ⁠Caleb Sima⁠ dive into the key insights from Black Hat 2024. From the AI Summit to the CISO Summit, they explore the most critical themes shaping the cybersecurity landscape, including deepfakes, AI in cybersecurity tools, and automation. The episode also features discussions on the rising concerns among CISOs regarding AI platforms and what these mean for security leaders. Questions asked: (00:00) Introduction (02:49) Black Hat, DEF CON and RSA Conference (07:18) Black Hat CISO Summit and CISO Concerns (11:14) Use Cases for AI in Cybersecurity (21:16) Are people tired of AI? (21:40) AI is mostly a side feature (25:06) LLM Firewalls and Access Management (28:16) The data security challenge in AI (29:28) The trend with Deepfakes (35:28) The trend of pentest automation (38:48) The role of an AI Security Engineer

The podcast explores alarming findings from Google's report on generative AI misuse, revealing over 200 incidents across healthcare and education. Hosts discuss the rise of deepfakes and AI-driven impersonation, stressing their ease of access and ethical dilemmas. The conversation also highlights the impact of misleading metrics in content creation and touches on the challenges of distinguishing between human and AI-generated content. Lastly, they emphasize the need for legal frameworks as AI technology evolves and shapes public opinion.

Guy Podjarny, the Founder and CEO at Tessl, dives into the intriguing world of AI-generated code. He discusses its reliability compared to human coding, raising critical questions about trust. Security risks associated with AI code are highlighted, stressing the importance of human oversight and proactive measures. Guy also touches on the changing landscape of AI in software development, the need for automated security testing, and the evolving role of cybersecurity professionals. His insights offer a thought-provoking look at AI’s impact on coding and security.