AI Security Podcast

Join Jackie Bow, the Technical Lead of Threat Detection Engineering at Anthropic, and Kane Narraway, who heads the Enterprise Security Team at Canva, as they dive deep into the dual-edged sword of AI in security. Jackie reveals how AI, specifically Claude, revolutionizes threat detection by breaking traditional barriers. In contrast, Kane emphasizes the risks tied to AI integrations, arguing that many challenges mirror existing vulnerabilities. Together, they explore innovative threat modeling strategies while balancing the need for strong security with the power of AI.

Discover how 'Vibe Coding' transforms the role of non-engineers in software development, allowing rapid application deployment. Learn to harness AI tools for effective project management and overcome challenges in scaling coding projects. Explore the proactive strategies needed to navigate security risks with AI-generated applications. The discussion also emphasizes the significance of maintaining a structured approach to innovation while ensuring compliance. Plus, hear personal anecdotes that illustrate the balance between creativity and security in tech.

In this engaging discussion, Guy Podjarny, founder of Snyk and Tessl, dives into the future of AI in software development. He introduces 'vibe coding,' where developers increasingly rely on AI-generated code with less oversight, sparking opportunities and significant risks. The conversation also touches on 'slopsquatting,' a new security threat from AI-generated fake library names. Guy emphasizes the shifting role of developers towards managing AI workflows and highlights the importance of clear specifications and rigorous testing in a rapidly evolving tech landscape.

Join Phil Venables, former CISO at Google Cloud and a cybersecurity expert with over 30 years of experience, as he dives into the intersection of AI and cybersecurity. He discusses the evolution from predictive AI to Agentic AI, emphasizing practical applications in organizations. Phil outlines three key pillars for CISO control: software lifecycle risk, data governance, and operational risk management. He also shares insights on leveraging AI to address workforce skill shortages and the expanding role of CISOs in navigating digital risk.

Explore how enterprise browsers are shaping the future of AI security. Discover why they are crucial in enterprise workflows, acting as the new OS. Learn about key players in the browser security landscape and the challenges of integrating AI. Understand how these browsers enhance security with features like Data Loss Prevention and Zero Trust capabilities. Delve into the risks posed by AI agents and the evolving role these technologies will play in enhancing organizational security.

Leonard Tang, Co-founder and CEO of Haize Labs, shares insights on AI red teaming and its impact on enterprise security. He discusses the evolution of red teaming methodologies influenced by AI technology. Leonard highlights vulnerabilities in multimodal AI applications and explains how adversarial attacks pose significant risks. He also delves into the necessity of precise output control for developing sophisticated exploits and the importance of cybersecurity professionals adapting their skills to meet the challenges of AI. Expect engaging real-world examples and practical mitigation strategies!

Dive into the fascinating world of Agentic AI as the hosts unpack its true capabilities beyond the marketing hype. They highlight the risks associated with Multi-Cloud Platform deployments, stressing the importance of secure integration across enterprises. The complexities of AI's role in identity and access management create new challenges for cybersecurity. Insights from the RSA Conference shine a light on effective marketing strategies and the innovative solutions emerging in the cybersecurity landscape.

Dive deep into the world of AI agent communication with this episode. Join hosts Caleb Sima and Ashish Rajan as they break down the crucial protocols enabling AI agents to interact and perform tasks: Model Context Protocol (MCP) and Agent-to-Agent (A2A).Discover what MCP and A2A are, why they're essential for unlocking AI's potential beyond simple chatbots, and how they allow AI to gain "hands and feet" to interact with systems like your desktop, browsers, or enterprise tools like Jira. The hosts explore practical use cases, the underlying technical architecture involving clients and servers, and the significant security implications, including remote execution risks, authentication challenges, and the need for robust authorization and privilege management.The discussion also covers Google's entry with the A2A protocol, comparing and contrasting it with Anthropic's MCP, and debating whether they are complementary or competing standards. Learn about the potential "AI-ification" of services, the likely emergence of MCP firewalls, and predictions for the future of AI interaction, such as AI DNS.If you're working with AI, managing cybersecurity in the age of AI, or simply curious about how AI agents communicate and the associated security considerations, this episode provides critical insights and context.Questions asked:(00:00) Introduction: AI Agents & Communication Protocols(02:06) What is MCP (Model Context Protocol)? Defining AI Agent Communication(05:54) MCP & Agentic Workflows: Enabling AI Actions & Use Cases(09:14) Why MCP Matters: Use Cases & The Need for AI Integration(14:27) MCP Security Risks: Remote Execution, Authentication & Vulnerabilities(19:01) Google's A2A vs Anthropic's MCP: Protocol Comparison & Debate(31:37) Future-Proofing Security: MCP & A2A Impact on Security Roadmaps(38:00) - MCP vs A2A: Predicting the Dominant AI Protocol(44:36) - The Future of AI Communication: MCP Firewalls, AI DNS & Beyond(47:45) - Real-World MCP/A2A: Adoption Hurdles & Practical Examples

Join bug bounty hunter Joseph Thacker, who specializes in AI security, as he demystifies the evolving landscape of AI-powered applications. He shares real-world insights on unique vulnerabilities, like markdown image exfiltration and XSS in LLM responses. Discover why AI AppSec differs from traditional AppSec and how augmented human hackers currently outperform automated tools. Joseph also discusses the rise of hack bots and their limitations, offering a fascinating glimpse into the future of AI in cybersecurity.

Can you prove you’re actually human? In a world of AI deepfakes, synthetic identities, and evolving cybersecurity threats, digital identity is more critical than ever.With AI-generated voices, fake videos, and evolving fraud tactics, the way we authenticate ourselves online is rapidly changing. So, what’s the future of digital identity? And how can you protect yourself in this new era?In this episode, hosts Caleb Sima and Ashish Rajan is joined by Adrian Ludwig, CISO at Tools For Humanity (World ID project), former Chief Trust Officer at Atlassian, and ex-Google security lead for Android. Together, they explore:Why digital identity is fundamentally broken and needs a major rebootThe rise of AI-powered identity fraud and how it threatens securityHow World ID is using blockchain and biometrics to verify real humansThe debate: Should we trust governments, companies, or decentralized systems with our identity?The impact of GenAI & deepfakes on authentication and online trustQuestions asked:(00:00) Introduction(03:55) Digital Identity in 2025(14:13) How has AI impacted Identity?(29:33) Trust and Transparency with AI(32:18) Authentication and Identity(49:53) What can people do today?(52:05) Where can people learn about World Foundation?(53:49) Adoption of new identity protocolsResources spoken about during the episode:Tools for HumanityWorld.org