Afleveringen
-
David Cramer, CPO and co-founder of Sentry, joins us to cut through the agent hype with a working engineer's skepticism: the model is rarely what holds agents back. The harness you build around it is. We get into the Railway incident, where a coding agent found a stray CLI token and deleted a production database (and every backup) in nine seconds, and why the enforcement layer has to live below the agent, not in an advisory system prompt.
David explains Seer, Sentry's AI debugger, as the counter-example: an agent doing real work because it was given the right context, not more autonomy. He also walks through Warden, the code-review harness he built that found 100+ previously unknown vulnerabilities across Sentry and open-source projects, including full auth bypasses, for roughly $1K of compute.
We also get his contrarian-but-consistent take on why MCP is not just a shim on your API, why CLIs are harder to secure than people think, and why verification, not code generation, is still the unsolved problem.
-
Herman Errico, Product Manager for Technical Research at Vanta, joins us to discuss AARM (Autonomous Action Runtime Management), the spec he created to define a brand-new security category for agents that take real actions, not just generate text. We get into why the action boundary is the security boundary, why securing the model, prompt, or orchestration layer is the wrong place to enforce, and why a runtime needs five authorization decisions (allow, deny, modify, step-up, and defer) instead of a binary yes or no. Herman also explains why he didn't ship a product but a spec, then donated it from Vanta to the Cloud Security Alliance so the industry can compete on execution instead of marketing, how to reason about which context an agent can trust, and why you must block the action from occurring before it takes place.
-
Zijn er afleveringen die ontbreken?
-
Malte Ubl, CTO at Vercel, joins us to discuss deepsec, Vercel's open-source AI security harness designed to scan entire codebases for vulnerabilities using coding agents like Claude and Codex. We explore why software engineering is shifting from programming models to programming agent harnesses, how deepsec scales security reviews across millions of lines of code, when AI token spend is justified, and why Vercel is betting on AI Gateways, microVM sandboxes, and self-driving infrastructure to power the next generation of software development.
-
Sunil Agrawal, CISO at Glean and one of the authors of the AWARE Framework, joins us to discuss the new guide for governing generative and agentic AI he co-authored with Palo Alto Networks and Databricks. This framework gives CISOs a much needed playbook in a rapidly evolving threat landscape. Palo Alto's Unit 42 showing AI-assisted attacks can now reach data exfiltration in as little as 25 minutes, leaving defenders almost no time to respond.We dig into AWARE's five behavioral dimensions, why governing modern AI means controlling intent and context rather than just access, how to give every agent a scoped identity instead of shared credentials, and the cascading risks that emerge when agents start delegating to other agents.
-
Alex Stamos, CPO of Corridor and past CISO at Facebook, and Andrew Becherer CISO at Socket, join us to discuss the open letter they and 100 others have signed in opposition to the US government taking down Fable after research from Amazon showed capabilities that gave the current administration pause.
We discuss the potentially dangerous precent this sets, the state of the letter, and what to do while waiting for Fable to come back online.
-
Why does every AI security incident seem to trace back to auth? We sit down with Damian Schenkelman, VP of Research and Development at Auth0 to discuss recent incidents in the news, MCP, the act claim chain, and the future of agent identity.
The conversation digs into the core problem agents create: when an agent hands a task to a sub-agent, which calls an MCP server, which hits a SaaS API, who is actually making this call, and on whose behalf?
-
In this episode we sit down with Dick Hardt, the creator of OAuth, to talk about why the auth primitives we built for the web fall apart the moment agents start acting on our behalf. We dive in to why OAuth doesn't fit MCP, what breaks when an agent runs for hours and touches a dozen systems using your credentials, and his new protocol, AAuth: a way for developers to run agents without API keys.
-
We sit down with Geoff Huntley, creator of the Ralph Wiggum Loop and founder of LatentPatterns.com, to hear his take on where AI is pushing software next: hyper-personalized software, software factories, and eventually product factories that optimize themselves for revenue.
With this level of hyper-personalization that AI now allows for Geoff says he finds himself asking vendors "are you a utility company, or are you something I'm going to clone?" He walks us through what this means for moats, open source, and the future of how software gets built.
-
We sit down with top AI engineers such as Sherwood Callaway, founder of Sazabi, Anthony Shew, core maintainer of turborepo at Vercel, and Dexter Horthy, CEO of HumanLayer, to hear about how they are using sandboxes to make agents more performant. We also discuss the security differences amongst sandbox providers with Rene Brandel, founder of Casco. We discuss how sandboxes aren't created equal and how the underlying infrastructure that powers them directly impacts your security posture.
-
Mark Dorsi, CISO at Netlify, sits down with us at RSAC to talk about the shift to everyone becoming a builder and how he's coding 6 hours a day and how products, including Netlify, must adapt to a world where most users are agents.
-
Kyle Bhiro and Josh Kotrous from Pensar join us at RSAC to discuss how AI is reshaping the entire AppSec industry. Kyle and Josh elaborate on how agentic code scanning and continuous testing is leading to AppSec market consolidation and new expectations around AppSec spend.
We also explore the thought that point in time audits may make less sense for AI, which changes constantly. Given this, continuous testing seems to be an emerging standard.
-
Ian Webster, CEO and Co-Founder of promptfoo, joins us at RSAC to discuss OpenAI's recent acquisition of promptfoo. Ian discusses how appealing to both developers and security teams was key to promptfoo's go-market-strategy strategy.
Ian's success offers a playbook for other AI security companies that may be targeting an acquisition and shares what's next for promptfoo at OpenAI.
-
Alex Stamos, former CISO of Facebook and current Chief Product Officer at Corridor, explains how AI is reshaping the kill chain and enabling new capabilities for attackers worldwide.
He also outlines what’s needed to defend against these emerging threats and how to prepare your organization for what’s coming.
-
Animesh is the CEO and founder of PlayerZero, a company using context graphs to build a complete picture of how your production software actually behaves.
Animesh's X article on context graphs went viral getting over 2M views. Animesh explains what a context graph is, why you should build one, and how it can help you build a world model around why decisions get made.
-
The agent identity conversation is back on the Insecure Agents podcast.
Developers are starting to feel the pain of missing agent identity infrastructure as they think through problems like agent memory access and storage and goal based authorization for tools and resources unplanned for at agent inception. Listen to Pavan and Aaron explain how their recent Fine-Grained Authorization (FGA) launch can help.
-
James sits down to tell us about OpenClaw using Convex, how proper architectural building blocks sets you up for better security, and how the shift to agents writing all of software changes who platforms like Convex are building for.
-
You've heard of OpenClaw, but have you heard of Momo?
Momo is built by Cailyn Yong and is a personal assistant agent for teams. Momo's memory actually works and makes it stand out against other agents such as OpenClaw. Hear from Cailyn on the AI security issues this type of agent faces, how she built Momo, and what it takes to be successful in this increasingly popular space.
-
In this episode we discuss the engineering and security challenges that separate POC agents from enterprise agents.
Kwindla brings a wealth of knowledge on common hard agent engineering problems such as async, automatic, non-blocking context compaction, agent memory, and stateful long running agents.
-
Listen in to learn how Peter created the best personal assistant agent to date and the security concerns at play. Personal assistant agents need lots of access to do meaningful work but there are tradeoffs between innovation and security.
-
Supply chain security for open source dependencies, how to protect yourself against attacks like Shai Hulud 2.0, and how AI agents introduce new security challenges.
- Laat meer zien
