We catch up on news after a week of BSidesSF and RSAC Conference. Unsurprisingly, AI in all its flavors, from agentic to gen, was inescapable. But perhaps more surprising (and more unfortunate) is how much the adoption of LLMs has increased the attack surface within orgs. The news is heavy on security issues from MCPs and a novel alignment bypass against LLMs. Not everything is genAI as we cover some secure design topics from the Airborne attack against Apple's AirPlay to more calls for companies to show how they're embracing secure design principles and practices.

Apiiro CEO & Co-Founder, Idan Plotnik discusses the AI problem in AppSec.

This segment is sponsored by Apiiro. Visit https://securityweekly.com/apiirorsac to learn more about them!

Gen AI is being adopted faster than company's policy and data security can keep up, and as LLM's become more integrated into company systems and uses leverage more AI enabled applications, they essentially become unintentional data exfiltration points. These tools do not differentiate between what data is sensitive and proprietary and what is not. This interview will examine how the rapid adoption of Gen AI is putting sensitive company data at risk, and the data security considerations and policies organizations should implement before, if, and when their employees may seek to adopt a Gen AI tools to leverage some of their undeniable workplace benefits.

Customer case studies: https://www.seclore.com/resources/customer-case-studies/

Seclore Blog: https://www.seclore.com/blog/

This segment is sponsored by Seclore. Visit https://securityweekly.com/seclorersac to learn more about them!

Show Notes: https://securityweekly.com/asw-329