Sign up to save your podcasts
Or
Share Interview with Avi Lumelsky, AI Security Researcher at Oligo Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Interview with Avi Lumelsky, AI Security Researcher at Oligo Security
This time I sat down with Avi Lumelsky, AI Security Researcher at Oligo Security, where he works at the intersection of AI and runtime protection. Avi’s story is a perfect example of how curiosity leads to innovation. Here are some of the topics we covered:
* From inference to insightBefore Oligo, Avi worked at Deci AI, optimizing model inference speed. There, he realized something crucial — performance isn’t just about models; it’s also about how well you understand and leverage the system it runs on.
* The confinement challengeImagine a Python model that should only do math, but could also spawn a subprocess or access the network. How do you confine it safely?
* Discovering eBPFHis early experiments with DTrace were too slow and invasive for production, so when eBPF matured, he rebuilt his secimport prototype — and found a scalable way to trace and enforce what code can (and can’t) do in real time.
* Beyond observabilityAvi’s big insight: eBPF isn’t just for monitoring. Combined with Linux Security Modules (LSM) and KRSI, it can actively stop malicious behavior before it completes — for example, blocking a rogue pickle.load() before it spawns a shell.
* Language-aware securityAt Oligo, Avi’s team extended this concept across languages — Python, Java, Node, .NET, PHP — extracting application-level context straight from production without user-space overhead.
* From CVEs to contextInstead of flagging every potential vulnerability, Oligo maps which functions actually run in production, reducing noise and focusing developer effort where it matters most.
* The AI connectionWe also discussed how AI agents could soon operate eBPF — dynamically tuning kernel parameters or deploying probes on demand, creating adaptive, self-healing systems.
* Looking aheadAvi sees a future where security tooling merges with intelligence — where production data directly informs code fixes, and AI uses eBPF to keep systems resilient in real time.
🐝 I’ll leave it there — hope you enjoy the conversation.
Get full access to eBPFChirp at ebpfchirp.substack.com/subscribe
View all episodes
By Teodor J. PodobnikThis time I sat down with Avi Lumelsky, AI Security Researcher at Oligo Security, where he works at the intersection of AI and runtime protection. Avi’s story is a perfect example of how curiosity leads to innovation. Here are some of the topics we covered:
* From inference to insightBefore Oligo, Avi worked at Deci AI, optimizing model inference speed. There, he realized something crucial — performance isn’t just about models; it’s also about how well you understand and leverage the system it runs on.
* The confinement challengeImagine a Python model that should only do math, but could also spawn a subprocess or access the network. How do you confine it safely?
* Discovering eBPFHis early experiments with DTrace were too slow and invasive for production, so when eBPF matured, he rebuilt his secimport prototype — and found a scalable way to trace and enforce what code can (and can’t) do in real time.
* Beyond observabilityAvi’s big insight: eBPF isn’t just for monitoring. Combined with Linux Security Modules (LSM) and KRSI, it can actively stop malicious behavior before it completes — for example, blocking a rogue pickle.load() before it spawns a shell.
* Language-aware securityAt Oligo, Avi’s team extended this concept across languages — Python, Java, Node, .NET, PHP — extracting application-level context straight from production without user-space overhead.
* From CVEs to contextInstead of flagging every potential vulnerability, Oligo maps which functions actually run in production, reducing noise and focusing developer effort where it matters most.
* The AI connectionWe also discussed how AI agents could soon operate eBPF — dynamically tuning kernel parameters or deploying probes on demand, creating adaptive, self-healing systems.
* Looking aheadAvi sees a future where security tooling merges with intelligence — where production data directly informs code fixes, and AI uses eBPF to keep systems resilient in real time.
🐝 I’ll leave it there — hope you enjoy the conversation.
Get full access to eBPFChirp at ebpfchirp.substack.com/subscribe