Sign up to save your podcasts
Or
Share OWASP Expert reveals hidden vulnerabilities in AI agents | Vineeth Sai Narajala
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
OWASP Expert reveals hidden vulnerabilities in AI agents | Vineeth Sai Narajala
AI is no longer just generating answers. It’s executing tasks, using tools, interacting with other agents, and operating with autonomy. In Episode 6 of LuminaTalks, AI Security Researcher Vineeth Sai Narajala (Cisco) and contributor to OWASP initiatives breaks down what it really takes to build secure, trustworthy agentic AI systems. This conversation goes into practical architecture decisions. What We Cover in This Episode: ✔️ What agentic AI actually means (beyond chatbots) ✔️ Why giving AI “agency” changes the security model ✔️ Prompt injection & multi-agent attack chains ✔️ Identity, responsibility & “Kevin 2.0” scenarios ✔️ Why the AI trust problem is more about identity than alignment ✔️ Human-in-the-loop vs sandboxing ✔️ Kill switches & blast radius reduction ✔️ Least privilege & just-in-time access ✔️ Why LLMs may not become a bigger security threat than web apps ✔️ The future of AI identity systems Vineeth shares insights from his work within OWASP. And we also explore how Agent Name Service (ANS) extends trust to AI agents by building on DNS and certificate-based identity systems. As millions of AI agents begin operating across ecosystems, identity, authentication, and verification become foundational. 🧠 10 Key Takeaways: → Use OWASPs Agentic Security Guide as Your Design Baseline → Stop Giving Agents Static Credentials → Implement a Memory Firewall for Your Agents → Always Separate LLMs from Tool Access Logic → Use OWASPs Agentic Threat Templates for Internal Red Teaming → Design for Detection: Don’t Just Block, Monitor → Adopt 'Andon Cord' Patterns to Kill Compromised Agent Sessions → Start Using Agent Fingerprints for Identity Control → Apply Least Privilege to Every Tool the Agent Can Access → Join OWASPs Agentic Security Initiative or Align With AIVSS/AISVS Early If you're building AI agents, designing autonomous systems, or leading platform security, this episode gives you practical insights to apply immediately. 🔔 Subscribe for deep conversations on AI security, agentic systems, governance, and building trustworthy AI infrastructure.
View all episodes
By Kevin De PauwAI is no longer just generating answers. It’s executing tasks, using tools, interacting with other agents, and operating with autonomy. In Episode 6 of LuminaTalks, AI Security Researcher Vineeth Sai Narajala (Cisco) and contributor to OWASP initiatives breaks down what it really takes to build secure, trustworthy agentic AI systems. This conversation goes into practical architecture decisions. What We Cover in This Episode: ✔️ What agentic AI actually means (beyond chatbots) ✔️ Why giving AI “agency” changes the security model ✔️ Prompt injection & multi-agent attack chains ✔️ Identity, responsibility & “Kevin 2.0” scenarios ✔️ Why the AI trust problem is more about identity than alignment ✔️ Human-in-the-loop vs sandboxing ✔️ Kill switches & blast radius reduction ✔️ Least privilege & just-in-time access ✔️ Why LLMs may not become a bigger security threat than web apps ✔️ The future of AI identity systems Vineeth shares insights from his work within OWASP. And we also explore how Agent Name Service (ANS) extends trust to AI agents by building on DNS and certificate-based identity systems. As millions of AI agents begin operating across ecosystems, identity, authentication, and verification become foundational. 🧠 10 Key Takeaways: → Use OWASPs Agentic Security Guide as Your Design Baseline → Stop Giving Agents Static Credentials → Implement a Memory Firewall for Your Agents → Always Separate LLMs from Tool Access Logic → Use OWASPs Agentic Threat Templates for Internal Red Teaming → Design for Detection: Don’t Just Block, Monitor → Adopt 'Andon Cord' Patterns to Kill Compromised Agent Sessions → Start Using Agent Fingerprints for Identity Control → Apply Least Privilege to Every Tool the Agent Can Access → Join OWASPs Agentic Security Initiative or Align With AIVSS/AISVS Early If you're building AI agents, designing autonomous systems, or leading platform security, this episode gives you practical insights to apply immediately. 🔔 Subscribe for deep conversations on AI security, agentic systems, governance, and building trustworthy AI infrastructure.