
Sign up to save your podcasts
Or


Is an AI agent's identity a workload or an action? Ashish spoke to Elie Bursztein, Distinguished Research Scientist and co-author of Google SAIF (Secure AI Framework) about how it is neither and that is exactly why our traditional security models no longer apply to the AI era . In this episode, Ashish sits down with Elie to explore the evolution of AI from a passive "brain in a jar" to an active agent that takes actions on your behalf . Elie breaks down the reality of Indirect Prompt Injection, sharing a recent zero-click exploit where simply sending a malicious Google Calendar invite caused an AI agent to execute unauthorized commands . If your organization is building agentic workflows, this conversation provides aroadmap. Learn why you must treat agents like contractors with a verifiable "mandate," why the order of tool execution matters (never let an agent access private banking data and then browse the open internet), and how the industry is moving toward "semantic firewalls" to contain the AI blast radius .
Questions asked:
(00:00) Introduction(02:50) Elie Bursztein’s Background & Creating Google SAIF (07:50) Defining AI Agents: The "Brain in a Jar" vs. Real-World Action (11:00) Agent Identity: Is it a Workload or an Action? (13:30) The Concept of an AI "Mandate" (The Contractor Analogy) (19:30) Translating Natural Language into Verifiable Smart Contracts (24:50) The Missing Semantic Layer in AI Observability (25:30) What’s Next: Agent Identity and AI Privacy (27:30) Indirect Prompt Injection: The Zero-Click Google Calendar Hack (30:00) Containing the AI Blast Radius & Tool Execution Order (33:30) Building a Semantic Firewall (36:00) The #1 Rule for Safely Deploying AI Agents (Start Small) (40:30) Hobbies: Writing a Book on Innovation & The Playing Card Heritage Foundation (44:50) Favorite Food: Yakiniku (Japanese BBQ)
Resources spoken about during the episode:
Google SAIF (Secure AI Framework)
Elie's Website
By TechRiot.io4.9
99 ratings
Is an AI agent's identity a workload or an action? Ashish spoke to Elie Bursztein, Distinguished Research Scientist and co-author of Google SAIF (Secure AI Framework) about how it is neither and that is exactly why our traditional security models no longer apply to the AI era . In this episode, Ashish sits down with Elie to explore the evolution of AI from a passive "brain in a jar" to an active agent that takes actions on your behalf . Elie breaks down the reality of Indirect Prompt Injection, sharing a recent zero-click exploit where simply sending a malicious Google Calendar invite caused an AI agent to execute unauthorized commands . If your organization is building agentic workflows, this conversation provides aroadmap. Learn why you must treat agents like contractors with a verifiable "mandate," why the order of tool execution matters (never let an agent access private banking data and then browse the open internet), and how the industry is moving toward "semantic firewalls" to contain the AI blast radius .
Questions asked:
(00:00) Introduction(02:50) Elie Bursztein’s Background & Creating Google SAIF (07:50) Defining AI Agents: The "Brain in a Jar" vs. Real-World Action (11:00) Agent Identity: Is it a Workload or an Action? (13:30) The Concept of an AI "Mandate" (The Contractor Analogy) (19:30) Translating Natural Language into Verifiable Smart Contracts (24:50) The Missing Semantic Layer in AI Observability (25:30) What’s Next: Agent Identity and AI Privacy (27:30) Indirect Prompt Injection: The Zero-Click Google Calendar Hack (30:00) Containing the AI Blast Radius & Tool Execution Order (33:30) Building a Semantic Firewall (36:00) The #1 Rule for Safely Deploying AI Agents (Start Small) (40:30) Hobbies: Writing a Book on Innovation & The Playing Card Heritage Foundation (44:50) Favorite Food: Yakiniku (Japanese BBQ)
Resources spoken about during the episode:
Google SAIF (Secure AI Framework)
Elie's Website

1,093 Listeners

375 Listeners

1,030 Listeners

2,354 Listeners

345 Listeners

178 Listeners

208 Listeners

202 Listeners

57 Listeners

10,182 Listeners

136 Listeners

40 Listeners

8,439 Listeners

682 Listeners

34 Listeners