Cybersecurity Awesomeness Podcast - Episode 162
カートのアイテムが多すぎます
カートに追加できませんでした。
ウィッシュリストに追加できませんでした。
ほしい物リストの削除に失敗しました。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
Cybersecurity Awesomeness Podcast - Episode 162
-
ナレーター:
-
著者:
In this episode of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler explore a pressing security shift: adversaries are increasingly bypassing traditional credential theft to exploit the AI systems already embedded within corporate environments. The hosts discuss how "agentic" AI solutions often operate with overprivileged non-human identities, granting bots excessive access to data and infrastructure that far exceeds their functional requirements.
This resurgence of "standing access" for machine accounts—a vulnerability CISOs thought they had mitigated—is being exacerbated by the rapid, near-universal adoption of AI development tools. Using real-world examples, ranging from inadvertent AI-generated discounts to the complex liability of autonomous vehicles, Chris and Ken illustrate the risks of prompt injection and data poisoning. The episode serves as a critical call to action for security teams: to treat AI agents with the same rigorous identity management and just-in-time provisioning standards historically reserved for human users before these misconfigurations lead to massive data exfiltration.