Send us a text

Today's explores the impact of agentic AI on security landscapes, particularly concerning identity management. It begins by defining AI agents as digital workers that independently pursue goals, outlining their components like perception, reasoning, and learning, and their multi-layered infrastructure. The discussion then transitions to the new attack surfaces introduced by AI agents, such as identity spoofing, privilege creep, and prompt injection, highlighting how agents’ dynamic and ephemeral nature poses unique security challenges. I have critically examined the limitations of current human-centric identity solutions like OAuth and SAML in accommodating machine identities, advocating for a machine-first approach in identity security. Finally, the episode details how the industry is evolving to address these shortfalls through zero trust for agents, policy as code, and enhanced auditability, citing examples from major cloud providers and dedicated identity management companies.

LinkedIn Profile: https://www.linkedin.com/in/thecyberman/
Substack: https://thecyberman.substack.com/

Support the show

Google Drive link for Podcast content:
https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnko

My Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/
Youtube Channnel : https://www.youtube.com/@TheCybermanShow
Twitter handle https://twitter.com/prashant_cyber

PS: The views are my own and dont reflect any views from my employer.

Send us a text

This episode offers an extensive exploration of AI-driven code generation, known as vibe coding. This episode details how AI tools like Lovable simplify app development for both technical and non-technical users by generating code from natural language prompts. It contrasts this emerging practice with traditional software engineering and the future of AI-native development. The podcast also highlights significant cybersecurity risks associated with AI-generated code, citing reports from Veracode and Backbench that reveal a high percentage of insecure code. Finally, it provides recommendations for secure vibe coding, emphasizing human review and secure prompting techniques, and identifies new skill sets essential for the evolving landscape of AI-powered software creation.

Support the show

Google Drive link for Podcast content:
https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnko

My Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/
Youtube Channnel : https://www.youtube.com/@TheCybermanShow
Twitter handle https://twitter.com/prashant_cyber

PS: The views are my own and dont reflect any views from my employer.

Send us a text

Today's episiode introduces Model Context Protocol (MCP), an open standard designed to enable Artificial Intelligence (AI) applications, particularly Large Language Models (LLMs), to seamlessly interact with third-party tools and data sources. It explains MCP's architecture, including hosts, clients, servers, and external tools, and highlights its benefits such as eliminating knowledge cut-offs, reducing hallucinations, and enhancing AI's capability to perform real-world actions. The discussion also touches upon the growing adoption of MCP servers by cybersecurity vendors to facilitate natural language interaction with security platforms, while acknowledging the potential security implications of this new architectural layer.

Support the show

Google Drive link for Podcast content:
https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnko

My Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/
Youtube Channnel : https://www.youtube.com/@TheCybermanShow
Twitter handle https://twitter.com/prashant_cyber

PS: The views are my own and dont reflect any views from my employer.