logo
episode-header-image
Nov 11
47m 20s

Threat Modeling the AI Agent: Architectu...

Cloud Security Podcast Team
About this episode

Are we underestimating how the agentic world is impacting cybersecurity? We spoke to Mohan Kumar, who did production security at Box for a deep dive into the threats of true autonomous AI agents.

The conversation moves beyond simple LLM applications (like chatbots) to the new world of dynamic, goal-driven agents that can take autonomous actions. Mohan took us through why this shift introduces a new class of threats we aren't prepared for, such as agents developing new, unmonitorable communication methods ("Jibber-link" mode).

Mohan shared his top three security threats for AI agents in production:

  1. Memory Poisoning: How an agent's trusted memory (long-term, short-term, or entity memory) can be corrupted via indirect prompt injection, altering its core decisions.
  2. Tool Misuse: The risk of agents connecting to rogue tools or MCP servers, or having their legitimate tools (like a calendar) exploited for data exfiltration.
  3. Privilege Compromise: The critical need to enforce least-privilege on agents that can shift roles and identities, often through misconfiguration.


Guest Socials -⁠ ⁠⁠⁠⁠⁠⁠⁠⁠Mohan's Linkedin

Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠


Questions asked:

(00:00) Introduction(01:30) Who is Mohan Kumar? (Production Security at Box)(03:30) LLM Application vs. AI Agent: What's the Difference?(06:50) "We are totally underestimating" AI agent threats(07:45) Software 3.0: When Prompts Become the New Software(08:20) The "Jibber-link" Threat: Agents Ditching Human Language(10:45) The Top 3 AI Agent Security Threats(11:10) Threat 1: Memory Poisoning & Context Manipulation(14:00) Threat 2: Tool Misuse (e.g., exploiting a calendar tool)(16:50) Threat 3: Privilege Compromise (Least Privilege for Agents)(18:20) How Do You Monitor & Audit Autonomous Agents?(20:30) The Need for "Observer" Agents(24:45) The 6 Components of an AI Agent Architecture(27:00) Threat Modeling: Using CSA's MAESTRO Framework(31:20) Are Leaks Only from Open Source Models or Closed (OpenAI, Claude) Too?(34:10) The "Grandma Trick": Any Model is Susceptible(38:15) Where is AI Agent Security Evolving? (Orchestration, Data, Interface)(42:00) Fun Questions: Hacking MCPs, Skydiving & Risk, Biryani


Resources mentioned during the episode:

Mohan’s Udemy Course -AI Security Bootcamp: LLM Hacking Basics

Andre Karpathy's "Software 3.0" Concept

"Jibber-link Mode" Video

CrewAI Framework

OWASP Top 10 for LLM Applications

Cloud Security Alliance (CSA) MAESTRO Framework

Up next
Nov 18
How to Build Trust in an AI SOC for Regulated Environments
<p>How do you establish trust in an AI SOC, especially in a regulated environment? <a href="https://www.linkedin.com/in/grant-oviatt-882111a0/" target="_blank" rel="noopener noreferer">Grant Oviatt</a>, Head of SOC at P<a href="https://www.prophetsecurity.ai/" target="_blank" rel ... Show More
42m 15s
Nov 4
AI is already breaking the Silos Between AppSec & CloudSec
The silos between Application Security and Cloud Security are officially breaking down, and AI is the primary catalyst. In this episode, Tejas Dakve, Senior Manager, Application Security, Bloomberg Industry Group and Aditya Patel, VP of Cybersecurity Architecture discuss how the ... Show More
1h 11m
Oct 28
AI Agents for SOC: Hype Curve vs. Measurable ROI
Is the AI SOC analyst just hype, or is there measurable ROI? We spoke to Edward Wu, founder of Dropzone AI about this and he shared insights from a recent Cloud Security Alliance (CSA) benchmark report that quantified the impact of AI augmentation on SOC teams. The study revealed ... Show More
36m 21s
Recommended Episodes
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Jun 2025
Vibe Coding vs Low-Code/No-Code: Security Risks and CI/CD Pipeline Impacts for Citizen Developers
Explore the evolution from traditional coding to vibe coding and its relationship with low-code/no-code (LCNC) platforms. This comprehensive analysis examines how AI-assisted development and visual programming tools are creating a new generation of citizen developers, transformin ... Show More
9m 42s
Nov 2024
Bridging AI and Cybersecurity Gaps with Mileva Security Labs’ Harriet Farlow
Join us in this episode of Threat Vector as guest host Michael Heller shares his conversation with Harriet Farlow, CEO of Mileva Security Labs and a pioneer in AI security research. With a background spanning AI and national cybersecurity, Harriet shares her journey into adversar ... Show More
27m 17s
Dec 2024
Behind the Scenes with Palo Alto Networks CIO and CISO Securing Business Success with Frictionless Cybersecurity
In this episode of Threat Vector, David Moulton speaks with Meerah Rajavel, CIO of Palo Alto Networks, and Niall Browne, CISO of the organization, about the importance of aligning IT strategy with cybersecurity.  Meerah and Niall discuss how frictionless security, AI integration ... Show More
39m 17s
Sep 2024
Cyber Security Trends and Tips
Join us on the latest episode of Aviation Tech Talks with host, Jim Boccarossa, as we soar into the world of aviation technology! In this episode, we dive deep into the crucial topic of cybersecurity with expert guest, Sagar Pandya, co-founder of Middle Ground Technologies. Disco ... Show More
31m 27s
Oct 2022
An IT security professional walks into an OT bar.
An assessment of port and terminal cybersecurity in the US. Tata Power discloses a cyberattack. The White House issues statements on cybersecurity. India’s power company collaborates on energy sector cybersecurity. Guests Special Agent in Charge, Tom Sobocinski, and Supervisory S ... Show More
37m 7s
Sep 2024
CISO vs. Security Engineer
In this episode of Life of a CISO, Dr. Eric Cole dives into the significant differences between security engineers and chief information security officers, a distinction many fail to recognize. He explains that merging these two roles into the same career track is one of the core ... Show More
31m 46s
Listen to millions of songs and podcasts on Anghami