AI Security Podcast cover art

AI Security Podcast

AI Security Podcast

By: Kaizenteq Team
Listen for free

About this listen

The #1 source for AI Security insights for CISOs and cybersecurity leaders. Hosted by two former CISOs, the AI Security Podcast provides expert, no-fluff discussions on the security of AI systems and the use of AI in Cybersecurity. Whether you're a CISO, security architect, engineer, or cyber leader, you'll find practical strategies, emerging risk analysis, and real-world implementations without the marketing noise. These conversations are helping cybersecurity leaders make informed decisions and lead with confidence in the age of AI.Kaizenteq Team
Episodes
  • Gen AI Threat Modeling vs. AI-Powered Defense:
    Jul 31 2025

    Is generative AI a security team's greatest new weapon or its biggest new vulnerability? This episode dives headfirst into the debate with two leading experts on opposite sides of the AI dragon. We 1st published this episode on Cloud Security Podcast and because of the feedback we received from those diving into all things AI Security, we wanted to bring it to those who haven't probably had the chance to hear it yet on this podcast.


    On one side, discover how to leverage and "tame" AI for your defense. Jackie Bow explains how Anthropic uses its own powerful LLM, Claude, to revolutionize threat detection and response. Learn how AI can be used to:

    • Build investigation and triage tools with incredible speed.

    • Break free from the "black box" of traditional security tools, offering more visibility and control.

    • Creatively "hallucinate" within set boundaries to uncover investigative paths a human might miss.

    • Lower the barrier to entry for security professionals, enabling them to build prototypes and tools without deep coding expertise.

    On the other side, Kane Narraway provides a masterclass in threat modeling the new landscape of AI systems. He argues that while AI introduces new challenges, many are amplifications of existing SaaS risks. This conversation covers the critical aspects of securing AI, including:

    • Why access, integrations, and authorization are the biggest risk factors in enterprise AI.

    • How to approach threat modeling for both in-house and third-party AI tools.

    • The security challenges of emerging standards like MCP (Meta-Controller Protocol) and the importance of securing the data AI tools can access.

    • The critical need for security teams to adopt AI to keep pace with modern engineering departments.


    Questions asked:

    (00:00) Intro: Slaying or Training the AI Dragon at BSidesSF?(02:22) Meet Jackie Bow (Anthropic): Training AI for Security Defense(02:51) Meet Kane Narraway (Canva): Securing AI Systems & Facing Risks(03:49) Was Traditional Security Ops "Hot Garbage"? Setting the Scene(05:57) The Real Risks: What AI Brings to Your Organisation(06:53) AI in Action: Leveraging AI for Threat Detection & Response(07:46) AI Hallucinations: Bug, Feature, or Security Blind Spot?(08:55) Threat Modeling AI: The Core Challenges & Learnings(12:26) Getting Started: Practical AI Threat Detection First Steps(16:42) AI & Cloud: Integrating AI into Your Existing Environments(25:21) AI vs. Traditional: Is Threat Modeling Different Now?(28:34) Your First Step: Where to Begin with AI Threat Modeling?(31:59) Fun Questions & Final Thoughts on the Future of AI Security


    Resources

    BSidesSF 2025 - AI's Bitter Lesson for SOCs: Let Machines Be Machines
    BSidesSF 2025 - One Search To Rule Them All: Threat Modelling AI Search

    Show More Show Less
    36 mins
  • Vibe Coding for CISOs: Managing Risk & Opportunity in AI Development
    Jun 27 2025

    What happens when your product, sales, and marketing teams can build and deploy their own applications in a matter of hours? This is the new reality of "Vibe Coding," and for CISOs, it represents both a massive opportunity for innovation and a significant governance challenge.

    In this episode, join Ashish Rajan and Caleb Sima as they move beyond the hype to provide a strategic playbook for security leaders navigating the world of AI-assisted development. Learn how Vibe Coding empowers non-engineers to solve business problems and how you can leverage it to rapidly prototype security solutions yourself. Get strategies to handle the inevitable influx of AI-generated applications from across the business without overwhelming your engineering and security teams.

    • Understanding the Core Opportunity
    • Assessing the Real-World Output
    • Managing the "Shadow Prototype" Risk
    • Building Proactive Guardrails
    • Architecting for Safety


    For more episodes like this go to www.aisecuritypodcast.com


    Questions asked:

    (00:00) Why Vibe Coding is a C-Suite Issue

    (02:34) The Strategic Advantage of Hands-On AI

    (04:20) Your AI Development Toolkit: Where to Start

    (12:08 Choosing Your First Project: A Framework for Success

    (16:46) The CISO as an AI Engineering Manager: A Step-by-Step Workflow

    (31:32) A Surprising Security Finding: AI and Least Privilege

    (36:47) Augmenting AI with Agents and Live Data

    (38:50) Beyond Code: AI Agents for Business Automation (Zapier, etc.)

    (43:30) The "Production Ready" Problem: Who Owns the Code?

    (53:25) A CISO's Playbook for Governing AI Development


    Resources spoken about during the episode:

    AI Native Landscape - Tools

    Cline

    Roo-Code

    Visual Studio Code

    Windsurf

    Bolt.new

    Aider

    v0 - Vercel

    Lovable

    Claude Code

    ChatGPT

    Show More Show Less
    1 hr
  • Vibe Coding, Slopsquatting, and the Future of AI in Software Development
    Jun 12 2025

    In this episode, we welcome back Guy Podjarny, founder of Snyk and Tessl, to explore the evolution of AI-assisted coding. We dive deep into the three chapters of AI's impact on software development, from coding assistants to the rise of "vibe coding" and agentic development.

    Guy explains what "vibe coding" truly is, a term coined by Andrej Karpathy where developers delegate more control to AI, sometimes without even reviewing the code. We discuss how this opens the door for non-coders to create real applications but also introduces significant risks.

    Caleb, Ashish and Guy discuss:

    • The Three Chapters of AI-Assisted Coding: The journey from simple code completion to full AI agent-driven development.
    • Vibe Coding Explained: What is it, who is using it, and why it's best for "disposable apps" like prototypes or weekend projects.
    • A New Security Threat - Slopsquatting: Discover how LLMs can invent fake library names that attackers can exploit, a risk potentially greater than typosquatting.
    • The Future of Development: Why the focus is shifting from the code itself—which may become disposable—to the importance of detailed requirements and rigorous testing.
    • The Developer as a Manager: How the role of an engineer is evolving into managing AI labor, defining specifications, and overseeing workflows


    Questions asked:

    (00:00) The Evolution of AI Coding Assistants(05:55) What is Vibe Coding?(08:45) The Dangers & Opportunities of Vibe Coding(11:50) From Vibe Coding to Enterprise-Ready AI Agents(16:25) Security Risk: What is "Slopsquatting"?(22:20) Are Old Security Problems Just Getting Bigger?(25:45) Cloud Sprawl vs. App Sprawl: The New Enterprise Challenge(33:50) The Future: Disposable Code, Permanent Requirements(40:20) Why AI Models Are Getting So Good at Understanding Your Codebase(44:50) The New Role of the AI-Native Developer: Spec & Workflow Manager(46:55) Final Thoughts & Favorite Coding Tools


    Resources spoken about during the episode:

    AI Native Dev Community

    Tessl

    Cursor

    Bolt

    BASE44

    Vercel

    Show More Show Less
    49 mins
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.