Rules don’t scale. Architecture does. F5’s Lori MacVittie makes the case for putting security policy in the infrastructure—not the app—and for treating AI as its own threat surface. If your program is still chasing strings with rules, you’re already behind.

If your “AI security” strategy is a pile of brittle rules, you’re governing yesterday’s system. In this no-fluff conversation, Lori MacVittie argues for a structural fix: move policy and enforcement into the architecture where they can evolve without redeploys—then govern AI as a distinct threat surface (prompts, context, responses, completions, agents), not just another API.

She also shows how to use LLMs for what humans are bad at: fast pattern discovery. Her real-world example? A packet capture fed to an LLM surfaced a noisy IoT device in minutes—compressing mean-time-to-repair by skipping the rule-writing slog.

Reality check: AI adoption is outrunning AI security. If you’re still reactive, you’re late.

Quick explainer for non-practitioners: Regex (regular expressions) = rule-based string pattern matching; useful for forms, brittle against attackers who mutate text. Lori’s point: shift to semantic signals (meaning/behavior), not just string matches.

In This Episode

• From rules to semantics: why regex won’t save you—and how AI helps detect semantic patterns of abuse.
• Put controls in the architecture: keep secure coding by default, but move policy/enforcement/governance out of the app to avoid security debt and dev drag.
• Govern the AI loop: prompts, context windows, responses, completions, agents—the surface is broader than APIs or the network stack.
• Adoption vs. security: the Road Runner problem—AI is sprinting ahead of the controls.
• Practical win: use LLMs to accelerate discovery in telemetry (e.g., packet captures) and cut MTTR.

Guest Bio

Lori MacVittie is a Distinguished Engineer & Chief Evangelist in F5’s Office of the CTO. She writes and speaks extensively on modern app delivery, AI-driven operations, and security governance.