AI Highlights from RSAC 2024 and BSides SF 2024
AI Security Podcast22 Touko 2024

AI Highlights from RSAC 2024 and BSides SF 2024

Key AI Security takeaways from RSA Conference 2024, BSides SF 2024 and all the fringe activities that happen in SF during that week. Caleb and Ashish were speakers, panelists, participating in several events during that week and this episode captures all the highlights from all the conversations they had and they trends they saw during what they dubbed the "Cybersecurity Fringe Festival” in SF.


Questions asked:

(00:00) Introduction

(02:53) Caleb’s Keynote at BSides SF

(05:14) Clint Gibler’s Bsides SF Talk

(06:28) What are BSides Conferences?

(13:55) Cybersecurity Fringe Festival

(17:47) RSAC 2024 was busy

(19:05) AI Security at RSAC 2024

(23:03) RSAC Innovation Sandbox

(27:41) CSA AI Summit

(28:43) Interesting AI Talks at RSAC

(30:35) AI conversations at RSAC

(32:32) AI Native Security

(33:02) Data Leakage in AI Security

(30:35) Is AI Security all that different?

(39:26) How to filter vendors selling AI Solutions?

Jaksot(51)

The Zero-Click AI Hack: How to Contain the Blast Radius of Autonomous Agents

The Zero-Click AI Hack: How to Contain the Blast Radius of Autonomous Agents

Is an AI agent's identity a workload or an action? Ashish spoke to Elie Bursztein, Distinguished Research Scientist and co-author of Google SAIF (Secure AI Framework) about how it is neither and that ...

29 Huhti 47min

Buy vs. Build AI Security: Why [Box.com](http://Box.com) CISO is Creating their Own Agentic SOC

Buy vs. Build AI Security: Why [Box.com](http://Box.com) CISO is Creating their Own Agentic SOC

If your AI solution is just helping humans process the same amount of alerts a little faster, you haven't transformed anything, you've just created a faster hamster wheel.In this episode, Ashish and C...

22 Huhti 46min

Anthropic's Project Mythos: Why the "Zero-Day Machine" is Terrifying the Security Industry

Anthropic's Project Mythos: Why the "Zero-Day Machine" is Terrifying the Security Industry

In this episode, Ashish and Caleb discuss the internet-breaking preview of Project Mythos, an unreleased AI model from Anthropic that has shown an unprecedented, terrifying ability to reason through c...

18 Huhti 1h 3min

Are AI Security Startups Faking It? How to Separate Signal from Noise

Are AI Security Startups Faking It? How to Separate Signal from Noise

With over 70 startups claiming to have built the perfect "AI SOC Analyst" or "AI Threat Hunter," how do you separate the real products from the vaporware? Recorded live at Decibel RSAC Founder Festiva...

15 Huhti 47min

How Lovable Manages 100+ Daily Changes, Vibe Coding & Shadow AI

How Lovable Manages 100+ Daily Changes, Vibe Coding & Shadow AI

What does it actually look like to run security inside one of Europe's fastest-growing AI companies? In this episode, recorded live at the Munich Cybersecurity Conference (MCSC), Ashish Rajan sat down...

2 Huhti 57min

Questions Every CISO Must Ask AI Security Vendors

Questions Every CISO Must Ask AI Security Vendors

RSA Conference 2026 is here and the AI agent hype machine is louder than ever. In this episode, Ashish and Caleb cut through the noise and arm CISOs, practitioners, and security teams with a clear-eye...

18 Maalis 50min

Will Foundation Models Kill Security Startups?

Will Foundation Models Kill Security Startups?

Did Anthropic just kill the AppSec industry? Following the announcement of Claude Code Security, a tool that finds, reasons about, and fixes code vulnerabilities, major security stocks dropped by 8% ....

5 Maalis 59min

How to Build Your Own AI Chief of Staff with Claude Code

How to Build Your Own AI Chief of Staff with Claude Code

What if you could automate your entire work life with a personal AI Chief of Staff? In this episode, Caleb Sima reveals "Pepper," his custom-built AI agent to Ashish that manages emails, schedules mee...

11 Helmi 47min