A Conversation with Bar-El Tayouri from Mend.io
Unsupervised Learning6 Mai

A Conversation with Bar-El Tayouri from Mend.io

➡ Get full visibility, risk insights, red teaming, and governance for your AI models, AI agents, RAGs, and more—so you can securely deploy AI powered applications with ul.live/mend

In this episode, I speak with Bar-El Tayouri, Head of AI Security at Mend.io, about the rapidly evolving landscape of application and AI security—especially as multi-agent systems and fuzzy interfaces redefine the attack surface.

We talk about:

• Modern AppSec Meets AI Agents
 How traditional AppSec falls short when it comes to AI-era components like agents, MCP servers, system prompts, and model artifacts—and why security now depends on mapping, monitoring, and understanding this entire stack.

• Threat Discovery, Simulation, and Mitigation
 How Mend’s AI security suite identifies unknown AI usage across an org, simulates dynamic attacks (like prompt injection via PDFs), and provides developers with precise, in-code guidance to reduce risk without slowing innovation.

• Why We’re Rethinking Identity, Risk, and Governance
Why securing AI systems isn’t just about new threats—it’s about re-implementing old lessons: identity access, separation of duties, and system modeling. And why every CISO needs to integrate security into the dev workflow instead of relying on blunt-force blocking.

Subscribe to the newsletter at:
https://danielmiessler.com/subscribe

Join the UL community at:
https://danielmiessler.com/upgrade

Follow on X:
https://x.com/danielmiessler

Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler

Chapters:

00:00 - From Game Hacking to AI Security: Barel’s Tech Journey
03:51 - Why Application Security Is Still the Most Exciting Challenge
04:39 - The Real AppSec Bottleneck: Prioritization, Not Detection
06:25 - Explosive Growth of AI Components Inside Applications
12:48 - Why MCP Servers Are a Massive Blind Spot in AI Security
15:02 - Guardrails Aren’t Keeping Up With Agent Power
16:15 - Why AI Security Is Maturing Faster Than Previous Tech Waves
20:59 - Traditional AppSec Tools Can’t Handle AI Risk Detection
26:01 - How Mend Maps, Discovers, and Simulates AI Threats
34:02 - What Ideal Customers Ask For When Securing AI
38:01 - Beyond Guardrails: Mend’s Guide Rails for In-Code Mitigation
41:49 - Multi-Agent Systems Are the Next Security Nightmare
45:47 - Final Advice for CISOs: Enable, Don’t Disable Developers

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Episoder(532)

The Experience of Free Will is Not Free Will

The Experience of Free Will is Not Free Will

A short essay on how it's possible to experience free will without it being real.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

1 Feb 20175min

Unsupervised Learning: No. 63

Unsupervised Learning: No. 63

Peak Prevention at AppSec Cali, Austrian Hotel Ransomware, Russian FSB Drama, WordPress Issues, AV Conflicts, Uber Pays Another Company's Bounty, Data Science, Rules for Rulers…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

30 Jan 201746min

Unsupervised Learning: No. 62

Unsupervised Learning: No. 62

An OWASP Gaming Security Framework, infosec news, OPSEC is obscurity, AMP is a horrible idea, the End of Twitter, the Sound of Silence, chaning your Echo wake word, RAWGraphs, Ask Lesley, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

22 Jan 201728min

Unsupervised Learning: No. 61

Unsupervised Learning: No. 61

Nasty new GMail phishing bug, Microsoft kills security bulletins, ShadowBrokers go dark, Cellebrite hacked, Combining sensor data with machine learning, the tradeoff between privacy and IoT functionality, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

16 Jan 201739min

Gratitude is the Epicenter of Happiness

Gratitude is the Epicenter of Happiness

The elusive center of happiness is gratitude, and the reason seems to be evolution.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

14 Jan 20174min

If You Believe Nothing You Can Be Convinced of Anything

If You Believe Nothing You Can Be Convinced of Anything

An essay about the Russian hacking attribution issue, and how people who cannot differentiate the credibility of information sources are ultimately set to believe anything rather than nothing.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

13 Jan 201712min

Unsupervised Learning: No. 60

Unsupervised Learning: No. 60

How we know Russia did it, the FBI using Best Buy, an IBM study on ransomware, MongoDB hacks, and more…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

11 Jan 201731min

4 Things To Do in the First Week of Every January

4 Things To Do in the First Week of Every January

A short piece on why I don't like New Years resolutions, and the four things I prefer to do instead. Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Des 20162min

Populært innen Teknologi

romkapsel
rss-avskiltet
teknisk-sett
energi-og-klima
tomprat-med-gunnar-tjomlid
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
smart-forklart
rss-alt-som-gar-pa-strom
pedagogisk-intelligens
rss-digitaliseringspadden
elektropodden
rss-heis
i-loopen
kunstig-intelligens-med-morten-goodwin
rss-snakk-om-sikkerhet
rss-alt-vi-kan
rss-plateprat
rss-fjorsilkebris-podcast