A Conversation with Bar-El Tayouri from Mend.io
Unsupervised Learning6 Maj

A Conversation with Bar-El Tayouri from Mend.io

➡ Get full visibility, risk insights, red teaming, and governance for your AI models, AI agents, RAGs, and more—so you can securely deploy AI powered applications with ul.live/mend

In this episode, I speak with Bar-El Tayouri, Head of AI Security at Mend.io, about the rapidly evolving landscape of application and AI security—especially as multi-agent systems and fuzzy interfaces redefine the attack surface.

We talk about:

• Modern AppSec Meets AI Agents
 How traditional AppSec falls short when it comes to AI-era components like agents, MCP servers, system prompts, and model artifacts—and why security now depends on mapping, monitoring, and understanding this entire stack.

• Threat Discovery, Simulation, and Mitigation
 How Mend’s AI security suite identifies unknown AI usage across an org, simulates dynamic attacks (like prompt injection via PDFs), and provides developers with precise, in-code guidance to reduce risk without slowing innovation.

• Why We’re Rethinking Identity, Risk, and Governance
Why securing AI systems isn’t just about new threats—it’s about re-implementing old lessons: identity access, separation of duties, and system modeling. And why every CISO needs to integrate security into the dev workflow instead of relying on blunt-force blocking.

Subscribe to the newsletter at:
https://danielmiessler.com/subscribe

Join the UL community at:
https://danielmiessler.com/upgrade

Follow on X:
https://x.com/danielmiessler

Follow on LinkedIn:
https://www.linkedin.com/in/danielmiessler

Chapters:

00:00 - From Game Hacking to AI Security: Barel’s Tech Journey
03:51 - Why Application Security Is Still the Most Exciting Challenge
04:39 - The Real AppSec Bottleneck: Prioritization, Not Detection
06:25 - Explosive Growth of AI Components Inside Applications
12:48 - Why MCP Servers Are a Massive Blind Spot in AI Security
15:02 - Guardrails Aren’t Keeping Up With Agent Power
16:15 - Why AI Security Is Maturing Faster Than Previous Tech Waves
20:59 - Traditional AppSec Tools Can’t Handle AI Risk Detection
26:01 - How Mend Maps, Discovers, and Simulates AI Threats
34:02 - What Ideal Customers Ask For When Securing AI
38:01 - Beyond Guardrails: Mend’s Guide Rails for In-Code Mitigation
41:49 - Multi-Agent Systems Are the Next Security Nightmare
45:47 - Final Advice for CISOs: Enable, Don’t Disable Developers

Become a Member: https://danielmiessler.com/upgrade

See omnystudio.com/listener for privacy information.

Avsnitt(532)

NO. 355 | NEWS & ANALYSIS SERIES

NO. 355 | NEWS & ANALYSIS SERIES

Critical TLS, Liz Russia, AI Sweater… Sponsor: Keeper Security | Protect employee passwords in minutes with Keeper — the award-winning password manager that is secure, easy to set up, and easy to use. Keeper works out-of-the-box with identity, MFA, and SIEM solutions including Okta, Azure AD, Ping Identity, G Suite, YubiKey and many others…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

31 Okt 202213min

Why Everyone Needs a Blog | THE IDEA SERIES

Why Everyone Needs a Blog | THE IDEA SERIES

People used to be defined by where they work, and now they’re defined by their knowledge, capabilities, and opinions.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

27 Okt 20224min

Creativity Comes From Idleness | THE IDEA SERIES

Creativity Comes From Idleness | THE IDEA SERIES

A few years ago I figured out why we’re so creative in the shower…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

26 Okt 20222min

AI Art Will Push the Top 1% to Human Artists | THE IDEA SERIES

AI Art Will Push the Top 1% to Human Artists | THE IDEA SERIES

https://danielmiessler.com/blog/ai-art-push-1-percent-human-artists/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

25 Okt 20224min

NO. 354 | THE NEWS & ANALYSIS SERIES

NO. 354 | THE NEWS & ANALYSIS SERIES

China Controls, TikTok Tracking, Infra Sabotage…Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

24 Okt 202218min

Humiliation is Deadly | THE IDEA SERIES

Humiliation is Deadly | THE IDEA SERIES

Exploring a status game model for understanding negative behavior. https://danielmiessler.com/blog/humiliation-is-deadly/Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

21 Okt 202211min

NO. 353 | THE NEWS & ANALYSIS SERIES

NO. 353 | THE NEWS & ANALYSIS SERIES

🗞️ Caffeine Phishing, Cyber Labeling, Kamikaze Drones… Sponsor: Panther Security https://panther.com/ul22Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

17 Okt 20229min

News & Analysis | NO. 352

News & Analysis | NO. 352

CISA Assets, Contractor Hack, China CVEs… Sponsored by: Jupiter One @ jupiterone.com/unsupervisedlearning Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

12 Okt 202213min

Populärt inom Teknik

uppgang-och-fall
rss-racevecka
elbilsveckan
rss-badfluence
market-makers
bosse-bildoktorn-och-hasse-p
bilar-med-sladd
natets-morka-sida
rss-laddstationen-med-elbilen-i-sverige
garagehang
hej-bruksbil
rss-veckans-ai
solcellskollens-podcast
skogsforum-podcast
rss-uppgang-och-fall
rss-it-sakerhetspodden
rss-snacka-om-ai
rss-technokratin
rss-elektrikerpodden
developers-mer-an-bara-kod