Episode
Threat Modeling the AI Agent: Architecture, Threats & Monitoring
- Podcast
- Cloud Security Podcast
- Published
- Nov 11, 2025
- Duration seconds
- 2840
- Processing state
not_requested
Actions
POST https://stenobird.com/v1/public/podcasts/cloud-security-podcast-612345/episodes/threat-modeling-the-ai-agent-architecture-threats-monitoring/transcription-requests
Idempotently request low-priority transcript generation for this episode.GET https://stenobird.com/podcast/cloud-security-podcast-612345/threat-modeling-the-ai-agent-architecture-threats-monitoring.md
Read the agent-friendly Markdown representation of this episode resource.
Summary
Are we underestimating how the agentic world is impacting cybersecurity? We spoke to Mohan Kumar, who did production security at Box for a deep dive into the threats of true autonomous AI agents. The conversation moves beyond simple LLM applications (like chatbots) to the new world of dynamic, goal-driven agents that can take autonomous actions. Mohan took us through why this shift introduces a new class of threats we aren't prepared for, such as agents developing new, unmonitorable communication methods ("Jibber-link" mode). Mohan shared his top three security threats for AI agents in production: Memory Poisoning: How an agent's trusted memory (long-term, short-term, or entity memory) can be corrupted via indirect prompt injection, altering its core decisions. Tool Misuse: The risk of agents connecting to rogue tools or MCP servers, or having their legitimate tools (like a calendar) exploited for data exfiltration. Privilege Compromise: The critical need to enforce least-privilege on agents that can shift roles and identities, often through misconfiguration. Guest Socials - Mohan's Linkedin Podcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security Podcast- Y…