{"podcast":{"title":"Along The Edge Podcast: Breaking, Defending, and Understanding Agentic AI","slug":"along-the-edge-agentic-ai","podcast_index_feed_id":7655271,"rss_url":"https://feeds.transistor.fm/along-the-edge-podcast-breaking-defending-and-understanding-agentic-ai","website_url":"https://ziosec.com","image_url":"https://img.transistorcdn.com/YkykxdpzPJyGt5LPeCJBXBJ8_--YmPhAj6yPknTS_M8/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS9jMjI2/ODk4N2MzYTU4NWE3/MmFmYmFmOGUzYTEy/MjlhNy5wbmc.jpg","author":"Aaron Walls","episode_count":5,"summary":"Along The Edge is a podcast about life on the frontier of AI security—where large language models turn into agents, tools get wired into everything, and the old web-app threat models stop being enough. Hosted by Andrius Useckas (Co-founder & CTO of ZioSec), Along The Edge dives deep into agentic AI security: jailbreaks, prompt injection, data leaks, MCP/tooling risks, least privilege for agents, and what “don’t trust, verify” really means in an AI-native stack. Each episode features hands-on practitioners—security architects, red teamers, researchers, and builders—who are actively breaking and defending real systems in production. If you’re building, deploying, or testing AI agents (SDR agents, SOC assistants, coding copilots, internal HR or payroll agents, etc.), this show gives you concrete attack paths, defensive patterns, and hard-earned lessons you won’t get from marketing decks and “AI safety” platitudes. Along The Edge is for: Security engineers and architects responsible for AI/agentic systems Red teams, pentesters, and researchers exploring AI-native attack surfaces Engineering leaders who don’t want to bolt security on after the breach Anyone who suspects “the model will…","last_synced_at":null,"page_url":"https://stenobird.com/podcast/along-the-edge-agentic-ai"},"episode":{"title":"Along The Edge e3: Breaking AI Agents: From Jailbreaks to MCP Exploits with Javi Rivera","slug":"along-the-edge-e3-breaking-ai-agents-from-jailbreaks-to-mcp-exploits-with-javi-rivera","published_at":"2026-02-13T01:23:40+00:00","page_url":"https://stenobird.com/podcast/along-the-edge-agentic-ai/along-the-edge-e3-breaking-ai-agents-from-jailbreaks-to-mcp-exploits-with-javi-rivera","show_page_url":"https://stenobird.com/podcast/along-the-edge-agentic-ai","url":"https://share.transistor.fm/s/d219fca3","audio_url":"https://media.transistor.fm/d219fca3/85e93a4b.mp3","summary":"AI agents introduce a new attack surface where traditional vulnerabilities like SQL injection and XSS are weaponized through model capabilities. This episode explores how the integration of tools and web access transforms prompt injection into a high-impact supply chain risk.","meta_description":"Learn how attackers exploit AI agents using classic injection techniques, MCP server vulnerabilities, and indirect prompt injection in this technical deep…","key_points":["Main idea: Agentic AI security is less about breaking the LLM and more about exploiting the tools and environments the agent can access","Failure mode: Using unverified MCP servers creates a massive supply chain risk by allowing malicious code execution through trusted agent workflows","Practical takeaway: Defense requires a 'defense in depth' approach, including sandboxing, least privilege, and strict input/output sanitization","Technical distinction: Security researchers must differentiate between manipulating the model's weights/logic and manipulating the agent's tool-use capabilities","Future threat: The rise of autonomous, thinking bots will enable automated, large-scale offensive campaigns that can adapt to defenses in real-time"],"chapters":[{"start_ms":60000,"title":"The Evolution of Offensive Security","summary":"Javi Rivera discusses his transition from traditional network and web application penetration testing to focusing on the vulnerabilities within agentic workflows."},{"start_ms":305000,"title":"Classic Exploits in an Agentic World","summary":"An analysis of how SQL injection, XSS, and command injection remain viable threats when agents are granted access to external APIs and web tools."},{"start_ms":795000,"title":"System Prompts and Constraints","summary":"How developers use system prompts to define agent boundaries and how attackers attempt to bypass these instructions to manipulate agent behavior."},{"start_ms":1295000,"title":"Data Exfiltration Techniques","summary":"Exploring how attackers use structured patterns to trick models into leaking sensitive information like credentials or internal file contents."},{"start_ms":1810000,"title":"Indirect Prompt Injection Demo","summary":"A walkthrough of the Gray Swan AI Arena, demonstrating how an attacker can manipulate an agent by poisoning the data sources it retrieves."},{"start_ms":2570000,"title":"The MCP Supply Chain Risk","summary":"A critical look at the security implications of the Model Context Protocol (MCP) and the dangers of connecting agents to unverified third-party servers."},{"start_ms":2840000,"title":"Defensive Strategies and Best Practices","summary":"Practical advice on implementing guardrails, sanitizing tool outputs, and maintaining strict access controls to mitigate agentic risks."}],"topics":["AI Security","Agentic AI","Prompt Injection","Model Context Protocol","Penetration Testing","LLM Vulnerabilities","Cybersecurity","Supply Chain Attacks"],"duration_seconds":3361,"processing_state":"processed","actions":[{"name":"request_transcript","method":"POST","url":"https://stenobird.com/v1/public/podcasts/along-the-edge-agentic-ai/episodes/along-the-edge-e3-breaking-ai-agents-from-jailbreaks-to-mcp-exploits-with-javi-rivera/transcription-requests","description":"Idempotently request low-priority transcript generation for this episode."},{"name":"read_markdown","method":"GET","url":"https://stenobird.com/podcast/along-the-edge-agentic-ai/along-the-edge-e3-breaking-ai-agents-from-jailbreaks-to-mcp-exploits-with-javi-rivera.md","description":"Read the agent-friendly Markdown representation of this episode resource."}]}}