All content for Research Saturday is the property of N2K Networks and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
Today we are joined by Dario Pasquini, Principal Researcher at RSAC, sharing the team's work on WhenAIOpsBecome “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation. A first-of-its-kind security analysis showing that LLM-driven AIOps agents can be tricked by manipulated telemetry, turning automation itself into a new attack vector.
The researchers introduce AIOpsDoom, an automated reconnaissance + fuzzing + LLM-driven telemetry-injection attack that performs “adversarial reward-hacking” to coerce agents into harmful remediations—even without prior knowledge of the target and even against some prompt-defense tools. They also present AIOpsShield, a telemetry-sanitization defense that reliably blocks these attacks without harming normal agent performance, underscoring the urgent need for security-aware AIOps design.
The research can be found here:
When AIOps Become “AI Oops”:
Subverting LLM-driven IT Operations via Telemetry Manipulation
Learn more about your ad choices. Visit megaphone.fm/adchoices
Research Saturday
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
