The Attacker's Perspective on AI Security with Aryaman Behera

https://is1-ssl.mzstatic.com/image/thumb/Podcasts211/v4/f6/d5/ed/f6d5ed39-c78c-bbc3-9e16-8da9c7df7142/mza_16272558080117222112.jpg/600x600bb.jpg

The Boring AppSec Podcast

28 episodes

5 days ago

In this podcast, we will talk about our experiences having worked at different companies - from startups to big enterprises, from tech companies to security companies, and from building side projects to building startups. We will talk about the good, the bad, and everything in between. So join us for some fun, some real, and some super hot takes about all things Security in the Boring AppSec Podcast.

Technology

RSS

All content for The Boring AppSec Podcast is the property of The Boring AppSec Podcast and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_nologo/40655927/40655927-1736141685828-0e4ce07b90353.jpg

The Attacker's Perspective on AI Security with Aryaman Behera

The Boring AppSec Podcast

48 minutes 15 seconds

1 month ago

The Attacker's Perspective on AI Security with Aryaman Behera

In this episode, hosts Sandesh and Anshuman chat with Aryaman Behera, the Co-Founder and CEO of Repello AI. Aryaman shares his unique journey from being a bug bounty hunter and the captain of India's top-ranked CTF team, InfoSec IITR, to becoming the CEO of an AI security startup. The discussion offers a deep dive into the attacker-centric mindset required to secure modern AI applications, which are fundamentally probabilistic and differ greatly from traditional deterministic software. Aryaman explains the technical details behind Repello's platform, which combines automated red teaming (Artemis) with adaptive guardrails (Argus) to create a continuous security feedback loop. The conversation explores the nuanced differences between AI safety and security, the critical role of threat modeling for agentic workflows, and the complex challenges of responsible disclosure for non-deterministic vulnerabilities.

Key Takeaways

- From Hacker to CEO: Aryaman discusses the transition from an attacker's mindset, focused on quick exploits, to a CEO's mindset, which requires patience and long-term relationship building with customers.

- A New Kind of Threat: AI applications introduce a new attack surface built on prompts, knowledge bases, and probabilistic models, which increases the blast radius of potential security breaches compared to traditional software.

- Automated Red Teaming and Defense: Repello’s platform consists of two core products: Artemis, an offensive AI red teaming platform that discovers failure modes , and

- Argus, a defensive guardrail system. The platforms create a continuous feedback loop where vulnerabilities found by Artemis are used to calibrate and create policies for Argus.

- Threat Modeling for AI Agents: For complex agentic systems, a black-box approach is often insufficient. Repello uses a gray-box method where a tool called AgentWiz helps customers generate a threat model based on the agent's workflow and capabilities, without needing access to the source code.

- The Challenge of Non-Deterministic Vulnerabilities: Unlike traditional software vulnerabilities which are deterministic, AI exploits are probabilistic. An attack like a system prompt leak only needs to succeed once to be effective, even if it fails nine out of ten times.

- The Future of Attacks is Multimodal: Aryaman predicts that as AI applications evolve, major new attack vectors will emerge from new interfaces like voice and image, as their larger latent space offers more opportunities for malicious embeddings.

Tune in for a deep dive!

Contacting Aryaman

* LinkedIn: https://www.linkedin.com/in/aryaman-behera/

* Company Website: https://repello.ai/

Contacting Anshuman

* LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anshumanbhartiya/

* X: ⁠⁠⁠⁠https://x.com/anshuman_bh

* Website: ⁠⁠⁠⁠https://anshumanbhartiya.com/

* ⁠⁠⁠⁠Instagram: ⁠⁠⁠https://www.instagram.com/anshuman.bhartiya

Contacting Sandesh

* LinkedIn: ⁠⁠⁠⁠https://www.linkedin.com/in/anandsandesh/

* X: ⁠⁠⁠⁠https://x.com/JubbaOnJeans

* Website: ⁠⁠⁠⁠https://boringappsec.substack.com/