Darren Meyer :donor:Since #cursor has an auto-run mode, vulnerabilities to prompt injections are effectively auto-pwn mode – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:So now how do we secure agents against this sort of thing? – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:We defend using fairly traditional analysis tactics like a kill chain analysis – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:Replit incident mentioned. – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:Level 3 autonomous agents have a feedback loop that means that once something is injected it continues to operate in a compromised mode, even actively collaborating with attackers to make attacks succeed – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:"Always treat LLM output with skepticism; use citations, educate users" – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:"AppSec still exists": we have to do basics like staying on top of vulnerabilities, following secure design principles, and defense in depth. These raise complexity for attackers.
"LLM powered software is still software" – Lynch & Harang #BHUSA #LivePost
Darren Meyer :donor:Some takeaways – Lynch & Harang #BHUSA #LivePost