EPISODE · Apr 7, 2026 · 36 MIN
Solving Prompt Injection & Shadow AI for AI Malware
from Cloud Security Podcast · host TechRiot.io
Are AI agents functioning like adversarial malware inside your network? In this episode of the Cloud Security Podcast, Ashish sits down with Jasson Casey, Co-founder and CEO of Beyond Identity, to speak about the security risks introduced by Shadow AI and code assistants .Jasson explains why an AI agent executing a tool is the perfect opportunity for prompt injection or proprietary data exfiltration comparing unchecked agents to Ron Burgundy reading whatever is on the teleprompter . We discuss the "barbell" reaction of CISOs (either blocking AI entirely or blindly accepting the risk) and why placing device-bound identity at the core of your security stack is the only way to safely enable AI speed .From an $80,000 stolen Anthropic key nightmare on Reddit to a red-team exercise that cloned voices using Hugging Face models in just four hours, this episode highlights the tangible threats and solutions of the AI era .Guest Socials - Jasson's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter If you are interested in AI Security, you can check out our sister podcast - AI Security PodcastQuestions asked:(00:00) Introduction(02:50) Who is Jasson Casey? (CEO of Beyond Identity) (03:50) The Reality of Shadow AI: Marketers & Devs Moving Fast (05:10) Why AI Agents Execute Like Adversarial Malware (06:20) Prompt Injection Over Time & Agent "Memory" as Persistence (07:40) The CISO "Barbell": Blocking Everything vs. Accepting All Risk (09:30) Applying the NIST Framework to AI Agents (12:00) The Reddit Horror Story: An $80,000 Stolen Claude Key (13:00) Why Device-Bound Identity is the Ultimate AI Control Plane (15:50) The Death of SaaS IT Products (Replaced by Git + Claude Code) (19:30) Fixing Prompt Injection & Exfil via Attributable Identity (20:50) Moving from UI Dashboards to API Data + AI Skills (26:20) Building "Agentic Playbooks" for Security Teams (27:40) Red Teaming: Cloning Voices in 4 Hours via Hugging Face (30:20) Fun Questions: Kangaroo vs. Crocodile Tasting (31:50) Hobbies: Radar Projects & Northern Mexican Cuisine (Dark Mole) This episode was sponsored by Beyond Identity Resources spoken about during the episode: To get started with Ceros, the AI Trust Layer - Visit beyondidentity.ai
What this episode covers
Are AI agents functioning like adversarial malware inside your network? In this episode of the Cloud Security Podcast, Ashish sits down with Jasson Casey, Co-founder and CEO of Beyond Identity, to speak about the security risks introduced by Shadow AI and code assistants .Jasson explains why an AI agent executing a tool is the perfect opportunity for prompt injection or proprietary data exfiltration comparing unchecked agents to Ron Burgundy reading whatever is on the teleprompter . We discuss the "barbell" reaction of CISOs (either blocking AI entirely or blindly accepting the risk) and why placing device-bound identity at the core of your security stack is the only way to safely enable AI speed .From an $80,000 stolen Anthropic key nightmare on Reddit to a red-team exercise that cloned voices using Hugging Face models in just four hours, this episode highlights the tangible threats and solutions of the AI era .Guest Socials - Jasson's LinkedinPodcast Twitter - @CloudSecPod If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-Cloud Security Podcast- Youtube- Cloud Security Newsletter If you are interested in AI Security, you can check out our sister podcast - AI Security PodcastQuestions asked:(00:00) Introduction(02:50) Who is Jasson Casey? (CEO of Beyond Identity) (03:50) The Reality of Shadow AI: Marketers & Devs Moving Fast (05:10) Why AI Agents Execute Like Adversarial Malware (06:20) Prompt Injection Over Time & Agent "Memory" as Persistence (07:40) The CISO "Barbell": Blocking Everything vs. Accepting All Risk (09:30) Applying the NIST Framework to AI Agents (12:00) The Reddit Horror Story: An $80,000 Stolen Claude Key (13:00) Why Device-Bound Identity is the Ultimate AI Control Plane (15:50) The Death of SaaS IT Products (Replaced by Git + Claude Code) (19:30) Fixing Prompt Injection & Exfil via Attributable Identity (20:50) Moving from UI Dashboards to API Data + AI Skills (26:20) Building "Agentic Playbooks" for Security Teams (27:40) Red Teaming: Cloning Voices in 4 Hours via Hugging Face (30:20) Fun Questions: Kangaroo vs. Crocodile Tasting (31:50) Hobbies: Radar Projects & Northern Mexican Cuisine (Dark Mole) This episode was sponsored by Beyond Identity Resources spoken about during the episode: To get started with Ceros, the AI Trust Layer - Visit beyondidentity.ai
NOW PLAYING
Solving Prompt Injection & Shadow AI for AI Malware
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m