Ep 22 - Part 1 - AI Security Foundations, Visibility, Governance, and the Risks Nobody Owns

🎙️ Coffee, Chaos and ProdSec, Ep 22

AI is already inside your environment, whether you planned for it or not. So this week, Kurt and Cameron grab their mugs and talk through the AI security foundations that tend to break first, long before anyone calls it an incident.

From gaining visibility into shadow AI and hidden agents, to setting up governance that does not drive usage underground, to building inventories that actually keep up with how fast AI changes, this episode digs into where things fall apart in real organizations.

They also get into securing AI usage itself, from agents running with the wrong identities, to data leaking quietly through prompts and responses, to why traditional DLP and SDLC assumptions no longer hold.

Along the way, they connect the dots between Cybersecurity, Application Security, Product Security, DevSecOps, Software Supply Chain Security, and AI, with honest takes, real-world examples, and a few moments of disbelief at how familiar these failures already feel.

If you are responsible for AI risk, or you are about to be, this episode will sound uncomfortably close to home.

☕ New episodes every Wednesday.

Coffee, Chaos and ProdSec -> strong coffee, stronger opinions.