How Attackers Bypass AI Guardrails with Natural Language

Feb 10, 2026

Eduardo Redondo Garcia, Global Head of Cloud Security Architecture at Check Point with decades in security and AI fraud detection. He discusses how natural language becomes an attack vector, prompt injection and runtime defenses, risks from Shadow AI and third-party models, scaling social engineering with GenAI, and tackling deepfakes and biometric bypasses.

46:36

forum

Ask episode

web_stories

AI Snips

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

insights

INSIGHT

Natural Language Is The New Executable

Natural language prompts are now the primary attack surface for generative AI systems.
Eduardo says "natural language is your executable," which reframes security around intent rather than code.

insights

INSIGHT

Multilingual Prompts Bypass English Guardrails

Attackers exploit multilingual prompts and untested languages to bypass guardrails.
Eduardo notes many guardrails were tested only in English, leaving non-English vectors vulnerable.

volunteer_activism

ADVICE

Split Effort: Shift Left And Runtime Monitor

Do invest in both AI governance and data governance before deploying models.
Eduardo recommends shifting left ~30% for hygiene and 70% runtime monitoring to catch unforeseen behaviors.

Get the Snipd Podcast app to discover more snips from this episode

Eduardo's background and fraud detection work

01:49 • 1min

chevron_right

Defining GenAI security: prompts as the focus

02:55 • 2min

chevron_right

How attackers exploit GenAI versus web apps

05:15 • 4min

chevron_right

Governance, data governance and runtime risks

09:23 • 3min

chevron_right

Shift left vs. shift right: 30/70 security split

12:10 • 2min

chevron_right

Runtime prompt inspection and intent detection

14:30 • 1min

chevron_right

The 'poem hack' example of data exfiltration

15:53 • 3min

chevron_right

Scaling social engineering with GenAI

19:17 • 1min

chevron_right

Shadow AI and visibility challenges

20:28 • 5min

chevron_right

Third-party AI, data ownership and compliance

25:09 • 2min

chevron_right

Security vs product tension and board conversations

27:16 • 4min

chevron_right

Practical roadmap: extend existing security to GenAI

31:42 • 1min

chevron_right

Evaluating AI security vendors and model quality

33:12 • 2min

chevron_right

Natural language, multimodal inputs and hidden exfiltration

35:30 • 2min

chevron_right

Metrics and incident response for GenAI

37:10 • 2min

chevron_right

When to build versus buy AI security

39:00 • 33sec

chevron_right

Deepfakes and biometric defenses

39:34 • 3min

chevron_right

Choosing AI security partners with unique capabilities

42:33 • 49sec

chevron_right

Personal notes: soccer, family, and Honduran tacos

In the world of Generative AI, natural language has become the new executable. Attackers no longer need complex code to breach your systems, sometimes, asking for a "poem" is enough to steal your passwords .

In this episode, Eduardo Garcia (Global Head of Cloud Security Architecture at Check Point) joins Ashish to explain the paradigm shift in AI security. He shares his experience building AI-powered fraud detection systems and why traditional security controls fail against intent-based attacks like prompt injection and data poisoning .

We dive deep into the reality of Shadow AI, where employees unknowingly train public models with sensitive corporate data , and the sophisticated world of Deepfakes, where attackers can bypass biometric security using AI-generated images unless you're tracking micro-movements of the eye .

Guest Socials - ⁠⁠⁠⁠⁠⁠Eduardo's Linkedin

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

If you are interested in AI Security

, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠

(00:00) Introduction(01:55) Who is Eduardo Garcia? (Check Point)(03:00) Defining Security for GenAI: The Focus on Prompts (05:20) Why Natural Language is the New Executable (08:50) Multilingual Attacks: Bypassing Filters with Mandarin (12:00) Shift Left vs. Shift Right: The 70/30 Rule for AI Security (15:30) The "Poem Hack": Stealing Passwords with Creative Prompts (21:00) Shadow AI: The "HR Spreadsheet" Leak Scenario (25:40) Security vs. Compliance in a Blurring World (28:00) The Conflict: "My Budget Doesn't Include Security" (34:00) The 5 V's of AI Data: Volume, Veracity, Velocity (40:00) Deepfakes & Biometrics: Detecting Micro-Movements (43:40) Fun Questions: Soccer, Family, and Honduran Tacos

Home Top podcasts Popular guests Top books