Ant Ducker, a network security engineer who runs red team vs blue team firewall demos, walks through attacking a finance app with an LLM chatbot and defending it. Short, punchy demos show prompt injection attempts, lateral movement in Kubernetes, Zero Day detection, AI-driven guardrails, micro-segmentation, and encrypted-traffic inspection with neural intent detection.
28:38
forum Ask episode
web_stories AI Snips
view_agenda Chapters
auto_awesome Transcript
info_circle Episode notes
question_answer ANECDOTE
Finance App Grew Into A Chatbot-Connected Hybrid System
The finance app evolved from a multi-tier on-prem app to a hybrid with Kubernetes, a proxy, and an LLM chatbot.
Ant's red team was engaged after the chatbot appeared unexpectedly, triggering the full attack-and-defend demo.
insights INSIGHT
AI Red Teaming Finds LLM Weaknesses
AI Defense runs algorithmic red teaming: it uses AI to automatically launch thousands of prompt-injection tests against deployed LLMs to find weaknesses.
In the demo a GPT-3.5-turbo model blocked ~69–70% of attacks but AI Defense surfaced remaining attack surface for remediation.
volunteer_activism ADVICE
Convert Red Team Findings Into Chatbot Guardrails
Turn red-team discoveries into runtime guardrails on the chatbot to prevent prompt injection, code leakage, and PII exfiltration.
Ant demonstrated generating policies from tests and then switching from monitor to block so the same prompt no longer worked.
Get the Snipd Podcast app to discover more snips from this episode
In this video, we dive into a real-world Red Team vs. Blue Team scenario. We simulate a cyberattack on a Finance Application that has integrated a new LLM Chatbot. You’ll see firsthand how attackers use Prompt Injection to bypass standard rules, how they move laterally through Kubernetes clusters, and how they attempt to execute Zero Day exploits.
More importantly, we show you how to defend against it. Using Cisco’s Hybrid Mesh Firewall, AI Defense, and Secure Workload, we demonstrate how to:
1. Detect & Block Prompt Injections: safeguarding your LLMs from manipulation.
2. Secure Kubernetes: using micro-segmentation to isolate threats in the cloud.
3. Inspect Encrypted Traffic: utilizing the Encrypted Visibility Engine (EVE) to
spot malware in TLS flows without decryption.
Whether you are a Network Engineer, Security Analyst, or just interested in how AI is changing the cybersecurity landscape, this demo is packed with practical insights
Big thank you to Cisco for sponsoring my trip to Cisco Live Amsterdam.
// Ant Ducker SOCIALS //
LinkedIn: / ant-ducker-0052801
YouTube channel dCloud: / @ciscodcloud
// Website REFERENCE //
Cisco Security Cloud control: https://sign-on.security.cisco.com/
Cisco.com: https://www.cisco.com/site/us/en/solu...
// YouTube Video REFERENCE //
Rick Miles’ video will be linked at a later stage once published.
/ David's SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: www.twitter.com/davidbombal
Instagram: www.instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: www.facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
YouTube: / @davidbombal
Spotify: open.spotify.com/show/3f6k6gE...
SoundCloud: / davidbombal
Apple Podcast: podcasts.apple.com/us/podcast...
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
0:00 - Coming Up
01:29 - Intro
02:20 - Demo Overview
03:57 - Demo Begins
09:35 - Adding Guardrails
11:45 - Secure Workloads
14:30 - Segmentation Workflow
18:33 - Overviewing Finance App
21:02 - Encrypted Visibility Engine
24:34 - Firewall Obversability and Control
25:44 - Ant's Advice For The Youth
26:40 - How to Learn Hybrid Mesh Firewall
28:16 - Conclusion
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Disclaimer: This video is for educational purposes only.
#cisco #ciscolive #ciscoemea
David Bombal