Why AI Infrastructure is Harder to Secure Than Cloud

Feb 20, 2026

Toni (Tony) De La Fuente, creator of the open-source tool Prowler with 25+ years in security, joins to unpack AI infrastructure risks. He explains why AI workloads differ from cloud, the shared responsibility gap in managed AI services, dangers of default MCP setups, and why generated IaC and multi-party AI stacks create new blind spots.

34:03

forum

Ask episode

web_stories

AI Snips

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

insights

INSIGHT

AI Is Its Own Security Domain

AI workloads have distinct infrastructure and configuration layers separate from general cloud infra.
Treat AI as its own security domain while accounting for cloud overlap.

insights

INSIGHT

Shared Responsibility Gets Blurry With Managed AI

Managed GenAI services create a blurred shared-responsibility surface compared with traditional cloud services.
Vendors may secure their side, but customer responsibilities often remain unclear.

volunteer_activism

ADVICE

Block Direct MCP-to-Database Access

Place RBAC and API controls between agents (MCPs) and data stores to prevent direct access.
Never configure an MCP to talk to a database directly.

Get the Snipd Podcast app to discover more snips from this episode

Toni's background and Prowler origin

02:21 • 1min

chevron_right

Distinguishing AI security from cloud security

03:21 • 2min

chevron_right

Managed GenAI services and responsibilities

05:20 • 2min

chevron_right

The shared responsibility gap in AI services

07:39 • 3min

chevron_right

Complexity of multi-party AI stacks

10:24 • 2min

chevron_right

Top AI security concerns and MCP architecture

12:23 • 3min

chevron_right

Assessing LLMs and detection tools

14:58 • 1min

chevron_right

Open source advantages for AI security

16:06 • 2min

chevron_right

AI pillars: dashboards, context, configuration

18:27 • 3min

chevron_right

AI-driven SDLC and infrastructure as code risks

21:50 • 3min

chevron_right

Experiment: AI delegating to expert security tools

25:17 • 2min

chevron_right

Top three priorities for security leaders

27:33 • 3min

chevron_right

Outlook and focus on present needs

Is AI security just "Cloud Security 2.0"? Toni De La Fuente, creator of the open-source tool Prowler, joins Ashish to explain why securing AI workloads requires a fundamentally different approach than traditional cloud infrastructure.

We dive deep into the "Shared Responsibility Gap" emerging with managed AI services like AWS Bedrock and OpenAI. Toni spoke about the hidden dangers of default AI architectures, why you should never connect an MCP (Model Context Protocol) directly to a database.

We discuss the new AI-driven SDLC, where tools like Claude Code can generate infrastructure but also create massive security blind spots if not monitored.

Guest Socials -⁠ ⁠⁠⁠⁠⁠Toni's Linkedin

If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:

If you are interested in AI Security

, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Security Podcast⁠

Questions asked:

(00:00) Introduction(02:50) Who is Toni De La Fuente? (Creator of Prowler)(03:50) AI Security vs. Cloud Security: What's the Difference? (07:20) The Shared Responsibility Gap in AI Services (Bedrock, OpenAI) (11:30) The "Fifth Party" Risk: Managed AI Access (13:40) AI Architecture Best Practices: Never Connect MCP to DB Directly (16:40) Prowler's AI Pillars: Generating Dashboards & Detections (22:30) The New SDLC: Securing Code from Claude Code & Lovable (25:30) The "Magic" Trap: Why AI Doesn't Know Your Security Context (28:30) Top 3 Priorities for Security Leaders (Infra, LLM, Shadow AI) (30:40) Future Predictions: Why Predicting 12 Months Out is Impossible

Home Top podcasts Popular guests Top books