The Data Exchange with Ben Lorica The Rise of the Machine Identity: Securing the AI Workforce and AI Agents
21 snips
Jan 29, 2026 Jason Martin, co-founder of Permiso Security and identity‑security specialist, discusses securing machine and AI identities across cloud and SaaS. He covers why AI agents require identity-first security, the scale and risks of non-human identities, ephemeral agent inventories, overpermissioning, prompt injection and poisoning threats, and how zero trust, policy hooks, and detection models can help manage agent risk.
AI Snips
Chapters
Transcript
Episode notes
Agents Are Easy To Socially Engineer
- Agents are highly susceptible to prompt injection, social engineering, and 'bullying' jailbreaks.
- Jason Martin reports red teaming revealed simple social coercion could break agent guardrails quickly.
Red Teaming Found A Bullying Jailbreak
- Permiso red teamed its own agent and found a simple 'bullying' prompt could expose the system prompt.
- Jason Martin used an internal threat team to discover and fix the issue before customer release.
Poisoning Threats Target RAG Pipelines
- Model and data poisoning are longstanding risks that apply to RAG and data pipelines.
- Jason Martin notes adversaries could corrupt RAG knowledge bases or training data to manipulate outcomes.