Trustpilot's Gary Hunter on Structuring Security Knowledge for AI Success

14 snips

Dec 23, 2025

Gary Hunter, Head of Security Operations at Trustpilot, shares insights from his journey in building a robust security team. He emphasizes treating AI agents like interns, with strict guardrails to ensure safe operations. Discover how competitive prompt testing fine-tunes AI performance and how democratizing learning fosters cultural buy-in for AI adoption. Gary also reveals strategies for multimodal brand protection and why constraints can spark creativity in security practices. Tune in for valuable tips on enhancing detection and empowering team members.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Free Time To Do Higher-Value Work

Reassure the team that AI augments, not replaces, by using it to remove toil and shift people to higher-order work.
Prioritize prevention work so freed capacity goes to shift-left, vendor management, and relationship building.

ANECDOTE

Multimodal Brand Protection Pipeline

Trustpilot uses multimodal brand-protection pipelines that pass screenshots and HTML into AI to score infringement 0–100.
They apply keyword filters and safety checks before issuing heavy takedown actions.

ADVICE

Treat Agents Like Interns

Treat AI agents like interns: codify exactly what they'd be allowed to do and restrict dangerous tool access.
Back playbooks with infrastructure-as-code and governance so actions remain auditable and safe.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Gary Hunter, Head of Security Operations at Trustpilot, built a security team from scratch at a company synonymous with trust. Gary shares how his ten-person team leverages AI agents across alert triage, multimodal brand protection, and incident response.

He explores why he and his team treat AI agents like interns with codified guardrails, why competitive prompt testing reveals the best approaches, and how restricting AI to specific documentation sets prevents confusion. Gary also offers his tips on building weatherproof team members who adapt to any technology shift and reflects on why constraints breed creativity in resource-limited environments.

Topics discussed:

Building security operations from scratch by identifying pain points, understanding technology gaps, and systematically increasing detection coverage and visibility
Leveraging AI agents for alert triage and workflows to enable teams to run as fast as attackers while maintaining appropriate human oversight
Implementing competitive prompt testing by running multiple AI models to identify the most effective approach before deployment
Creating cultural buy-in for AI adoption by empowering team members to contribute prompts and democratizing learning across skill levels
Using AI for multimodal brand protection, analyzing screenshots and HTML content to score potential infringements and automate response workflows appropriately
Treating AI agents like interns, codifying processes, and limiting tool access based on what you'd delegate to junior team members
Building detection strategies that focus on behaviors and crown jewels while using AI to triage noisy but potentially valuable alerts
Documenting institutional knowledge concisely rather than overwhelming AI models with extensive documentation that creates conflicting or irrelevant responses
Shifting team focus from alert triaging to high-impact prevention work, vendor management, and building relationships across the business

Listen to more episodes: