The AI Agent Access Problem with Chris Hughes

Описание: AI agents aren't magic coworkers. They're powerful, error-prone systems that can be hijacked, over-permissioned, and "social-engineered" just like humans. Chris Hughes, CEO of Aquia, Resilient Cyber podcast host, author of Securing Al Agents, and United States Air Force veteran dives into why identity and access are brutally hard in an agentic Al world. He also explains how incentives, compliance, and culture shape what actually gets secured.

- Al agents are risky "users" too. Agents make bizarre mistakes humans wouldn't. And they can be taken over by threat actors. That means they need an identity, permissions, and access controls, not an all-access backstage pass.

Identity and access management (IAM) is hard.... and SaaS often makes it harder. Most orgs over-provision access, never clean it up, and struggle to keep permissions current. SaaS tools frequently miss the business context needed to do access right. Chris cautions that those IAM tools themselves become part of the attack surface.

- The fundamentals still matter (a lot). Least privilege, micro-segmentation, and off-boarding are still important, even for agents. The goal? Minimize the damage agents can do and take away those permissions when they’re no longer needed.

Developers should be aware of the many flavors of context manipulation. Context manipulation is where malicious instructions entice the Al agent to perform actions or disclose information it shouldn't. Bookmark the OWASP GenAl Security Project, which continually updates these risks: https://genai.owasp.org

Zero Trust applies to agents, but incentives fight it. Zero Trust principles map cleanly onto agentic Al, but business leaders are focused on speed, revenue, and market expansion, not abstract security models. They start caring when Zero Trust and agent security are framed as compliance, regulatory, or market-entry requirements. Compliance is still a primary driver of cybersecurity headcount and tooling. Use that lever.

- Agentic Al doesn't change whether we need good access control and security fundamentals, it just raises the stakes. As Chris says, "you can't secure what you don't understand," so start by truly understanding how your agents act and what they have access to. If you're in DevSecOps or application security, think about how you can make life easier for your dev team: "make doing the right thing the easy thing."

About Chris Hughes
Chris Hughes is a United States Air Force veteran and the CEO and co-founder of Aquia, where he helps secure state and federal agencies as well as the Department of Defense. He is the host of the Resilient Cyber podcast and a recognized expert in application security, software supply chain security, vulnerability management, and DevSecOps. Chris previously served as a Cyber Innovation Fellow (CIF) at the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

Check out Chris’s three books:
Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem
Securing AI Agents: Foundations, Frameworks, and Real-World Deployment
Software Transparency: Supply Chain Security in an Era of a Software-Driven Society

Connect with our guest, Chris Hughes, on LinkedIn:   / resilientcyber  

-
Join a community of developers on VIA Knowledge Hub’s Substack: https://www.viaknowledgehub.com/

Get passwordless logins instantly with VIA’s Zero Trust Fabric (ZTF): https://www.solvewithvia.com/via-ztf/

Test out VIA’s Zero Trust Fabric (ZTF) on GitHub: https://github.com/viascience/ztf-tut...