This post explores how to secure modern agentic AI systems by applying the core principles of Zero Trust. It details the unique attack surfaces of AI agents, such as prompt injection and model poisoning, and outlines a comprehensive security architecture including non-human identity management, AI firewalls, and the critical role of human oversight.
Jason Martin of Permiso Security discusses the exponential rise of AI agents in enterprises and the urgent security challenges they present. He covers the concept of Non-Human Identity (NHI), applying Zero Trust principles to ephemeral and over-permissioned agents, and outlines key attack vectors like prompt injection and data poisoning, while also exploring the potential of defensive AI to enhance security operations.