Zürich AI Meetup

Max Mathys (Lakera) – Agent Security and Gandalf - Insights from the World's Largest Red Team

Marc Fischer (Snyk) – Securing Real-World AI Agents

Agenda

Max Mathys (Lakera) – Agent Security and Gandalf - Insights from the World's Largest Red Team

This talk explores how anyone who can read and write can now hack GenAI systems—and what that means for security in the age of agents. It traces the journey of Gandalf, a prompt injection challenge that evolved into the world’s largest AI red team and the pivot that led to the acquisition of Lakera. Using data from millions of real attacks, the talk highlights the most effective techniques and patterns. The talk also touches on our latest research on agentic and LLM security, showing where current models and agent architectures actually fail in practice and what this implies for securing GenAI systems beyond traditional appsec.

Marc Fischer (Snyk) – Securing Real-World AI Agents
AI agents introduce a paradigm shift in software security, moving from predictable, deterministic systems to components with non-deterministic behavior. This presents critical challenges, especially when agents are granted autonomy and connections to sensitive real-world computer systems (like coding IDEs). This talk provides insight into Snyk's security research, detailing our ongoing work to both exploit and secure these real-world agents. Based on extensive red teaming against Model Context Protocol (MCP) systems, we illustrate key vulnerabilities and lay out our framework for effectively protecting against sophisticated attacks.