FlagThis

Abstract

This talk addresses the security challenges of integrating autonomous AI agents into the Software Development Life Cycle (SDLC). The speaker argues against the industry's over-reliance on fighting prompt injection, instead advocating for a layered defense-in-depth strategy. Key discussions include the implementation of guard models for ingress/egress filtering, the critical dangers of centralized data lakes, and the necessity of strict input parameterization over simple regex sanitization. The talk provides a blueprint for security engineers to protect agentic infrastructure without impeding data science productivity.