Podcast Episode Details
Back to Podcast Episodes![Attack of the automated ops. [Research Saturday]](https://megaphone.imgix.net/podcasts/ea82c3c2-b67c-11f0-ab10-03971cbe5073/image/95b72a93c2ffaf8ff900d662a9bd3735.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
Attack of the automated ops. [Research Saturday]
Season 9 Episode 400
Today we are joined by Dario Pasquini, Principal Researcher at RSAC, sharing the team's work on WhenAIOpsBecome “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation. A first-of-its-kind security analysis showing that LLM-driven AIOps agents can be tricked by manipulated telemetry, turning automation itself into a new attack vector.
The researchers introduce AIOpsDoom, an automated reconnaissance + fuzzing + LLM-driven telemetry-injection attack that performs “adversarial reward-hacking” to coerce agents into harmful remediations—even without prior knowledge of the target and even against some prompt-defense tools. They also present AIOpsShield, a telemetry-sanitization defense that reliably blocks these attacks without harming normal agent performance, underscoring the urgent need for security-aware AIOps design.
The research can be found here:
Learn more about your ad choices. Visit megaphone.fm/adchoices
Published on 3 days, 4 hours ago