Security in the Age of AI Agents: Office Hours with Jonathan Jaffe

Lemonade CISO Jonathan Jaffe said during Office Hours that AI is equally powerful for defenders and attackers, with the window of exploitability narrowing as AI-written code gets reviewed and patched faster than human pipelines. Jaffe noted that security teams are becoming engineering teams, with every security person at Lemonade building their own AI platform and agents that automate tasks like reading threat intel and checking if vulnerable methods are called in production code. He emphasized that every AI agent needs an identity and policy control at the point of action, as modern agentic security engineering will lead to significantly hardened systems.

When security practitioners become engineers, the mission changes from managing people to architecting the automated policies that govern an agentic world. Jonathan Jaffe https://www.linkedin.com/in/jonathanjaffe/ , CISO at Lemonade, joined me on Office Hours to discuss what this means for how we build, secure, & operate AI systems when both sides are automated. AI is just as powerful for defenders as it is for attackers. The fear narrative underestimates this fact. Defenders harden everywhere, simultaneously, because every vendor in the stack is also racing to ship. “There are tens of thousands of attack targets out there. The chances that you’re going to be one of those is small. At the same time, all of the vendors that you use will also have access to this to improve their services.” The window of exploitability is narrowing. Yes, AI will write more vulnerable code. But AI-written code also gets reviewed, pen-tested, & patched faster than any human pipeline. Plus, the total number of bugs within a particular piece of software is finite. As the velocity of solving or resolving bugs increases, software will become far more resilient. Security teams are becoming engineering teams. At Lemonade, every security person is an engineer. They built their own AI platform with agents on top of it. One agent reads threat intel. Another checks whether the vulnerable method is actually called in production code. “Automation is the only way you can deal with the scale of what’s coming at us now.” Every agent needs an identity. On a single endpoint, we could be running 200 or 10,000 agents, but each one of them needs to be numbered and then governed by policy at the point of action. “Every agent needs to have an identity, and more than that, you need a way to control policy for all of these agents in a much more complex way than current identity and access management systems do.” Modern agentic security engineering is rapidly transforming, and we should expect to see significantly hardened systems as a result. It’s a bright future for security and security professionals. I’m grateful to Jonathan for sharing his insights at Office Hours