Your Own AI Is Getting Used to Pwn You - Here's How to Stop It

Artificial Intelligence (AI) speeds up outcomes… including your adversaries'. The same agents you deploy to move faster become the fastest way to exploit how you've configured AI and how you feed it your organization's data.

This session opens with research from Netwrix Security Research: 2,550 accounts deleted and hard-deleted in eight minutes. One human instruction; the AI handled the rest. By the time it surfaced in the audit logs, it was already over.

And the threat isn't just from the outside. Your own employees are deploying AI agents with broad access to files, systems, and identity infrastructure. Roughly half of MCP server configurations store credentials in plaintext. These keys can hand an adversary membership to GitHub, databases, Entra ID, and more. Worse, these credentials tend to pile up in shared config files, so a single MCP server config can hold the keys to a dozen services at once. With AI desktop agents now everywhere, watching which secrets get used and how they're stored matters more than ever.

Darryl Baker and Sander Berkouwer show how AI gets turned against you and how to shut that down before it happens including free tools from Netwrix. And when something does slip through? That's where Netwrix steps in to save your proverbial AI bacon.