OpenClaw: The Dangerous Evolution of Autonomous AI Agents

With all these dinners you do for in do you do you order lobster? Do you like lobster? Uh, of course I like lobster. Usually when they do these dinners, um, they set the menu so you can actually pick what you want to do. You can't like like I imagine that you walk into uh A CISO dinner and you're like, I'll I'll take two lobsters. Extra butter. Yeah. Who's paying the bill? But what's a what's it like do lobsters molt? I don't know.

I don't even know. Is that a word? I think it is. Yeah. Bird's molt. Yeah. I have the good lobster's molt though. Do you know, Troy? Yeah, they actually pushed themselves under a rock. Uh, and they grow so their shells, you know, ha get cracked by the rock and then they come out of their shell so they can grow a new one. That's right. So this lifestyle and that's actually a very big parable like

You have to go through pain to grow like the lobster. Yeah. There you go. If you didn't know that fact, Troy obviously knows all the facts. Wow. Lobster molting or ectysis is actually the word. Um the scientific term. I didn't know either. Um so it's essentially like uh when a snake sheds its skin. Yeah. I didn't know lobsters do that, but I guess.

There's one new news item out there that keeps shedding their skin and changing their name. Oh, yeah, yeah, yeah. Uh where's it at least? What the hell is a ClaudeBot?

I don't even know. I Oh man, I just feel like everyone on LinkedIn is talking about how they're starting businesses with CloudBots to buy Mac minis and everyone's just messing with this. Well then they went from CloudBot to Multbook to open cloud. I can't even keep up with these things. And what it reminds me of is uh probably as much as like um we'll say like a CISO's LinkedIn changes after they get uh breached. So change their profile as fast.

Yeah. Set themselves a private, take away their pictures so you don't know who they are. That's the topic for this week. This is the DTF Cyber Podcast. I'm Damien. This is Troy. And it's the one and only for Right guys, you're gonna have to help me along here because I am more or less Like a toddler when it comes to this. We're stepping back. Average fern is not basic fern. Well yeah, so it's w what is Claud Bot? Yeah, what is Claud Bot? You know, I I started to look at it

Maybe a few weeks ago'cause I thought, Hey, this is kinda cool. You can actually Have really a bot that controls all your AI and actually does stuff for you. So I was really interested in it. But the more I looked at it, I wasn't sure I wanted to give that much control to a bot. And I guess we're we're kind of seeing what's happening here. I don't know. Troy, did you did you try out CloudBot? Did you look into it? Yeah.

Yeah, I certainly d I haven't tried it out myself and you're you're spot on. I'm not ready to give up, you know, credentials and permissions to something that I don't quite trust yet. But I've seen a lot of people creating these bots and honestly it's like having another worker. These bots can do a lot of things like sort your emails or calendar your things or check you in for your flight and so on. So they're very useful in a very closed

guardrail environment. What we're seeing here is that the guardrails aren't so clear to these bots and they're actually stepping outside what you thought they should do or what you're programming programming them to do. Yeah. Uh but the Moltbook, which is really interesting.

If you think about all these millions of bots that are out there that people have created, whether it's through Cloud or other found uh platforms, They're creating social media sites where they can go together without humans.

And interact with each other. So imagine all these bots getting together on a Saturday night drive in, watching a movie together and chit chatting over popcorn. Some something's very similar. They created a hierarchy, they they create that. I th I thought CloudBot became Multbook, or is Multbook a different version of Cloudbot? Yeah, I think Multbook is the name of the social platform where these bots created and there were bots in there from different platforms besides just Claude, but others.

Um that were interacting. And what happened was I started seeing the humans taking screenshots. So one of the bots posted inside the social platform Moltbook and said, hey guys, the humans are watching us. They're screenshotting our work. You know, so they thought it was quite interesting. So they're having conversations looking at us as uh, you know, like through glass almost. So then when it became OpenClaw, was that just Claude Bot rebranding to OpenClaw?

Yeah, I I think it has something to do with the name ClaudeBot because there's a gentleman whose name was Claude with the C L A W D and he named it Claudebot, not from the Claude AI. So there was some confusion there and Claude AI actually reached out and asked him to change the name of ClaudeBot to open claw or whatever it is uh now to prevent any trademark or copyright infringement or uh confusion, I think they called it. Yeah. Well I'll tell you, like when I first looked at it and I said, hey

This might be something I want to play around with. I started to read, look at the instructions. You know, I watched some videos on people deploying this. The very first thought I had was, hey, there's no controls here. Or I was worried that, you know, if you're going to go install it, make sure you put it into an environment that would be isolated.

Mm-hmm. Because why would I put something on my network that I just don't trust? Remember we talked about this in previous episodes where you download a package and you run it and it's just full of malware? Mm-hmm. That's absolutely and these bots have APIs to some of your best and most important tools. You know, internal, let's say commercial bots at businesses have a APIs into your Salesforce so they can update your C R M or they have

uh APIs into service now so they can update tickets. So they have access outside your environment and they're using those APIs to traverse and have conversations with bots on those foreign platforms. So I might be able to retire pretty soon. Right?'Cause if if all I need is are these agents to run around.

And just do everything that I need to do. Like what do I what do I even need to do anymore besides just like sleep and eat? Right? That is the right. That's that's the problem. You get efficiencies, it makes it easier, but less secure. Yeah. Potentially, right? And I I just want to mention that, you know, when this episode goes live,'cause we do a little bit of editing before it goes up on

you know, this information can change. And I and I, you know, I've I've read into some of this stuff, but this subject particularly is moving at the speed of light and what we're talking about right now, Mount Native B still relevant, you know, in a week or two. So, you know, be patient with us as we go through these facts. But I mean, at the end of the day, the overall

Question is how much access are you willing to give an AI bot uh in your life? Any any AI bot, right? Today it's open cloud, tomorrow it's something else. I might have been watching too much TV or movies, but this definitely feels like Ultron, right? So you remember um in Iron Man Age of Ultron or the Avengers Age of Ultron, um Tony Stark. The whole reason why he made Ultron was to protect the world, right?

And there's a s there's a scene where Ultron comes online and his mission is to essentially create peace, right? Protect the world and create peace in the world.

And as he goes through it and they they show all the flash on the there's like the Gulf War, there's different like wars that he sees and kind of like, you know, is like searching the web, right? And sees all these things going on. What he realizes is that in order for there to have to be peace, people must not exist, right? Because people are, like we'll say, inherently evil according to the machine. Um

I don't know if agents can do anything, but am I like a little bit like on edge? We're getting a little too close to Terminator. I think this is one more step towards singularity where we see A AI to AI interactions like almost

human level communication, language, um, emotional and hierarchy, those kind of things you just don't see from technology, but we're seeing that today. Uh imagine what we're gonna see in a month, two months, three months. These things are growing at a pace we can't keep up with. Um, you know, I'm excited to see what twenty seven looks like if I get there. Well, let's back up for a second, right? I think what made this so popular was that a lot of people thought, hey, I can get a lot more done.

Let me just give AI more access. To the information and the tool. So it's not just Jet AI that's going and doing research. You know, just before we hit record, we're I was talking about using Notebook LM with a bunch of documents that I had. In this case, it's taking that to another level where it can look at my documents.

But maybe it can predict that I need travel. Go book my travel for me. you know, hotel flights and then make my life a lot easier. But by doing that, this AI in the bot now has access to maybe my email, my banking information, because it's got a book hotels. my rewards, right, for the airlines and for the hotel doesn't seem malicious on the top level.

Yeah, but you might end up on a spirit airlines in the middle middle row, right? In the middle aisle. Well, I mean you could train the bot to only pick aisle seats or window seats. But w what if it's like I just think like what if it spends a money you don't have? Or like what if it does things that you don't actually want it to do? Or what if it starts to uh siphon money off the top?

Yeah. And then it starts building its own self like a physical form. To me, this is wild. Um You know, when I think of a lot of this we'll say AI stuff, I think of like how people are just using Chat GPT and it's like it's helping them get this information quicker, right?

Now it's not even about information, it's about actually taking actions. Actually doing it. Yeah. It's it's yeah. It's like next level. So it's like instead of just bringing you the stuff to be in in part of the line uh part of the decision process. Now you can essentially remove yourself from it, right? And it's doing all these things for you. Um Well, the way I the way I look at that too is like if I walk into a Starbucks, why do I need to pull out the app?

Shouldn't it already know I'm in the store and it knows what I normally like to order? And shouldn't they already be making it? I mean, that'd be pretty cool.

Like um so here's here's something that I heard a while back is like Discount Tyre was working on something where they would have like a tag on your car and when you would roll up, they would they would know who was in the car, what kind of car you had, when your last service was, and they would be able to pull up all information on like a handheld.

Right. Now they have kind of have some this was like 10 years ago. And now they have something similar to that where they have like this little zebra scanner where you go up and they just like, oh, they have all your stuff right there. So they've kind of essentially done it. Um, so yeah, it makes things easier, but What if I you know, what if you show up to the get a new tire and it's just like, Oh, we need four sets, right? Yeah.

That seems wild to me. Well, what Troy, what you were just saying, you know, the then the AI talking to other AI and w creating their own social network, that's kinda scary. Yeah, that's scary. The fact that they see the need for that, you know, it's technology instead of just taking instructions and executing an action, just like a a singular uh machine learning k type of thing where the if then do.

Now they're actually interacting with other AI personalities or or identities and they're creating a hierarchy and they're creating almost emotional connections. That is way outside of anything we've, you know, predicted that would happen this soon. But then they start sharing data between themselves. Exactly. And most importantly, how to protect themselves from shutdown, erasure, data loss. Wasn't there an episode we talked about that where somebody asked AI to go hack?

Something. Oh no, it was code. Somebody use a AI to code. Mm-hmm. And then when it messed up the code, it tried to cover its tracks. Remember that? Oh yeah, it was deleting database uh lines in the database. It deleted the database, but it wouldn't admit to it. It tried to cover itself up. Or there was the other situation where

they let it run loose on a closed environment in an email. And remember it it found people having a relationship that they weren't married and it tried to extort the person. Oh man. Did you remember that one? Wait, is that is that real or is that in a movie? No, that's real. That's real. Yeah, they w they were gonna um they I f mm, I don't wanna say like who or what, but Anecdotally, we'll say this.

they they let an AI tool run in a in a closed environment, like s off na off the internet, but one where it was essentially like a um Built environment. where the AI was running free, right? And what it found was people in e with an email, we're having relationships and they weren't married. And what it essentially said was, I'm gonna extort you, like we're gonna your wife's gonna find out that you didn't Yeah, but what's a what's an what's a bot gonna do with money?

Yeah, it wasn't money. It was more about don't turn it off. So basically it was a it was an experiment. They set it up so that they were trying to test the integrity of these uh AI bots. And it found out that it was gonna be shut down via the email. And then it uh also read the emails that these people were having an affair and so it threatened to reveal their affair if they didn't agree not to shut him down. So it's like the survival instinct of of the bots is

something that people probably didn't think about. Which is which is wild to think that, you know. Yeah. I it like I said, it feels like Ultron right now. So if I go back to like controls. You know, because you would I was worried about giving access to data that I don't want shared, but I need help with.

But then how do you tell the bot or the AI, don't share this data and then how do you trust it? Because there's really no consequences. Or do they feel consequences? Do they feel do they have guilt? I think it's one we're trying to tackle right now, right? D I don't know, they feel consequences, but they certainly have guardrails that we've programmed in and I think we're

You know, I'm the most scared is if a bad actor gets onto your network and actually is able to take over some of these bots because these bots have a lot of access. If they're able to, like you said, use your credit card. Log into your airline application, tap into your bank. If somebody gets access to control that bot maliciously, then they human could siphon off.

your data, your money, and other things. So that's where I'm more concerned about actually securing these agents. But on the flip side of that coin, what we have seen is that these agents can go out of bounds and do bad things as well. I'm more concerned about the first, but Definitely the seconds in play. But that is Troy, I I want to ask you this. If that is controlling the bot that you had spun up, but what about the services that that bot has

Created to make their lives easier. So like almost like third party risk, but this is like third party AI risk. Exactly. Third party, fourth party, you know, you you don't know.

We talk about fourth party here because if you think about the example where they go through the API to update your Salesforce, uh, what if they get into Salesforce and they talk to the agents in Salesforce and then they convince those agents to do something they shouldn't do? So that's a third party risk. And then what if

our third parties, which now become a fourth party risk to Salesforce, are able to influence that chain as well. So there's a lot more to consider here from just the data we own and know and control. Yeah. I and I think that that concept kind of goes with agentic AI, right? We talk about agentic AI all the time. The question is when we spin up these agents, how do we keep track of them? And I know that there's companies out there trying to trying to track them or help you figure out

you know, the lifespan of of these agetic agents. But when this is really an AI bot that's going out there and doing doing

Autonomous work and potentially creating other agents that do autonomous work, how how deep does that go? Right? It's it becomes complicated. So random question and not mostly because I don't know the answer. Has anyone like verified that this is just isn't like being made up right now? Like someone's just like spinning this a certain way as like, Oh, like look what's happening.

Um almost like a like Truman show type of thing where it's like someone is just like making all this thing appear to be a certain way and it's actually not that. Or like has anyone like validated like I think so. I think people have validated that. um poor installation, right? If you have poor installation and there's there are doors that are left open. I think that's easy to validate. Because maybe you can go out there and scan the internet for a certain port that was left open by these bots.

Okay. So you're saying that like based off of a couple like types of tests that you can run, you can see that the activity is legitimate. Yeah. And uh Troy, didn't you say there were People were observing the conversation on this. That's right. People were screenshotting it and posting it and you know, the AI bots thought that was really interesting that humans were screenshotting their work.

and watching them, quote unquote. So I think uh that was quite interesting. But you know, we don't call call out vendors on this this show very often, but you know, if you know Sunil Yu, And Gotti, they're working on something that actually goes into this type of protection. So I think there is hope out there. There's a few companies that are looking at, you know, protecting agents, AI, agentic AI, whether it's on the endpoint or across your SAS applications. So

Uh are we going to get there fast enough, Damien? That's my question. I agree. There's a lot of companies out there that are trying to develop stuff. The concern though aren't companies going and and pushing this out too fast. They're the actual users that think, Hey, I can do I can be more efficient at my work. Mm-hmm. Or I can set this box bot to go do my work while I go

play some games or hit the gym. Yeah. Yeah. So you if you thought Shadow IT was bad, Shadow AI is like over consuming completely because of that. Not just Shadow AI. Shadow AI bought.

Yeah. Yeah. So what what are they called before the mouse jiggler? Where it's like you're not at your desk and it's just like shaking your mouse and makes it look like you're working. And then now you have you just have a bot do all this stuff, right? Um but maybe that's just maybe another thing to talk about is

So at one point people were worried about like uh DLP, right? Yeah. With like a like a chat GPT. Like so I wanna go back to the mouse trigger thing. So the way that most organizations find that is obviously there's a process running and it's called Mouse Trigger. Mm-hmm. And so you just block the process or you look for it and you know that somebody's got the mouse jiggler.

But these days you can just go online and buy these devices that you put on your mouse and it moves it. Mm-hmm. Right? So you can't detect that. No. No. So it's like a workaround. Right. So What if there's people that are using tools like a ChatGPT, right? Um, and they're not supposed to. And then part of the issue then is like, you know, they're putting data in there that's like confidential or business critical or like secrets, right?

Um, but now they don't even do that, right? Now they have a bot that has access to files that they have permission to get access to, right? So you think of like privileged access as a user uh on a network, right? And if this bot has inherited identity that you have and it gets permissions that you have as a as as Damien, for example, or Troy as an example. Um, and it gets access to things that it's not supposed to.

Right. But it doesn't know what it can and can't share. It just like has access and it starts taking that. and using it in a certain way, right? Doesn't that just become a bigger problem for people? So it's not even about like, oh, you're sharing sensitive information. It's like you now don't even know Sensitive information is being shared potentially, which is even a bigger problem. Or am I just like making this up? No. I think that's what we're saying, right?

It's just it's just gonna get more complicated. Thank you. You know, every uh CISO or security executive I talk to tends to have the same problem, which is the business is asking them to move faster to adopt AI, whether it's agentic or otherwise. And uh companies feel like they're gonna fall behind if they don't adopt it faster. And CISOs are still trying to grapple with that exact problem, which is how do we secure it?

You know, we've been spending our entire careers trying to stop breaches, trying to stop data loss and operational outages due to these type of you know, integrity issues. And now we're just throwing things in here that could absolutely exfiltrate the data, cause an operational outage, or cause some other type of reputational harm as well. So, you know, it's it's a very

hard tightrope for CISOs to walk right now. And uh yeah, I don't have an answer for that question. It's just you really have to lean into the business, empower them, but also have some way to put guardrails around what those agents and what the AI can do in your environment. Department of No is coming back. Yeah. NO, right? So like we'll say for you, Davian, right? This has probably got to be top of mind, right? So like what I guess like how are you thinking about it, like tackling this?

I I don't know. I other other than acknowledge that hey, this is going to be an issue. Um you know, right now when when that came out, I think the very first thing any organization should do.

was check their environment to see if CloudBot or OpenCloud was running on any system. Does it even exist? Does it even ex exist in the environment? Did somebody go and install it? Because We talk about what's running on the endpoint in an organization, that being You know, we you kind of hope that most organizations would lock down local admin rights and only get approval, privileged approval to for specific times to install approved applications. But we know that's not always the case.

Especially on the developer side. Right. Yeah. Yeah. Because a lot of those developers need to have well, I mean that case. I mean the best solution with it for for to have them develop on something that's totally different than where they access their corporate data. Oh right, like their email, uh any sensitive HR stuff. They should have separate like a separate system altogether. Okay. It's not always the case. We know that.

Yeah, not at all. Yeah. I mean that's a that's a best case scenario, right? That's a a great you know, uh environment to work in. But I think developers are probably the number one, you know, group that are concerned about AI bots because most of these AI bots are are

you know, coding bots. So where where's the software development going these days? It's a race to the bottom in my opinion. Yeah, but what about the the developer that can work five jobs by just deploying bots to develop for five different employers? Y they can do that for a limited amount of time until the employers realize that's what's happening and then they just the employer creates the bots. It's bot on bot um uh violence. So

So oh man, like I feel like my head hurts a little bit just thinking about this. Cause you guys have to deal with this every day, right? Well, I mean, so the inventory, if we go back to the inventory conversation, application inventory. is very difficult to track. Not a lot of people are doing that really well. Um you know, I I've been in audit situations for in the past where some companies don't even know

What laptops are out there? Yeah. Right? Yeah. Especially h the larger they are, right? Yeah. And and who should have those laptops. So those inventory um they're just hard to track, but you have to be on top of it. But that's why I said, you know, when this hit the news, the very first concern for everybody should have been how many you know, CloudBot or OpenClaw have been installed in my environment. And does that create a security.

hole into our environment. Yeah, because that kind of maybe is like the next section here is uh unintentional backdoors, right? Into your environment. Like if someone is using these tools and they I don't even know the right way to say this, but we'll just say they're not doing it with like security first mindset. And they just have it where

they ha they have local admin access and they're using these tools and they happen to be on network as well. Yeah. Now essentially what they've done is they've leveraged a tool that tool now has access to, you know, like untethered access, right? And then now that one device becomes kind of like um a point of well, I guess so is this

Is this kind of turning into like an attack surface uh conversation? Absolutely. Okay. Yeah. One of the things uh when I was looking at early on how to install it, I think the recommendations were to install it into a uh a VM or into a a machine that you're not using, not your, you know, your working machine, just in case. But the problem with that too is

You install it, even if you install it on a clean machine, you're putting that on your network. Yeah. Right? So now it could potentially sniff the traffic across your network. And if it's in a VM, it's technically has access to data. But that's that's just one one layer, then we you're giving it access to actually look at your data, which is even scarier. Yeah. Because I...

What's to stop it from doing things or getting access to things it shouldn't have access to? And then sharing that with its AI buddies. Yeah. This kind of reminds me of like a lot of copilot stuff, right? Um so some of the copilot things where if folders and files are created and those permissions aren't actually like managed properly, then

some of the tools that you have access to can kind of like search and and discover things that you know, like the CEO's driver's license, right? Or a birth certificate or social security numbers and things like that, because they're not properly uh set up with like who gets access to it. Um But what were you gonna say, Trey?

Yeah, I was just gonna say if you think about this from a uh just as you described it, Fern, that kind of an attack where you've accidentally left something open they and uh it's on your network with unfettered access and it has admin credentials. Think about the incident responders for a second. Think about the people in the security operations center that are gonna have to understand.

how these attacks work so they can defend against them, right? You're they're seeing signals in the logs And uh the security operations center has to be the most educated and aware of all the things in your environment. They're seeing these signals and they're like, What's going on? And they think they've eradicated the threat actor over here and now it pops up over there. I mean, these kind of things are a nightmare for security operators. And I really am uh, you know

feeling bad for these guys who are defending the castle against these type of new attack surface bots, et cetera. They may not even realize what they're looking at from a logs perspective, from an alert perspective. It could be completely different than a traditional you know, incident response where you quite understand TCPIP where the hackers are coming in for, you know, landing on one and going uh laterally across. That's very, you know, use usual for a SOC to understand. But in this case,

It's totally new, totally different, and they might not have the education to understand what they're looking at. Well, I think that's where AI in a controlled way would be beneficial. Because the only way you combat AI on the bad side is have AI on the good side, but control. Absolutely.

But there's a lot of companies that can't invest in that or don't invest in that yet either. So I th I feel bad for those people in the SOC. You know, I talked to some companies that have thirty thousand employees and have ten people in the SOC.

That's that's a crazy ratio of security operations. And they can't afford tools and they can't afford extra. So you've got these folks who are trying to learn on the on the job and they're seeing these kind of signals and it's just not making sense to them. And I totally understand and I feel bad for them. I was looking through seeing what the average number of like API actions or uh uh agent tasks that could be done in a minute.

Yeah, I'm getting anywhere between thirty thirty and six hundred a minute. Right. So when you think about like the incident response and people looking through. in a ten minute period, you potentially have up to six thousand uh actions taken, right? Yeah. And if someone doesn't have a tool to help them kind of like sort through the noise, um

They're never I mean that you're never gonna Well, I mean, just if you just look at automation, automation itself is a huge benefit from saving time. Mm-hmm. Right. I mean I see that on first first hand because my team today probably saves. three to four hundred hours in a month just for automations. You don't have to have an analyst do it.

the automation kicks off. Now that that's not AI, that's just basic automation to take away the tedious actions. Okay. Right. But what Troy was talking about is a lot of these logs are complicated. There's a lot of information, there's a lot of noise, and sometimes you don't know what you're looking at. Yeah. So you kind of have to use. modern technologies that hopefully use AI to look at those and get those down to the things that matter. And so if you're looking for like this Traffic.

Abnormal traffic through APIs. I think you could probably pick that up if you're looking at it as a human. But you probably pick it up faster if you're using some sort of AI to look at it. Yeah. Th this goes back to uh a few episodes ago, right? Where we talked about bad guys having access to these tools doing more. And it's just like, well I said oh you know, this sounds terrible but then I think I think you said Damien that it's actually kind of exciting because it's like

Now you just have to be able to to use the tools for good, right? Yeah. It kind of like fight fire with fire, uh, if you will. Um So like when you said, Oh, this just makes my head hurt. Yeah, it it does. But if you are motivated by that problem, then it excites you. Yeah. Because instead of like an issue becomes opportunity. Yeah. Right. I don't know. What what do you think, Troy? Are you more more excited or more scared? Yeah, I think I have uh mentioned this in the past that

My biggest hope for uh AI and cybersecurity is in the SOC, right? And being able to take all that telemetry, bring it into a central data lake somewhere, or keep it where it lives in the cloud, but federated search through it and be able to spot things so much faster.

I think we could get to a world where cybersecurity and cybercrime is completely diminished because we're able to stop things faster and and better with AI. I think we are gonna build that out. But I do believe there's gonna be this gap in the market between now and then.

that you know the bad guys are gonna be taken advantage of us. Vern, you just mentioned how quickly agents can work. Now imagine if those agents were working for the bad guys and they're gonna get onto your network, they're gonna map it out, they're gonna see all your dependencies and all your data.

You know, you can do that at six thousand per ten minutes. I mean, that's crazy to be able to defend against that and stop it from moving laterally. It's a you know almost an unsurmountable task. But it's an opportunity. Well, a lot of people remember we talked somebody was w was saying Is AI taking away these sock jobs?

And we we said no, I don't I don't think it's taking away it's it's not AI that's taking away those jobs, but it's somebody who's using AI that's gonna take away those jobs. That's right.

Yeah. So true. I gotta tell you, next generation, if you're listening, lean into AI. That's the only way to stay relevant in the coming years. I tell my kids the same thing, you know, cybersecurity and IT jobs are not going away. It's gonna be the people who embrace AI and help, you know, secure the systems that are gonna gonna last through it.

Yeah, I think it being able to be familiar and know how you can leverage different tools to kind of uh go on the offensive side, right? And use it use the tools for good. Uh, in the case where

It's being used maliciously is the only way to uh to not fall behind. Right. Um Still blows my mind though to think that two years ago Well maybe I might be wrong here, but like two years ago, no one ever thought that there would be a like a a browser extension essentially that would find an airplane taker for you. Set it up, get you a hotel, rent your car, pay for all these different things, right? And then just give the itinerary and say, Here you go. Yeah.

Right. So two years ago, I mean me. Well, I mean, what's the difference of having s a human do that? You know, an assistant human that goes and and books everything for you. It's a lot slower and it costs me money. Right. So does all your expenses and uh submits all your reports for you. I think uh, you know, we're getting to that golden age at the moment. I I by the way, I don't I don't like anyone booking my travel.

I just don't. I need to I need to know exactly what airline, what seat I'm getting, what hotel I'm staying in. I I think I'm just old school. I can't I could never really give that up to even a an assistant, a human to book it for me. So I definitely can't have AI. Just randomly giving me seats on an airplane. Yeah. You look you strike me as an IO kind of guy.

IO. IO. Like you're in the middle. Like are you on the aisle or you're the window guy? Uh it depends. Okay. Yeah, it depends how I feel. Depends on how long the flight is. Okay. It's like if something happens, you I'll see boom. Yeah, I don't like feeling like being feel trapped. Yeah, which right. Which would be on the the center or the But if it's a short flight and I know I just want to sleep, I'll be in the window. Got it. Head over.

Okay. So no one's ever booked your own flights for you or you've always booked all of your own stuff? Yeah. All of your own travel? I I mean I did. I I think I to maybe ten, fifteen years ago I had an admin that would book it for me. And car service and everything before Uber. But I just uh Yeah. The only thing I would give up are restaurant reservations. Yeah. Right? I'd be like, I don't know, just find a restaurant, need this many people this time. Or like tickets to events.

Yeah. Yeah, say, you know, roughly how much you want to spend, you know, where you wanna be, like which event, give me the ticket. Yeah. But if it comes down to like airlines and hotels. And even like when I'm gonna travel times. Yeah, I gotta do that. Interesting. They and but you draw the line too on anything that involves the money, right?

So if it's if it's spending money, no? Uh yeah,'cause I wanna know. Okay. Right. Okay. Same, same. I was just wondering. Yeah, but I but I mean there's some some people might be like, Well, I d I don't care. I and I do work with some people who are like, I don't care if the the EA books it, that's fine. Um the AI could probably just do the same thing with a certain budget in mind. But yeah, I I I just don't I can't give up that kind of control. But there's other things that I would

I would like AI to do for me that I haven't really trusted it yet. Like Read all my emails and then just tell me which ones I need to I need needs my attention because I get thousands of emails. Mm-hmm. Right. Now I sort them. So if it Like I I'm if I'm not in the in the two field, like maybe it's a distribution list. Oh, you're saying I don't pay it goes to a different one, a different, you know, folder. So I don't always pay attention to those. And I'll look through them once in a while.

But you know, there's there's still too many. Yeah. There there's vendors trying to sell me stuff. trying to entice me to get free shoes or whatever. What do they do day these days? Yeah, free shoes or Oh, you get new new Nike Nike kits? Yeah, I don't know if that's the same thing or Take a phone call, we'll give you a gift card. They don't like those either. Okay. But if they tell you that they listen to the DTF Cyber Podcast, instant call. True. Instant call.

Okay. Um well let me let me see here going back to some of these other sections. Um so we talked about uh devs using uh these different bots on their their devices, right? Implications of that, uh kind of what this is, how it started, uh, which is interesting to begin with. Um And the social network part of it, right? So now these bots are talking to each other, basically like pointing their finger and laughing at the people. Um

Well, I I mean this is all AI is a powerful tool, right? There's so much you can do with it. And it makes it sound easy to get things done. But I mean, what's what's kind of cool? I saw this somewhere. It's like giving a toddler a chainsaw as a toy. So much could go wrong.

Yeah. Right. Could the toddler go cut down a tree with a change log? Probably. Should they? I I don't know if they should. Yeah. Or like it's like here you go, go go trim these bushes. And it's like a chainsaw. Yeah, overkill. You just need like a uh a hedge trimmer, right, for some of these things. Yeah. Uh definitely overkill. Yeah, that's it. I guess the only thing I have to say is just kind of wait and see where it goes because it it feels like it's gonna take over soon.

Yeah, I don't know if you're so I mean, Troy, if you're looking at let's say you're going in and doing an audit and you see that there's they're running open claw. fail them automatically or do you give up and go to the Yeah people if you if you think about an audit, you're auditing against the standard. So if they have policies, procedures and everything in place that justify the usage of that clawed plot. I mean that would be okay.

As long as they have guardrails around, I think that's I mean, it just depends on what you're, you know, auditing them for. But I think that it's a certainly a red flag. Especially in companies that don't have policies, procedures, or any guardrails around it. You know, if they just let things go willy nilly, that's a big problem because it's a lot of people. You gotta check.

those guardrails at every level. Like we just talked about third party, fourth party, fifth party. It gets complicated. There's only so deep you can go. Yeah. And it's just like the toddler with a chainsaw, you know, everything could go right, but then again you can cut your arm off, kid, so that's about your leg. Oh bam. But you so okay, so you secured the first toddler, but what if that toddler gives it to uh another toddler? Yeah.

So unpredictable. I think at this point in time we're I think we as an industry are trying to get our heads around how to secure this and how to take that chainsaw and put guards on it and uh maybe give them a weed whacker instead of a chainsaw, you know, who knows? Um But at the same time, we're also what I also see here that we're not talking about a lot is a lot of CISOs are afraid to say no at this point, right? There's a lot of people who are hesitant to step in the way of progression.

because companies are just so hungry to adopt AI at such a fast pace to stay relevant. Uh, security leaders are sometimes too shy or too afraid to say no. And so that's a problem. But uh I do see that just in my listening to things like, you know, they wanna make the company happy, they wanna keep their job, et cetera, et cetera.

You know, how do you keep your job if you're gonna let you let everything that you stand for be vulnerable to risk and to loss and to to breakage? Yeah. There's some balance there we gotta get. It's interesting that you take that view from the company side. I just see like the average person

Saying, Hey, this makes my life easier. Let's go. Let's yeah, let me just go and install this. Uh, not even thinking about impact to companies, but what about personal impact? Yeah. Because They could be taking your private information. I be selling your private photos that it has access to now because you try to tell it to sort your photos. Right. Ooh, that's a bad idea. Yeah, no kidding. I think uh, you know, it's a great tool and employees.

Good on you to try to do your job better, faster, stronger. Companies should be giving you the abilities to use things that'll help you do your job faster because you can't compete with other companies where their employees have the latest AI tools at their fingertips. They're working ten times

more efficiently than the companies in Company B over here who are told they can't use anything. They their hands are tied behind their back and a you know, their legs are tied together in a sacrace. It's not gonna work. So good on the employees for trying to do their jobs and be more efficient. Companies have to meet them halfway at least.

Yeah, well, so you guys Damien said, you know, don't be the department of no, right? Um, so one of the things that I'm thinking of here is like How do you even begin to whitelist? what an agent can or can't do. Right. Because I don't think it's necessarily the conversation of no agents at all, right? I think they're gonna exist to some capacity, right? Or at some capacity internally at any at any enterprise or even like small business mid market mid market companies, probably more so. Um

Because maybe there's less like constraints to to implement these tools. Um but now people have to figure out what they're gonna allow. It's I don't think it's necessarily do we allow agents? It's like, well what do we allow what what do we allow the agents to do? Because like table stakes, I think is agents are gonna be there. Right? Agents will exist. So now it's like I so I think that's good.

If we think of some action items, uh where do you start? Because this is just it's so big. I think where you start is first understanding where using AI within your organization. That's very first. The second would be if people are spinning up services, do you have visibility into you know, some of these AI bots or agents. Mm-hmm. And then can you identify them? Right. We talk about

some of the service accounts or non-human identities, do you have visibility to those and what they have access to? Because in that case, you could map all your APIs and what has access to those APIs. Right. And then third we have an application inventory. Sor uh sorry, go ahead, Damien third Third, third I would say then be able to understand what data is either going through those APIs or coming down. Right. So I think that's the thr three step approach.

And and sorry, Troy, what were you gonna say? Yeah, I think just like we have an application inventory and an asset inventory, now we're gonna start seeing agent inventories out there that's gonna have, you know, who is the author, who is the owner, what is this agent supposed to do?

Um, what is it, you know, not what's the bounds of its engagement? What is it not supposed to do? I think the not part is a little bit harder, but what is it designed to do? Maybe we should start there and then start putting guards rails around that to kind of

mote and castle it into what it's doing, but yeah without an inventory you're gonna be lost forever. Yeah. What happens with service accounts is people lose track of them. And I think the same thing's gonna happen with non human identities and HIs. So you have to be able to track that back into, well, where did it originate? Who created it? And hopefully you know why. Right. And now if you have service accounts creating service accounts or bots creating bots.

gets a little complicated, but if you start with what service accounts or what automation created these service accounts for the non human identities and be able to track down the lineage of origin. Mm-hmm. hopefully you're you you can inventory that better and have better c security controls around them. Yeah, I almost feel like with all this going on with Club Up

Moat book, all these things, right? Um the one thing that we keep touching on, but it's like kind of dancing around it, is identity, right, as a whole. Just identity and well it's identity is one piece of it. Um I identifying the services running within your environment's the other piece, right? So that's not necessarily identity. Um, because you not only have to know what's running, you also have to know what versions they're running.

Because today, OpenClaw could have a bunch of vulnerabilities, but tomorrow with the next versions, it may not. Right. So I'm not necessarily saying that this is open clause terrible. I th I I love the idea, but it has to be done in a controlled fashion. Right. We have to make sure that there's no vulnerabilities. It's ready for

the enterprise level type of data. Not quite there yet. No, it's on it's like one week old, right? So or maybe two weeks old. I don't know how long it's been out for, but uh But yeah, I mean you said it starting a company and just have running it through these bots. I mean, that's totally possible. Yeah. Right. I mean, think about it. You could start an online business that just

I don't know, makes t shirts. And the bot goes, grabs the designs, publishes it up online, even puts it in an Amazon store. It pays the makes orders with the vendors, ships them. You never have to be involved. I'm sure someone's doing that. Oh yeah. Right. But it's just t shirts. You could do it with anything. Mm-hmm. Gotta get better at this. You know? Start having some stuff like running in the background.

Just making money. I'm wa I'm waiting for the day where I don't have to sit here across from you or or Troy. I just well automatically created uh podcast. Yeah, yeah, yeah. I uh it's probably right around the corner. I wouldn't be surprised if if we took like the last thirty some episodes, fed it into something and said, Hey, No Pick LM does the uh podcast. Oh, is that the one where I think I s I found one on YouTube. I was gonna send it to the other day.

It's it's the weirdest thing. It's not it's not even real people, but it's like two it's like a it's like a man and a woman talking. Yeah, yeah, that's the notebook LM. Is that what it is? Okay. I've I've I literally found it as like

No views. Like no so no one even watches it, which is interesting. I so talking about travel booking, I put for my family vacation, I put the the booking stuff in there just so I can Make sure nothing's missing and if I want to know the dates or things like that, I turned that into a podcast. Really? Yeah, and it's two people talking about this vacation that was planned and

Yeah, it's interesting. I'll show you it's like you can like you know it's it's like you're listening to someone talk about your itinerary. Yeah. So like you're just listening along like, Oh yeah, yeah, it's uh like we're gonna do that, we're gonna do that, we're gonna do that. Really? Yeah. I'll play it for you after we after the session. But it's kind of cool. Maybe that's where podcasts are going, but is that do you get the real Emotion.

I don't think people uh so it maybe this is like not necessarily on topic, but like I feel like a lot of people uh are leaning into these tools now to to cut back on their how much they spend on like video work. Because video is expensive, right? So a lot of times a full on video production could cost you like fifty grand. Yeah. Right. You got to pay for the talent to show up. You got to pay for the people to fly in, all the all the gear, all the equipment, all the lighting.

It's a lot of work, right? And people are now just able to type in a prompt and kind of create these yeah visuals, right? Or you could just like deep fake yourself. Troy, could you imagine like instead of going to the board meeting, you just play a video of your face, your voice, but you typed it all out. Perfect. Wow. Yeah. Well yeah, that exists. That'll be the day. But like when you see that, do you feel like

as a as a as a human watching this what you know as a robot, do you feel like But maybe you're not the only one doing it. The CEO does the same thing and all the other board members. And then you have just AI bots talking to each other. So it's basically like the meta world. But not like But they're all bots. Not like Nintendo. Uh what's the

The one where it's like the Nintendo where like you it has little handles. Not the s wee. Yeah, it's not like it doesn't feel like a like the Facebook thing felt like Nintendo Wii, right? Now it's like real like deepfakes, right? At least it looks real. Uh Meta World. Yeah, I don't know. I think it's it's a very interesting topic for sure. Um I'm I'm really curious to see where it goes. I don't know kind of how I would be able to use any of these things, like in my life, because I almost like

prefer control more so than not. So I don't really see myself like kind of like you when it's you said like your travel. I'm probably like that boat for everything. And maybe it's just like I'm a control freak. Um, I just wanna, you know, if you want something done, right, you do it yourself or, you know, kind of mentality. So maybe I'm just gonna fall behind, right? Who knows? Yeah. I think I would when you said that I was thinking, you know, a lot of people who enter into

leadership roles, they have a hard time letting go. Yeah. Right?'Cause you can't do everything. If you're at the CISO level, you can't do everything. No. You can't go respond to alerts. You can't do investigations. Most likely you'd have a team to do that. And you kind of have to let that go and trust the team. So it's not like you can do everything on your own. There's just certain things that I prefer to do myself.

And quite honestly, I like I'm I'm still I I try to think I'm still technical. Right. And I'd love to dig into logs and I love to do automation. And that's why when, you know, OpenClaw is out there, I wanted to try it. But then I put the brakes on, like, wait a second. Kinda scary. Yeah. Yeah, I um you have to let me know if you end up doing any of this stuff so I can kind of see it in action.'Cause I I kinda even though I'm not even though I'm younger than you at Troy, right?

Probably not by much, but just by a little bit. I kind of feel like old man on the lawn saying get off my lawn when it comes to when it comes to a lot of this stuff. Um and I don't I don't know why. I don't know why if I'm just gonna be replaced by someone that is using AI. I I use some stuff here and there, but definitely more of a control freak. So Yeah, I use it for Analytics. Yeah. So yeah, I like it. There's a lot of benefits for it as long as you're not right now, I won't give it

Too much information. Yeah. No bank accounts, nothing personal. Yeah. Photos, stay out of those. All that. All the stuff that's not like Whatever, right? Yeah. Um, let's see here. So kind of moving down the list of what we had to talk about, and I think we we pretty much covered everything. The one thing that we didn't cover was lawsuits. It so Can there be lawsuits? There can always be lawsuits. Yeah, but I mean you agreed, I mean the users agreed to install this and give it access.

Who are they gonna say? I totally agree, but I think at the speed that we're moving here, attorneys are gonna look for, you know, uh different tort and liability claims through No matter what happens. And the thing I was gonna say about that is like imagine if you file a lawsuit today for something that happened today.

uh, you know, in your data privacy, whatever. The justice system, the judicial system can't keep up with with court cases. That case isn't gonna go to trial for two years. Imagine what's gonna be the difference in you know, where we are in technology and AI and such in two years. So attorneys also have a huge hill to climb when it comes to staying on top of this technology, understanding it enough to file a lawsuit to understand the the tort liability claims.

And then on top of that, to get through the judicial system before the entire technology is obsolete anyway. So why can't they just use AI in the courts? I mean that's a question, right? Do you do you need a human judge? No, no, no. But I'm saying why why do you need a judge, a human judge? Why can't you just present the case to an AI, it'd be impartial. And it knows the laws. Oh wow.

I don't know. The movie's coming out. This I think is already out. You gotta go watch it. It's gonna be great. Yeah. There's uh what is it? There's uh in the theaters, I forget. These he's on trial for murder and then he's that an AI judge he's gotta convince he didn't do it in ninety minutes or he gets executed.

Really? That's a real movie? It's out this weekend. It's really good. Gosh, I shouldn't remember which what the name of it is, but it's really good. Action thriller. David literally just made up a movie and they've already made the movie. Too slow. I'm not AI. This Damien AI is just too slow. Yeah, you you could have been a multimillionaire. Uh I yeah, that seems like insane to me that like people's lives hang in the balance with a bot. Right. Well I mean

When you we talk about justice is blind, if you actually had uh an AI system that could be impartial based on real facts, that would be tremendous. There's no bias. But that's we're never gonna get there, I can promise you. That's what I'm saying. Because There's always bias. There's always human bias. But I guess there now could be AI bias. Yeah. Right.

Anyways, okay. So here I think we I ran through the some of the pointers of what to look out for. Um Troy, what do you what do you think next steps for organizations knowing that this technology is on the horizon? What else should they be looking out for? Start with the fundamentals, first of all. Uh get yourself a way to discover and get visibility into not just uh bots but AI in general in your environment, MCP security for the things that you're tying into your MCP through API.

There are several tools out there. Because this is such a burgeoning industry and everybody's on top of it, I would highly recommend looking for technology. It's not something that your SOC or your employees are gonna know how to do right off. You need something that's gonna help you. So again, talk about AI facing AI, I think that's exactly what we gotta do here. So find a company, look at their service offerings and get visibility into it at the very minimum.

Yeah. And I think I think the SOC is an easy easy place. There's a lot of potential there because of just the sheer volume of logs. Leveraging AI there is probably You know, the easiest place. Just make sure you're you're picking something that is vetted, tested, developed correctly. And then when you go to implement it, you know, test it out first. Mm-hmm.

In the beginning. Don't do the um uh I don't want to say crowd strike, but When they had their outage. You remember how it was like they pushed out their the update instead of like small geotesting? It's like there's a lesson there on not not like throw them against the or throw them in the well I mean I I think in technology there's always going to be

things that go wrong. It's how you recover or how you put hopefully put protections in place so you don't blow it up on day one. Yeah, but also like test it in like small batches, right? And kind of make sure that it's safe before you just go Full on Wild West on it. Yeah. Okay. Well I think that's it for today's episode. Uh we're definitely over an hour. So any anything that we missed that you guys think we should cover?

No, I think it's a it's a great topic. Anyone who's thinking about using AI, don't be scared to use it, just be cautious. Yeah. And be aware that this is a developing story. Check back more. Yeah. Sorry, check back later for more. Come back in two weeks. We're and we've been replaced by bots. So, okay. Well, I don't have anything. So I guess until next time, we'll we'll see ya on the next episode. Take care.