Building Secure Backend Services with AI Agents

Learn to build secure backend services using AI agents through this 11-minute conference talk that addresses critical security challenges and practical implementation strategies. Discover why security teams are both excited and terrified about AI agents through real-world examples, including a cautionary tale about an agent that nearly rewrote an entire machine. Debunk three major myths about AI agent security: the belief that prompting alone can make agents safe, that AI will replace human security review, and that implementing secure AI systems is too complex to start. Explore essential security practices including building locked-down agent playgrounds for containment, implementing LLM councils for multi-layered review processes, and designing end-to-end workflows that incorporate brainstorming, planning, execution, and council review phases. Master failure assumption strategies through comprehensive audit trails, session logging, and agent behavior debugging techniques. Follow a practical approach to scaling secure AI implementations safely, starting small and building up systematically. Apply a comprehensive security checklist covering secret management, human-in-the-loop processes, and cross-validation techniques to ensure robust AI agent deployments in production environments.

Syllabus

Secure Services with AI Agents: Why Security Teams Are Excited and Terrified
The “Helpful” Agent That Almost Rewrote My Machine
Myth #1: You Can Prompt an Agent Into Being Safe
Contain the Body: Build a Locked-Down Agent Playground
Myth #2: AI Will Replace Security Review Meet the LLM Council
End-to-End Feature Workflow: Brainstorm → Plan → Execute → Council Review
Assume Failure: Audit Trails, Session Logs, and Debugging Agent Behavior
Myth #3: This Is Too Hard—Start Small and Scale Up Safely
Practical Checklist & Final Takeaways No Secrets, Human-in-the-Loop, Cross-Validate
Closing: Don’t Fear the Great Escape + Thanks & Contact