Search Login
Sign In Sign Up for Free

Interactive Product Tour

interactive tour Start a Tour Get a Demo

Interactive Product Tour

interactive tour Start a Tour Get a Demo
New research session

Default Deny: Hardening Your Cloud for Agentic AI

AI agents are relentless. Unlike human developers, an agent can test thousands of permission paths in seconds, turning an innocent request for a “quick proof of concept” into a major security event. In this live session, we demonstrate how developers using agentic AI to solve real-world problems can inadvertently trigger the creation of unauthorized roles and access points.

Jeff Moncrief, Field CTO @ Sonrai, walks through a live AWS environment to show how a developer can introduce overprivilege by using an agent for a benign task that requires it to gather additional privileges. He’ll walk through why existing RBAC isn’t catching this problem, available guardrails in cloud native IAM toolkits, and how Cloud Permissions Firewall acts as a final defensive layer. You will see how automated “Default Deny” policies block agents from creating new identities or ingress points, ensuring your team can innovate at machine speed without leaving the internal doors of your cloud unlocked.

Date
Mar 18, 2026
Time
1:00 PM ET
Duration
40 Minutes

Meet Your Speaker

Jeff Moncrief

Jeff Moncrief

Field CTO

Sonrai Security

Killchain killer for 25 years

Expert Speaker

Register now

  • Instant confirmation email
  • No spam, unsubscribe anytime

By registering, you agree to receive webinar updates and marketing emails. You can opt-out at any time.

What You’ll See in This Live Session

Agent creation scenarios, resulting IAM issues, and implementing guardrails for safe AI use

1

A real-world scenario where this starts

______________

Starting with a real world scenario of a vibe-coded agent that gets overpermissioned without a developer knowing

2

Why traditional RBAC isn’t working for agents

______________

Governance meant for defined ‘human’ or ‘machine’ users is not keeping up with the speed of agents, nor is it designed to thwart their ability to doggedly get permissions they need, acting as a de facto attacker.

3

Cloud native tools to build guardrails

______________

IAM tools available from AWS, GCP, and Azure today that help set basic guardrails for agentic work

4

Automated guardrail management and further protections

______________

Security tooling that manages IAM in a ‘Default Deny’ state for agents instead of just policy-specific RBAC protections.

See our latest research

New to Sonrai? Check out our latest video on bypassing AWS SPCs in Amazon Bedrock

Watch on Youtube

Register now

Get exclusive SCP templating and policy generation strategies to harden your environment for Agentic work

Register Now - It’s Free

Sonrai Main Logo

© 2026 Sonrai Security. All rights reserved

Privacy Policy  |  

Sonrai cloud security platform, products and services are covered by U.S. Patent Nos. 10,728,307, 11,134,085, and 12,218,982, together with other domestic and international patents pending. All rights reserved.