Jeff Moncrief
Field CTO
Sonrai Security
Killchain killer for 25 years
Expert Speaker
What You’ll See in This Live Session
Agent creation scenarios, resulting IAM issues, and implementing guardrails for safe AI use
1
A real-world scenario where this starts
______________
Starting with a real world scenario of a vibe-coded agent that gets overpermissioned without a developer knowing
2
Why traditional RBAC isn’t working for agents
______________
Governance meant for defined ‘human’ or ‘machine’ users is not keeping up with the speed of agents, nor is it designed to thwart their ability to doggedly get permissions they need, acting as a de facto attacker.
3
Cloud native tools to build guardrails
______________
IAM tools available from AWS, GCP, and Azure today that help set basic guardrails for agentic work
4
Automated guardrail management and further protections
______________
Security tooling that manages IAM in a ‘Default Deny’ state for agents instead of just policy-specific RBAC protections.
See our latest research
New to Sonrai? Check out our latest video on bypassing AWS SCPs in Amazon Bedrock
Register now
Get exclusive SCP templating and policy generation strategies to harden your environment for Agentic work