Luke: You’re listening to a new episode of The Brave Technologist and this one features Ora Shed is a co-founder and CEO of layer X security. Ora has over 15 years of cybersecurity experience as an ML developer and security and intelligence researcher and a cybersecurity analyst. His work has led to the arrest of at least 15 threat actors and the exposure of the largest browser hijacking operation in history with over 50 million browsers compromised.

He’s also written and spoken on topics of cybersecurity including at key conferences such as DEFCON and besides Las Vegas. In this episode, we discussed security risks that are unique to the browser, along with some simple habits you can adopt to reduce browser-based risk, how extensions like Grammarly, use browser APIs to learn from user interaction behind the scenes.

The rising costs of account takeovers and dangers of AI interactions intentionally creating a cybersecurity position and culture for your team, and a lot more about the new emerging threats around genic AI and the browser. And now for this week’s episode of The Brave Technologist,

[00:01:00] or welcome to the Brave Technologist. How are you doing today?

Or: I’m doing great, Luke. Thank you for having me.

Luke: Yeah, thanks for joining. I always enjoy talking to someone that understands browser security and, security in general too. So it’s, been looking forward to this conversation.

And you know, I know you spent years kind of tracking cyber threats and help expose some massive attacks and attack surfaces and exploits and things like that. Like what kind of originally pulled you into cybersecurity and into starting your own company in the space?

Or: So I’m working in cybersecurity for about 15 years now.

Doing primarily web security from every possible angle. I started my career in the tech sector in 2016, working for a couple of companies like Checkpoint and others. I was on the vendor side on the red team side, on the defender side, and the, what occurred to me all the time is that, you know, the main risks.

Exists where users are. That can kind of made me fascinated into starting my own company. So I felt there was a better paradigm around [00:02:00] securing where employees spend most of their time, especially as the human risk is growing over time.

Luke: I see. Like, and, and was there a, a specific void that you, you wanted to fill or, or a certain type of user you guys were gonna going after?

Initially Just, just super curious.

Or: So I, I always worked in web security, which is just something I enjoy professionally and you know, there are all kinds of problems in the world and you can love a problem because it’s a problem you enjoy dealing with or it’s a big problem. When I started working on web security, I really loved the problem because it was mostly aimed at the non-technical users.

Low hanging, hanging fruits. It’s really real life security. When I actually started working in web security 2020 13, 14, 15, everyone was talking about ransomware and malware was the biggest thing. But you know, I was looking at the trends. You use less and less files. More and more data is moving to the cloud.

And for me it was like really clear that, you know, whatever we deal with today, it’s kind of like, you know how to handle the risks of dinosaurs. It’s really about to go away. Where are we going to, [00:03:00] where we’re going to is a world in which identities are the, perimeter. And it changes a lot of things.

A lot of people in cybersecurity are really obsessed with how it changes the technology, the technological development. What I was focused on is the logical enhancements and progression because eventually logically the historic approach of putting some sort of a trench around a castle and trying to make everything inside secure was just shattered with every new wave in cybersecurity.

You had, you know, all kinds of method, methodological beefs between approaches. How do you secure the cloud? Do you use an antivirus for containers or do you find the best approach to do that? What I remember from the time I started working web security is that it, it was considered not interesting, like traditional malware.

I was going to conferences. And everyone was showing their best effort, you know, reverse engineering of, complex malware. But for me it was kind of, you know, funny because most money, data, and everything has been stolen on phishing identities. It’s on user to application interface. And at the time it [00:04:00] just nudged me and bugged me.

Later on when I worked in financial services. Like, I tried to do instant response about web attacks, and I just didn’t have enough good enough data. I just felt like kind of this imbalance that I, I just felt like I had to start a business in this space and run, you know, browsers, which is where employees spend most of their time.

And you know, now today it’s pretty easy and everyone understand it, but at the time it was not that clear. There is this a phrase by Ford? I don’t know if it was real, but it’s a good one, that no one was looking for a car. People who were looking for a faster horse. You know, there was some sort of a change that felt that there could be a better approach.

Eventually. Defenders, they don’t have unlimited resources. Like mentioned. Security is really complex. You really need to decide what are the things you put in your luggage when you pack towards, you know, vacation. Like what do you really take with you? Where do you put your main controls? Do you secure the device?

Do you focus on the identity? Like where do you put controls? It felt to me like there could be a more nimble and efficient process around securing the users and identities and placing [00:05:00] security where users are and kind of like changing the approach. And that was compelling for me as an opportunity because it just unlocks new things you can do.

Luke: That’s awesome. Yeah. relate to a lot of what you just said there. we see it like all over the place too in security and even in things like, crypto space and AI now and, and all of this, there’s a lot of like. Kind of tribal infighting over who has the best wrench, when really you need a, the, the problem is like, the person doesn’t even know how to use a hammer yet, or they’re using it the wrong way or whatever.

Andjust like you said, it’s meeting users where they are. I mean, you’ve argued in the past that the browser has become the most important interface for modern work. Something I have to agree with what kind of security risks emerge when so much work happens inside the browser?

Or: So let’s talk about the text themselves, the risks, and then the, the layers you stack on top of that. So what really, really happens in real life is things around identities and data. So phishing, cookie theft usage of malicious extensions to steal data from the browser, like AI conversations.

And other interactions trying to steal saml data. Basically [00:06:00] it’s kind of like mirroring or many in the middling user identity usage inside the browser. Then historically you had more attacks that are on low level, which is remote code, ex execution and exploits. That’s kind of like 20 years ago, When the browser was pretty much on the device and you were running code locally. That’s not really existing anymore. And we’re talking now, now about na, yet it’s not an evil link. There is, you know, there is no malicious code. There is a malicious usage of code, which is mostly tied to identity cookies credentials.

Now, with AI happening mostly in the browser, you have now another track, which is agent identities operating in the browser and trying to attack them with all kinds of prompt injections. So we do see a change now, which is a, like I would say. Since the addition of a sandbox to the browser that really changed fundamentally security we now see a different trend, which is more browsers, different configurations to each of them, different agents and AI controls to each of them.

So what is a browser is really, really changing significantly. However, going to basics, what is a browser is just an international adapt. [00:07:00] Between any user to any application, it’s a language everyone is speaking, so you have to be there. If you are a consumer or whether you are an application, you have to be there.

Different browsers come with different controls and features and delivery vehicles, but basically it’s the same. Being in the browser is pretty much being around the user. The change we now see is the another identity, an agent identity being added to the browser. Now, on top of that, you have additional layer.

A layer about, you know, configurations because different browsers have different configurations, also different identity controls. For example within Chrome you have personal identities and work identities with Firefox, you have an enterprise release, a consumer release. All there are all kinds of differences that they have some sort of an effect from a security defender standpoint, what are you trying to secure?

You’re definitely not securing the browser itself. I would say that the browser is nearly perfect. You’re securing the usage of the browser and the interaction over the browser. What companies do today, they can’t really use an endpoint security tool for that. Because [00:08:00] it’s really virtualized on the device.

You have no idea what’s happening. As an experiment, just open task manager and try to find what a certain extension is doing in the browser. You can’t, all of them are using the chrome the chrome process, so you can’t really associate that. So if I download a malicious extension, that’s a a, a cookie stealer, about seven and half percent of all extensions on the Chrome Web store have cookie permissions.

They can do one line of Kung fu code and get all your cookies, attribute them to all the different applications that’s, you know, that’s game over. And what is the a DR seeing Chrome reaches out to the cookie, to the cookie jar, which is the most benign thing in the world. So that’s doesn’t really work.

What most companies do is using something, something on the network level. Some sort of a proxy to try and see distinct HTTP packets. The changes that happened in web applications in the last couple of years or decade, make that really ineffective. You can’t really understand the context of an application from HTP.

Now let’s take that into ai. You have a million [00:09:00] different LMS and you know, a trillion different AI applications. Each of them has a different networking approach. All these applications are built on open sources that change and mute it consistently. So you cannot create an effective signature base security control.

To protect them, you need to find a more stable point to put that. So basically it’s like, it’s not even technology, it’s engineering. Like where can you put a spotlight that will have the most expandable, consistent effect from the user standpoint? An upload is an upload. A login is a login. On the network level, every login is different.

Every upload is different, can be pared to different packets. So just makes that a more effective place to put security. Now the last thing that change. Over the last decade. Historically, internet was a luxury. Some companies had an internet device, an internal device. Using the internet was, you know, just a nice thing you allow your employees to do.

And the browser was just a consumer tool. So what was the [00:10:00] approach? The internet is a dangerous, dangerous place. We just need to make sure that we put as much buffering from the user to the internet to keep the device secure. What changed is now your business is on the web, right? Like you don’t care, like you cannot block stuff.

But more than that, probably your device is more infected than the internet, right? Like it kind of, it reversed because now you don’t really know which device, which application you need. Now, secure data there is a nice scenario that happened a couple of months ago, which is there is an alleged case of a lawsuit against, eh, related to rippling. So rippling accused one of the other gig economy companies for placing an, a malicious insider inside of rippling. And that malicious insider was basically copying the data from. Application a pasting it to telegram, so the data actually doesn’t persist on the file system.

Any approach or every approach that you have about endpoint security assumes at some point it’s a file on the file system. You label it to do something with it. It doesn’t exist over there on the network level. How the hell can you correlate someone copying [00:11:00] data from Salesforce pasting into Telegram that has end-to-end encryption?

How do you attribute those two actions when you don’t really know that the data was copied? It happens at the last mile. So it’s, it’s kind of like a huge problem. It’s a huge problem. And then, you know, it goes to the question of like, can companies use brow security instead of other things or together with other things?

But once you get that. Brave is great. Firefox is great. Chrome is great. There are productivity tools. Each of them has different features for productivity. Now you have AI brows. They do come with all kinds of dangers. You know, the car is great. There is no car in the world that is secure enough against a drunk driver.

Right. That’s the point,

Luke: right?

Or: That you, you just put the guard rails around the user.

Luke: No, no, that’s a good point too. in general, do you think companies kind of underestimate the browsers and attack surface?

I’d really interested in your take on that.

Or: So let’s not call it a attack surface. It’s a risk surface because risk surface, this is where most of the AI interactions happen. So over the course of the last couple of years, we’ve seen a, a significant change in the way it’s being perceived and there is a strong demand and it’s [00:12:00] definitely happening like everyone is in this space now to some degree.

It wasn’t always like that. What created this awareness? Because for me it was always clear, but I’m a, a geeky, goofy guy. Right. For me, I was like, I think like a malicious insider. I know like I can just, you know, switch chat pity to my personal email and I can still date like this for any, any organization that’s easy.

It seemed to me, like for me, it was clear it doesn’t work that way from prioritization on the security side. For security teams risks is kind of like water to fish in the ocean. It’s not that impressive. It’s always there. So what changes the mind and what changes the actual risk is not the same thing.

Two things happened about that over the last couple of years. The first one is ai, and I’ll explain what I mean. Yeah. If I, you know, I’m a CO now. So I present my company. I talk to potential buyers or users. Why should they care about Lyx? Like before AI would get to them about conversations, how much of your SaaS I inventor don’t you control?

They don’t know. It’s not top of [00:13:00] mind when you don’t know, you don’t have some sort of a triggering event, a compelling event that makes you look into that. So they would say, I don’t know, maybe there is an application I don’t cover, but I feel like it’s 99% covered. Maybe you can take me another percent, but I don’t feel like it’s urgent.

When I talk to them today and I talk to them about, you know, are there any applications you don’t control? You say like, there are a million AI applications I don’t control. I have no idea what to do about them. And whenever I try to do something, my employees sign into them with their personal email.

There’s nothing I can do about that. Business wants AI for productivity. I am banned from banning them. So I don’t have the political capital to do that. The network security tools I checked and actually they don’t work. So there has been an awareness, and this awareness comes from AI being top of mind.

That’s one thing. Second thing which in a way kind of fascinates me as a defender. Is in Christmas 24, which is basically 15 months ago a couple of security vendors got compromised. One of them was Cyber Haven, which is an amazing, amazing DLP player. Cyber Haven uses an extension for [00:14:00] security.

For DLP, they host their extension on the Chrome Web store. When they do that, it means that everyone in the world has the same extension and their extension is managed by an admin account on the Chrome Store. So like, like any kind of kind of other application, they have an admin account tied to the Chrome store.

If you compromise this admin account. You now have access to their code, like any other application, they’ve used their support email to manage that. The support email was phished during Christmas. Someone replaced their extension with malware that steals cookies. And suddenly you had, it’s an amazing company.

You had hundreds of fortune thousand companies suddenly understanding, you know, oh crap. I have a cookie stiller on my, on my devices. Then when they started mitigating that, they found out it wasn’t the only malicious extension they had. So they never, never ever created an extension inventory. On their browsers, they never thought about what can go downhill by having a malicious extension.

From this moment on, we’ve seen a very significant change with regards to how to deal [00:15:00] with browser extensions. So the risk and the perception of risk are not the same thing before Cyber Haven. The perception is, I don’t know, it’s a file on the device. I’m sure my EDR can catch that. I don’t actually need to to check it.

I just believe it’s the case after the Cyber Haven breach. Suddenly people say, oh snap. I didn’t know that. My existing security controls don’t do anything about that. Apparently it’s fully virtualized. They can’t even see which process is doing what. Even though they are an EDR on the device, they can’t tell which extension is doing what.

And then I found out I have all kinds of malicious extensions. And the thing that grabs them by the guts is something that happens to some organizations, which is users that have multiple consistent account takeover. That they ask themselves. Oh my God, is these users, so, reckless, they just get into every phishing site.

Apparently they had a cookie stiller on their browser and they just never knew about that. Right? There is an effective risk factor that’s unaddressed and that’s now changing in the market. So we had two very strong events happening at the same time. [00:16:00] That are in, in one way different. One of them is user interaction, so we call them user do stupid on the web.

You do stupid on ai, you upload data where you shouldn’t, because most data exfiltration is not malicious. It’s, you know, people do stupid. You know, I even, even me, I do stupid from

Luke: time to time. Yeah. Just not top of mind for everybody. I mean, especially too, like, I think as these, as these tools become more sophisticated and they feel like the chat interface that these things have, it just feels way more you know, conversational at least what we’ve seen is people tend to kind of let their guard down a little bit.

Because it, it does, the conversation feels much more human to human than it previously had. So you’re not necessarily thinking about it in the cold way. You’re thinking about an email where you might be like, specific, taking time to look at the link and all that stuff. And the extension piece is a really interesting one too, because People had no idea, the degree of permission they give extensions to look at what you’re doing and access that information. But it’s also kind of like, you know, Google’s really good on the app store or not really good, but there, there are more controls on what gets in [00:17:00] and out of the app store.

But the extension. Like you said, someone could compromise the admin account and then all of a sudden boom. And, and people tend to forget that they have these extensions on their device too, on their browser, even if they’re not necessarily using it too.

So it’s a really interesting surface.

Or: Yeah. So we collaborate with Google on extension risk and, from what I can share and again, it’s my personal opinion, I think they’re doing a great work. It’s just a very complex environment. It’s changing very, very fast. You have new permissions. So now you know, people think about extension as some sort of a consumer tool, but every browser behind the scenes is using extensions.

You just cannot see them. So an extension on the browser is pretty much like a DLN on the device. So thinking about it from a technical standpoint. Think about, you know, an application. Should you write every application to the Cornell, to the, to the MBR? Like, no, you shouldn’t, you shouldn’t. Even if you run windows and your Microsoft, you should have one group doing Windows, one group doing, doing the Fender one group, doing office.

You shouldn’t mix them. It doesn’t work well. When you put all the technology in one layer in the stack, [00:18:00] you need to create obstruction that it adds safety to code. That’s basically what it is. So there are all kinds of APIs in the browser. They’re being used to make the user experience awesome. And for anyone hearing this a podcast and is a passionate, brave user, they enjoy them as well.

So every browser has behind the scenes extensions. They don’t, don’t expose them. These extensions, leverage APIs. These APIs are very useful for all kinds of things. Now, let’s take a very simple scenario. Let’s say use Grammarly. Grammarly helps you write better, and everyone loves and knows Grammarly.

And in order to do that, Grammarly hooks to the input fields you have on sites. Those input fields are being used by AI tools to process your generative AI conversations. So we give permissions. You cannot create a world in which there are no risky permissions, right? Like, you know, it is what it is.

Like ransomware, going back to that example, a lot of ransomware didn’t add their own encryption. They just leveraged. An existing safe and [00:19:00] commercial encryption mechanism that you know, again, there is no malicious code. There is malicious usage of code. I think something interesting about Google, Google is both chromium and chrome.

They are really, really accountable for making sure that if the internet was a sewer system, a sewage system, they need to make sure there are no block blocks inside of it, so making changes that are radical and violent. May affect everyone. So except for, you know, the DNS layer, if, I don’t know, if the sign goes down, that’s the second worst, worst thing that can happen.

People try to, you know, tend to not think about it, but it’s the, it’s the backbone of everything they use. So Google has to be very, very thoughtful about changes they make. Eventually. Extensions are productivity tool. They’re used by everything. In theory, you can, you know, you can argue. That it’s an excessive framework, but what we see now, that’s the way you build AI browsers.

AI extensions like cloud for Chrome, the number of installs is growing daily by, you know, tens of thousands. [00:20:00] You want agents browsing the web and doing your stuff. You want your personal assistant, you know, setting meetings for you. It has to go through the browser. There is no work around for that.

And it’s the safest integration. You know, a couple of years ago, EDR companies would inject DL Ls. And that’s just that, that’s a bad idea. Like trying to make low level code changes to significant sensitive applications. That’s a bad idea. So Google done the world a favor, created a safe interface.

Eventually you need to check who do you grant the pro access. And then it goes to, it’s not all, you know, good or bad because you have the good, the bad, and the ugly. Like the good is, you know, your one password, LastPass, cyber Haven, they can still get compromised and, and go malicious. You have the go the bad, which is, you know, intentionally malicious, but then you have all kinds of, you know, Amazon coupon code that, for God knows what the developer edited, debugger permission, just because I don’t know.

And in theory, they can activate the debugger in the browser and steal all your all, you know, your passwords and sensitive data, [00:21:00] any conversations, and they just forgot to maintain their extensions. And another extension is importing a very vulnerable. JavaScript library. Like, it’s, it’s just as simple like any other application in the world.

You can also have vulnerable ones and excessive permissions and authorization. God knows what. So it’s just, it’s a very complex problem. Google is trying, is doing amazing work about that. In terms of security, I think the next battlefield is around AI browsers. We got used from Google, Microsoft, brave and others.

To get an amazing security standard at a very low cost, which is $0 per month. So, you know, companies, I wouldn’t, you Throw mud at anyone, but there are some companies in the firewall space that customers pay a lot of money to and have a zero day every month. And that’s, you know, you pay a lot and you actually get security exposure.

Browsers, they’re free. You, you know, they get, you know, they, they have their benefits, but you, it’s free and you get. NSA quality defense. And now you have AI browsers that have new risks because there are, there is now an agent [00:22:00] embedded in the browser, and you have some sort of a, you know, execution that goes on top of the sandbox, no one can see.

So that’s, that’s an next battlefield. And eventually from a Google standpoint. You are accountable to what you installed in your, on your browser, they need. If it’s really malicious, they know it, they block it, we collaborate with them about that. It’s just a very, very complex task.

Luke: Yeah. No, it’s, it’s a great point.

I I totally agree too, the next battle field will definitely be on the eugenic side. And you know, it seems like there’s multiple layers to it. To, and I know that you all , were also pretty active in looking into some of the injection attacks and, and, and types of things there.

I mean, when you’re thinking about agents and browsers and the different options that you’re already starting to see out there where are the biggest risks from your point of view that you see currently out there that, that people might not be thinking about and. What are some ways that both the browser companies, but also users could be thinking about this to make it a little bit safer?

Or: Biggest risks, the number one cookie [00:23:00] theft and the, you can add more and more and more and more and more controls around identities eventually in real life. The cost of an account takeover and identity theft is just rising because you have more and more data outside. Let’s just imagine a world in which you have an internal LLM.

That is connected to all your resources. If I can just get access to the prompt field from a permissive user, that’s it. Jackpot. An account takeover is the target for most attackers and it’s, it allows a lot of virto creative things you can do because if you are not on the right user, you can laterally move.

In a way that’s applicative, so you don’t have to run something in the network.. Eventually once I have one account, I’ll send someone a message, try to propagate. Still today. There is a technology called cookies, which is all older than probably some of the viewers of this podcast.

And applications use a, a hardcoded cookie to fingerprint the user. It’s true, they also look at your IP and geolocation, but everyone using VPMs, it’s not that [00:24:00] easy. And user resolution and screen resolution, et cetera. So if I have access to your browser, I can pull your cookie. And identifying your behalf.

I can also understand what’s your user agent, what’s your typical geolocation? I can do a bunch of stuff. So then what happens is the IDP players add additional secrets. Where do they put those additional secrets? Local memory, local cache. Guess who has access to this data? The extensions on your browser.

So, you create a world that is really, really non-zero trust. Every additional factor you add is processed in a container that’s exposed to the same extensions. So like in, in theory something you have, something, you know, something, you are something like this and that everything is visible.

And you can still with a malicious extension, and even if it can’t, on the worst, worst case, if you open up a small screen in the background, minimize it to one pixel and actually navigate in your behalf. So just imagine now with agent technologies. You don’t really have to actually plug into the SaaS from another device.

You can just, you know, you’ll be able to load an agent. That’s the number one risk. Second is AI [00:25:00] interactions. So now every browser has an LLM plugged into it, an LLM sidebar that can read the page. And this is where you can see most of your. If I can intercept your interactions with AI applications, I probably get on top of very valuable data or I can attack your corporate model.

So it’s, it’s pretty much a very dangerous place. It’s very sensitive area with not enough guardrails. When you think about enough amount of power you can have. You know, communicating with the LLMs without any filters, that’s another significant risk. Aside from that it can do anything. So in a malicious extension, can, you know, open your microphone, open your camera.

It can actually turn a benign site into a phishing site so it can do like a million things on the application layer. And if you work on some sort of an app. Quite extensively. It can just duplicate every upload to that. You have, every data submission you have to their backend and start collecting your data in a, in a non-invasive [00:26:00] way.

So, you know, the sky’s the limit. From an attacker standpoint. It takes me a little bit to. When, you know, 10 years ago I was doing an an account a take down for a, a group in China that was compromising browsers. We called them firewall. It was when I was working at Checkpoint and it was very impressive.

It was a Virto attack, it was run by a real company. They a shadow section that was compromising browsers and buying infections. Another company that was actually selling this traffic, it was like really a mafia quality operation. Wow. And it occurred to me like, why and what? And apparently just, you know, people’s real estate in the browser, the web traffic just worth a lot of money and easily monetizable.

It’s really, really easy to monetize the traffic of people. And there’s just really pulling everyone into the browser.

Luke: looking Forward, right, to mitigate some of this, is it, is it gonna be about kind of isolating agents and what they’re [00:27:00] able to do, by profiles or maybe making them you extensions blinded to them or, well, what do you, what do you see kind of this going and, how do you think that this changes the browser?

as things get more genic, because obviously if. Agents are doing some of the browsing for you, that’s kind of changing the state of browsing in itself. Like where, where do you see all of this kind of going?

Or: So, uh, I think there is a principle, which is nearly Buddhist principle. We won’t make change the pay way people work, the way people work.

That’s a given. That’s that’s reality. So, you know, don’t we want, we don’t wanna be a blackberry, we want to enable and enablement is, is the game, is the name of the game. Then we need to take into account a couple of things like what are the worst things that can happen? Second thing is what is in my toolbox, and you’ve mentioned it, account mapping profile management is awesome.

Most companies don’t even know how to manage profiles and how to separate work profile to person profiles, which is an awesome tool. You know, locking down extensions based on must use, must have basis. That’s another factor that exists. [00:28:00] And then, lastly is setting up some sort of a strategy, which is future proof.

You know, if you know you can’t block lms, allow them to use those lms. So there are all kinds of things you can do. It’s also important to, to understand that an employee’s choice of browser, it’s a given. And I think that even for large enterprise, they will make an allowed. Browser list of companies that are respectful and, you know, credible.

So, you know, it will be brave in Google and others. There may be, you know, Bob’s browser that we don’t really know where it’s coming from and how compliant it is. And that may be blocked, but it’s not for, you know, for in intentional reason of not having browsers. It’s just, you know, that you wanna check which apps do you have on your devices.

So then it’s extension management. Checking, making sure that the configurations are right, deciding how do you manage personal profiles. At the end of the day, for every decision you make it’s kind of an annoying thought, but it’s the most important one. At, at the end of the game, at the day, there will be breaches, there will be events, and for every decision you make being [00:29:00] asked after something happened looking backwards.

Would you have changed your actions? In many cases, it’s fine to say, look, we took a deliberate choice to allow users to use personal profiles because this is the company culture. We minimize the risks by reviewing the extensions they imported. Another approach would be we have restricted the number of browsers they use, or we changed their, you know, their controls.

I think an answer that’s not really applicable. We didn’t have time to work on this or we didn’t get the budget because you can also do things on the budget and you just need to decide and prioritize what’s important. Low hanging fruits you know, password syncing, profile management, extension management, like you can do so much with that and gain a lot.

And I think at the end of the day, that’s a good start. And from there you stack on because eventually the browser is the new operating system. What can really happen now on your device, right? Like it’s, it’s not like it used to be. Most of your data is up. Like, you know, if someone steals my hard disk, like what’s the worst that can happen?

Like, my very sensitive data is on, on my [00:30:00] email.

Luke: True, true. Yeah. It certainly has evolved, right? Like, you know, we covered a lot on agents and things. Are there any other new type of cyber threats that worry you over the next five years that you see coming on the horizon?

Or: Yeah, everything related to ai. So, AI is vulnerable as the amount of interfaces it has. When you have now you’ll see now AI browsers and also agents on the device. So one of the trends we see is agents running in user space. So you have two kinds of agents. You have agents that run in your application.

So let’s say you are some sort of a SaaS company, you have a chatbot. You want to, I know, get a refund or make a complaint that’s now powered by an agent and then has a user escalation. That’s a, an application that’s a microservice. But then you have agents working in user space ‘cause they have to learn how users do they work in order to at some day replace them.

So agency and user space are very interesting. They leverage the access that users already have. Cookies in the browser, you know, the file system, other applications on the device, but they’re [00:31:00] vulnerable to all the attacks that that, you know, it’s kind of like, so just imagine like a three-year-old in an adult body like that can, you know, it has the access.

It’s basically that’s what it is. It’s a three yearold technology in, in an adult body that can do all kinds of things. It creates some sort of an unbalanced risk taking into account. No coffee breaks. Never, you know, overly naive and you don’t really understand how to do things because it’s, it’s in the background.

I really, really, really believe that the next generation of risks will be around that, because that will be the new low hanging fruit for attackers. If you find a way to compromise an agent. It’s nice, it’s fun because the agents are one, like, like one another. Unlike people that are different. They’re either always, you know, sharp or always tired, but you don’t have to wait for a holiday to, you know, to compromise them, if you get my point. So I think that’s the next battlefield.

Luke: Yeah, no, that makes sense. I mean, I think about this a lot too, like, having kind of been in the ad tech space prior to like all the little hacks and all the little weird things that are [00:32:00] now kind of just there for agents to play with.

It’s kind of wild rabbit hole to kind of put your mind through a little bit there. You know, and I’m gonna on a lighter note, I mean, think what gives you hope in the fight against, you know, kind of, attacks and cyber crime and all that. are you seeing things that give you hope?

Or: Well, we also have agen technology. So, we have a path to minimize the human risk exponentially because now you can assign a co-pilot to every user. Hmm. And that’s probably the future of securities. Having a co-pilot per user that helps them take decisions, it’ll enable things that were not possible before, like security for consumers, because you can’t afford.

You know what? Someone watching over, you know everyone. But now you have this technology. I think if we take the right methodological approach, it would be the benefit of the defenders over the attackers. Naturally attackers adapt faster because they need to make a living. But eventually I think it’s a good trend that will enable new things.

As a byproduct, it’ll probably kill half of their products that are now used in the market because they will become. [00:33:00] Commoditized. Not really interesting, not very unique. It’ll really change the way you, you do things, which it’s a good evolution.

Luke: I agree. I agree. You know, if folks wanna follow more about what you all are doing at Layer X or, or you personally where can people find and connect with you online?

Or: Yeah. So first of all, you are welcome to read about us in our website, lyx security.com. We have a very, very effective and proactive research department. Actually, last year we were the sole contributor to Verizon’s DBIR on the chapter around AI security. We’re the only vendor contributing data and then over LinkedIn search for.

Myself or ASID or LX security, and we share every research we make, and we’re also very, very available. We have research resources like extension, pia, that’s an available resource for extension, sandboxing, and capabilities. And we also maintain all kinds of projects that are for the community.

Luke: Fantastic. Or man, I, I really appreciate you, you making the time to come in and you know, to come on and talk about all of this. I feel like we barely touched the surface of this and love to have you back sometime too, [00:34:00] and get a little more in the weeds as these as things evolve.

Or: With pleasure, Luke.

Thank you for having me.

Luke: Yeah, thanks for coming. Thanks for listening to the Brave Technologist Podcast. To never miss an episode, make sure you hit follow in your podcast app. If you haven’t already made the switch to the Brave Browser, you can download it for free today@brave.com and start using Brave Search, which enables you to search the web privately.

Brave also shields you from the ads trackers and other creepy stuff following you across the web.