Ofer Cohen, CTO of container security at Wiz, discusses the evolving landscape of cloud-native security at KubeCon. He explains how AI observability has become a critical focus, with organizations needing visibility into which agents communicate with LLMs like OpenAI and Anthropic. The conversation covers implementing least privilege for AI agents and preventing shadow AI deployments that create security risks.
The discussion explores Wiz’s security graph approach, which models multi-cloud environments to visualize attack paths from compromised pods to sensitive databases. Cohen addresses supply chain security challenges, including recent breaches like AquaSec Trivy, and advocates for platform consolidation over point solutions. He shares insights on normalizing security across AWS, GCP, and Kubernetes, and reveals findings from Wiz’s honeypot research showing sophisticated new attack patterns.
Key takeaways:
• AI network observability is essential for tracking agent-to-LLM communications
• Shadow AI deployments create over-permissive security risks that need containment
• Security graphs visualize attack paths across multi-cloud environments
• Platform consolidation delivers better value than multiple point solutions
• Supply chain attacks require proactive visibility without requiring PhD-level expertise
• Advanced honeypots reveal evolving attacker techniques and evasion tactics
Chapters:
0:07 – Introduction at KubeCon
0:45 – AI network observability and agent security
1:30 – Least privilege and shadow AI risks
1:47 – Supply chain security challenges
3:42 – Security graph architecture
5:34 – Platform consolidation strategy
7:30 – Multi-cloud security normalization
9:07 – Evolving attack patterns and honeypots
KubeCon, cloud-native security, container security, AI observability, security graph, supply chain security, Wiz, CNAPP, Kubernetes security, multi-cloud, least privilege, shadow AI, attack path visualization