Deepu

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue

Is your RAG system secretly leaking sensitive data to your LLM? Learn how to stop it with fine-grained authorization before it goes rogue.

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
#1about 4 minutes

Understanding the current state of AI security challenges

AI systems often have poor judgment, and the security domain is playing catch-up with the rapid evolution of AI agents and protocols.

#2about 3 minutes

Focusing on key OWASP Top 10 risks for developers

Application developers should focus on mitigating sensitive information disclosure and excessive agency, as these have a large attack surface under their control.

#3about 3 minutes

Why traditional RBAC fails for RAG systems

Traditional role-based access control (RBAC) is insufficient for RAG systems due to dynamic context and complex data relationships, necessitating a fine-grained authorization (FGA) approach.

#4about 5 minutes

Implementing OpenFGA to secure RAG data access

OpenFGA uses authorization models and relationship tuples to filter documents from a vector store, ensuring the LLM only receives data the user is permitted to see.

#5about 2 minutes

Mitigating excessive agency with zero trust tool access

Control an AI agent's tool access at the code level using zero trust principles, applying standard RBAC for simple cases and FGA for granular, user-dependent permissions.

#6about 1 minute

Securing third-party API calls using OAuth federation

Use OAuth 2.0 federation to allow AI agents to call third-party APIs on a user's behalf without handling raw credentials, using a broker to manage access tokens.

#7about 1 minute

Adding human guardrails with asynchronous authorization

Implement human-in-the-loop approvals for high-stakes actions by using the CIBA flow to send asynchronous authorization requests to users for confirmation.

#8about 5 minutes

Demoing step-up authorization and system architecture

A live demo showcases step-up authorization where an agent requests user consent before accessing sensitive data, followed by an overview of the application's architecture.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Addressing security risks and guardrails for agentic AI
05:16 MIN

Addressing security risks and guardrails for agentic AI

Unlocking Value from Data: The Key to Smarter Business Decisions-

Addressing the security challenges of AI agents
03:42 MIN

Addressing the security challenges of AI agents

API‑First: How Twilio Designs for Developers - Justin Kitagawa (Twilio)

Navigating security risks in the current AI gold rush
06:05 MIN

Navigating security risks in the current AI gold rush

Securing AI Agents from the Ground Up - Luke Hinds

Overcoming legal and security roadblocks for AI adoption
02:46 MIN

Overcoming legal and security roadblocks for AI adoption

The AI Skills Gap: What Tech Leaders Must Get Right

The overlooked security risks of AI and LLMs
03:19 MIN

The overlooked security risks of AI and LLMs

WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking

Managing the fear, accountability, and risks of AI
07:10 MIN

Managing the fear, accountability, and risks of AI

Collaborative Intelligence: The Human & AI Partnership

Q&A on AI adoption, tools, and challenges
16:49 MIN

Q&A on AI adoption, tools, and challenges

Navigating the AI Wave in DevOps

Evaluating the security risks of third-party AI agents
01:47 MIN

Evaluating the security risks of third-party AI agents

GenAI Security: Navigating the Unseen Iceberg

Featured Partners

Related Videos

See all videos
Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

GenAI Security: Navigating the Unseen Iceberg24:33

GenAI Security: Navigating the Unseen Iceberg

Maish Saidel-Keesing

The State of GenAI & Machine Learning in 202526:47

The State of GenAI & Machine Learning in 2025

Alejandro Saucedo

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

On a Secret Mission: Developing AI Agents29:03

On a Secret Mission: Developing AI Agents

Jörg Neumann

Securing AI Agents from the Ground Up - Luke Hinds56:27

Securing AI Agents from the Ground Up - Luke Hinds

Luke Hinds

AI & Ethics28:27

AI & Ethics

PJ Hagerty

From A2A to MCP: How AI’s “Brains” are Connecting to “Arms and Legs”24:12

From A2A to MCP: How AI’s “Brains” are Connecting to “Arms and Legs”

Brad Axen

Related Articles

View all articles
DC
Daniel Cranney
Dev Digest 211: Securing Agents, Top AI Apps and Lost Readers…
Inside last week’s Dev Digest 211 . 🏗️ Can the infrastructure keep up with AI growth? 📱 Top 100 GenAI consumer apps 🪱 Wikipedia hit by worm and AI slop 🔍 The results of Codex Security scanning 1.2M commits 🧹 Bye bye innerHTML, welcome setHTML() 🔄 Cl...
Dev Digest 211: Securing Agents, Top AI Apps and Lost Readers…
DC
Daniel Cranney
Dev Digest 210: AI Agents Are Go! Is MCP Dead? LLMs Crack Anonymity
Inside last week’s Dev Digest 210 . 🪦 Is MCP already dead? 🐍 Secure snake on the CLI 🏗️ The architecture behind open source LLMs ⚖️ AI companies and governments at odds 🦫 Is Go the best language for AI agents? 🕵️ “Security research” bot hacks Micros...
Dev Digest 210: AI Agents Are Go! Is MCP Dead? LLMs Crack Anonymity

From learning to earning

Jobs that call for the skills explored in this talk.

Data & AI Architect

Data & AI Architect

Ai Agents

Intermediate
Azure
Redshift
Google BigQuery
Microsoft Office
Google Cloud Platform
+1
Data & AI Architect

Data & AI Architect

Ai Agents

Intermediate
Azure
Redshift
Google BigQuery
Microsoft Office
Google Cloud Platform
+1