Black Hat Europe 2025 | Why We Can’t Retrofit Old Security Principles Onto AI Agents

Traditional security relies on axioms like separating code from data, but LLM-based agents blur these lines by treating user prompts and untrusted external content as identical semantic inputs. Dr. Ilia Shumailov argues that current defenses are fundamentally flawed: adaptive attacks bypass standard guardrails with over 90% success, and existing red-teaming incentives often perpetuate vulnerabilities rather than fixing them. This session presents a breakthrough alternative—deployment architectures that fix prompt injections by design and scale to support complex Web and Computer Use Agents. Discover how to move beyond fragile detection models toward systems with provable security against control-flow injections and verifiable security against data-flow attacks for the next generation of autonomous agents.

By: Ilia Shumailov | PhD in Computer Science from the University of Cambridge

https://blackhat.com/eu-25/briefings/schedule/?#sponsored-session-why-we-cant-retrofit-old-security-principles-onto-ai-agents-and-what-to-do-about-it-50622Black HatRead More