Name: GeminiJack and Agentic Security with Sasi Levi (Ep. 152)
Uploaded: 2025-12-11T11:00:11+00:00
Description: Episode 152: Agentic Security with Sasi Levi Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to …

Episode 152: Agentic Security with Sasi Levi
Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Vertex Bug, and debate if Prompt Injection is a real Vuln.

Follow us on twitter at: https://x.com/ctbbpodcast
Got any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.io
Shoutout to https://twitter.com/realytcracker for the awesome intro music!

====== Links ======
Follow your hosts Rhynorater, rez0 and gr3pme on X:
https://x.com/Rhynorater
https://x.com/rez0__
https://x.com/gr3pme

====== Ways to Support CTBBPodcast ======
Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

CHeck out our New Christmas Swag at https://ctbb.show/merch!

Today's Sponsor: ThreatLocker. Check out ThreatLocker Elevation Control
https://ctbb.show/tl-ec
And Noma Security! https://noma.security/

Today’s Guest: https://x.com/sasi2103

====== This Week in Bug Bounty ======

Vercel Platform Protection
https://hackerone.com/vercel_platform_protection?type=team

Dedicated HackerOne program for Vercel WAF
https://x.com/cramforce/status/1998072892391592195?s=20

YesWeHack Open Source Programs
https://yeswehack.com/programs?scopeType%5B%5D=open-source&page=1

Android recon for Bug Bounty hunters
https://www.yeswehack.com/learn-bug-bounty/android-recon-bug-bounty-guide

====== Resources ======

Sasi's Tweet from 2015
https://x.com/sasi2103/status/608349038778437632

ForcedLeak: AI Agent risks exposed in Salesforce AgentForce
https://noma.security/blog/forcedleak-agent-risks-exposed-in-salesforce-agentforce/

Is Prompt Injection a Vulnerability?
https://danielmiessler.com/blog/is-prompt-injection-a-vulnerability

====== Timestamps ======
(00:00:00) Introduction
(00:09:16) Google Vertex AI Bug
(00:29:28) Sasi's Background and Bug Bounty Journey
(00:38:55) Resources for AI and Agentic Security Methodology
(00:50:34) ForcedLeak
(01:02:06) Is Prompt Injection a Vuln?

GeminiJack and Agentic Security with Sasi Levi (Ep. 152)

Listen On

Recent Episodes