About
Hedi Ingber is a founder at stealth, leveraging over a decade of expertise across cybersecurity, AI systems, and cloud infrastructure. He most recently served as a Software Engineer at Google, where he worked on Duplex, engineering conversational AI agents at massive scale. Prior to his time at Google, Hedi was the Engineering Manager at Iguazio (acquired by McKinsey), leading the open-source MLOps framework MLRun, and served in an elite IDF cyber unit building mission-critical security services.
Sessions
The CoreBreak Attack: Turning AI Agents into Credentials Exfiltration Vectors
What you will learn:
1. A security-focused deep dive into managed AI agent infrastructure, how AWS Bedrock AgentCore works under the hood, the security assumptions baked into it, and exactly where its trust boundaries collapse. 2. Full code and a live walkthrough of discovering credential exfiltration vulnerabilities in both the Browser and Code Interpreter tools, then chaining them into CoreBreak, a realistic, fully automated attack that goes from a single webpage visit to complete credential compromise without detection. 3. A concrete defensive playbook for the agent era: why traditional I/O guardrails fail when your tools are the attack surface, and how to architect around it using zero-trust boundaries, layered isolation, and least-privilege enforcement, with actionable steps you can apply today. 4. Reconnaissance methodology showing how to identify exposed AgentCore deployments in the wild, demonstrating that this isn't theoretical, organizations are already running vulnerable agent infrastructure in production. 5. A new security mental model: in the agent world, code execution and browser access aren't vulnerabilities to patch - they're features. The entire security paradigm needs to shift from "prevent RCE" to "assume RCE and contain the blast radius."