Luke Hinds

Securing AI Agents from the Ground Up - Luke Hinds

Users were getting hacked by their own AI agents. So Luke Hinds built `nono`—a simple tool to sandbox them and prevent system compromise.

Securing AI Agents from the Ground Up - Luke Hinds
#1about 4 minutes

Why open source is the best model for security software

Open source provides transparency for code reviews, fosters collaboration with diverse experts, and prevents vendor lock-in for businesses.

#2about 6 minutes

Navigating security risks in the current AI gold rush

The rapid pace of AI development often pushes security to a lower priority, creating risks as non-technical users are given powerful, low-level system access.

#3about 5 minutes

Understanding the practical challenges of agentic AI

Agentic AI is in an exploratory phase where it is often misapplied to problems that have simpler, more traditional solutions.

#4about 9 minutes

Introducing nono for secure AI agent sandboxing

The nono project provides a simple, easy-to-use sandbox that uses kernel-level security to isolate AI agents and prevent unauthorized system access.

#5about 11 minutes

A live demo of nono's core security features

This demonstration shows how to use nono from the command line to restrict file access, protect credentials with phantom keys, and roll back unwanted changes made by an agent.

#6about 5 minutes

Advanced controls for dangerous commands and auditing

Nono protects systems by blocking destructive commands like 'rm -rf' by default and provides a secure audit trail of all actions an agent performs.

#7about 13 minutes

How to make security tools easy and widely adopted

Drawing parallels with Let's Encrypt and Sigstore, making security tools free, simple, and user-friendly is the key to achieving widespread adoption.

#8about 3 minutes

Community-driven development and getting started with nono

The success of nono demonstrates the power of building tools that solve real problems observed in developer communities like Discord.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Addressing the security challenges of AI agents
03:42 MIN

Addressing the security challenges of AI agents

API‑First: How Twilio Designs for Developers - Justin Kitagawa (Twilio)

Running AI agents like OpenClaw securely in the browser
06:03 MIN

Running AI agents like OpenClaw securely in the browser

WeAreDevelopers LIVE - Markdown, Liquid and Checkouts

Understanding the current state of AI security challenges
04:09 MIN

Understanding the current state of AI security challenges

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue

The power and security risks of AI command line access
01:55 MIN

The power and security risks of AI command line access

WeAreDevelopers LIVE - Accessibility isn't magic, Longevity, Devrel in times of AI and more

Final advice on security and responsible AI usage
01:51 MIN

Final advice on security and responsible AI usage

WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking

Mitigating the security risks of AI-generated code
06:10 MIN

Mitigating the security risks of AI-generated code

Developer Productivity Using AI Tools and Services - Ryan J Salva

The overlooked security risks of AI and LLMs
03:19 MIN

The overlooked security risks of AI and LLMs

WeAreDevelopers LIVE - Chrome for Sale? Comet - the upcoming perplexity browser Stealing and leaking

Understanding AI security risks for developers
03:35 MIN

Understanding AI security risks for developers

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Featured Partners

Related Videos

See all videos
Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue23:29

Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue

Deepu

AI in the Open and in Browsers - Tarek Ziadé53:54

AI in the Open and in Browsers - Tarek Ziadé

Tarek Ziadé

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

Security Blindspots and How to Learn About Them - Anna Oliveira26:28

Security Blindspots and How to Learn About Them - Anna Oliveira

Anna Oliveira

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

WeAreDevelopers LIVE - Markdown, Liquid and Checkouts55:37

WeAreDevelopers LIVE - Markdown, Liquid and Checkouts

Chris Heilmann, Daniel Cranney & Kumar McMillan

The Why and How of WebMCP - Alex Nahas53:04

The Why and How of WebMCP - Alex Nahas

Alex Nahas

Related Articles

View all articles
DC
Daniel Cranney
Dev Digest 196: AI Killed DevOps, LLM Political Bias & AI Security
Inside last week’s Dev Digest 196 . ⚖️ Political bias in LLMs 🫣 AI written code causes 1 in 5 security breaches 🖼️ Is there a limit to alternative text on images? 📝 CodeWiki - understand code better 🟨 Long tasks in JavaScript 👻 Scare yourself into n...
Dev Digest 196: AI Killed DevOps, LLM Political Bias & AI Security
DC
Daniel Cranney
Dev Digest 164: AI Agents, AI Blindspots and MCP security problems
Inside last week’s Dev Digest 164 . 📈 State of AI in charts 🕵️‍♂️ What are AI Agents? 🤖 AI blindspots 🙅‍♂️ Everything wrong with MCP ⚠️ Threat modelling GitHub 🤩 Non LLM software trends to be excited about 💻 Caching explained 🐕‍🦺 Keeping Amazon Web ...
Dev Digest 164: AI Agents, AI Blindspots and MCP security problems

From learning to earning

Jobs that call for the skills explored in this talk.

AI Security Engineer

AI Security Engineer

Databricks
Amsterdam, Netherlands

Intermediate
C++
Python
PyTorch
TensorFlow
Machine Learning