Interview with Dr. Rajkiran Panuganti

[00:00:00]

Chiradeep Vittal: Welcome to this episode of Products Decoded, a podcast where we explore the fascinating intersection of product security and ai. I’m Chiradeep Vittal.

Pratik Roychowdhury: And I am Pratik. We are your hosts for the show today.

Chiradeep Vittal: In today’s episode, we have the privilege to feature an exceptional leader, innovator in AI and machine learning. Dr. Raj Kran pti currently serving as head of Genea Engineering at Criton, which is part of Ola Group. Dr. Pag GTI has had a remarkable career spanning some of the biggest names in tech with 14 years of Microsoft where he led. The Microsoft 365 chat team, a stint at Google, and as a co-founder and CTO of AI Technologies, Inc. He’s also had a biweekly newsletter called My Thoughts on LLM, where he talks about the latest trends in the LLM world.

Pratik Roychowdhury: In our conversation today, Dr. Pani takes us through the rapidly evolving landscape of AI agents. He offers practical insights on building [00:01:00] secure and effective AI systems, and he also shared with us interesting agentic use cases as well as architectural insecurity. Consideration for agent developers.

Take a listen.~~ ~~

Chiradeep Vittal: ~~So, and ~~welcome to the, ~~uh, ~~product security podcast. ~~Uh, ~~you and I, ~~we ~~have a common alma mater, I Bombay. ~~Uh, can you, uh. ~~Before we talk about AI and agents, ~~uh, ~~would love to hear about your journey. ~~Uh, it’s quite different from mine, but, uh, uh, ~~you have led AI teams at some of the biggest names in tech.

Rajkiran: Yes. Thank you. Thank you for me here. ~~Uh, ~~really happy and glad to be part of this podcast. Uh,

Chiradeep Vittal: I.

Rajkiran: ~~I’m brief about my background, so. ~~Currently I’m ~~actually, uh, ~~senior dietary and head of engineering at, ~~uh, ~~Ola. We build our own foundational models, agent systems. are a bit more heavily focused on the Indian consumer market, but we are not restricted to that. is just that, that’s the primary focus. ~~Uh, ~~we also build multimodal models as well as many scenarios enabling, multimodal agent systems. Et cetera. and of course, ~~uh, ~~as part of that security is ~~also ~~very important criteria that we [00:02:00] consider, whenever we are launching a lot of these applications. And these are all new paradigms. So thinking of security layer is completely, requires a new thinking. ~~Uh, but, uh, ~~we are, ~~uh, ~~lot more focused on the models, the agent systems, building applications, et cetera. ~~Uh, ~~coming to my background, ~~uh, uh, ~~I, I did my, ~~uh, ~~b ticket, IT Bombay, that’s for common matter. And then, ~~uh, ~~I did my PhD and then had a brief stint at Google, and I had a very, very long journey at, ~~uh, ~~Microsoft. Pretty much, ~~uh, ~~worked at, ~~uh, ~~many products at Microsoft. ~~Uh, ~~all layers of bing, ~~uh, ~~catering to a very important problem of search. primarily there are only two providers in the market really like Google and Bing. So that was an exciting journey. and then, ~~uh, ~~I, I built basically a machine learning and tructure for rapid experimentation and massive, ~~uh, ~~data scale experimentations. And then I was part of, ~~uh, ~~Cortana finally I was [00:03:00] part of the Microsoft office. And while at Microsoft office, ~~uh, ~~the open AI or the, ~~uh, ~~the LM revolution happened, so I was a, ~~uh, ~~key member of, and my teams were managing, ~~uh, ~~co-pilot, the Microsoft Co-pilot, ~~uh, ~~some of the aspects of the co-pilot I. Or some verticals of the co palate. that, ~~uh, ~~essentially, ~~uh, ~~gave me a, vision of essentially the kind of revolution that was about to come, which is obvious, fairly obvious right now. but it was an exciting time there, ~~uh, ~~looking at where things are headed. Okay.

Chiradeep Vittal: certainly sounds exciting and ~~the, I think ~~the last two years have been, just the acceleration has been tremendous. ~~Um. ~~Any other, ~~uh, ~~big trends, ~~uh, ~~you’re seeing in the agentic world right now? ~~Like, I think, ~~of course every week this is a big change, but

Rajkiran: Yes.

Chiradeep Vittal: anything that you’re seeing.

Rajkiran: ~~Yeah. ~~First of all, of course, as you rightly said, ~~uh, this is a, I, ~~I think in my entire career I haven’t seen any, ~~any. Uh, feel ~~area ~~that has, uh, uh, that is ~~evolving so rapidly ~~as, ~~as this one. Right. So in terms of trends, what we talked [00:04:00] today, yeah. Probably, ~~uh, ~~can go out of date in within few weeks.

Who knows who are a few days maybe. Right. So coming to trends, yes. AB absolutely. this year, actually the beginning of this year itself, ~~uh, most of the. ~~Most people ~~commonly ~~were viewing this year as the year of agentic systems, agentic frameworks, all thing agents. Agents and agents, right? So particularly, ~~uh, ~~the few trends that are really coming up now is basically things are maturing and.

, ~~Uh, ~~there a lot of focus on interoperability the agents, agents and tools, agents and systems agents and existing systems, et cetera. So one of the primary, ~~uh, ~~trend that I is , interoperability. ~~Uh, ~~the second, ~~uh, ~~trend, I mean, this is a, this is a stuff that was existing even last year, but, ~~uh, ~~becoming more and more prominent, ~~uh, ~~this year is. until last year, due to various ~~uh, ~~reasons, ~~uh, ~~a lot of applications were still in a, in a co-pilot scenario, [00:05:00] where the confidence of these agent systems being autonomous in themselves, I. It was not so high. So, a lot of things that were coming to production, ~~uh, ~~were essentially in a copilot where a human is still there in the loop to validate and be confident about the outcome that’s coming out of the systems. Now, ~~uh, ~~we are seeing more and more of these agent systems, ~~uh, ~~almost ready to operate in a truly autonomous manner, ~~uh, ~~for very specific domains, right? Whether it is. as we see white coding, et cetera, that’s coming up. but, ~~uh, ~~even, ~~uh, ~~AI employees where some of the mundane routine tasks being easily, handled by, ~~uh, ~~the lms, ~~uh, ~~and the agent systems. So that’s the primary trend, ~~uh, ~~overall trend that I’m seeing. Other aspect is also that now, now that, ~~uh, ~~this acceleration in this direction, ~~uh, ~~the, the [00:06:00] models that are, ~~uh, ~~the model support or the model capabilities that are really needed to, ~~uh, ~~support such scenarios is also evolving very rapidly. both in closed source as well as the. ~~Uh, ~~open source and, and hence, ~~uh, ~~will see many, many more of these multi-agent systems. Manus was, ~~uh, ~~one of the thing that attention, ~~uh, ~~by quite a lot of people. ~~Uh, ~~deep research, et cetera. It’s also, anyway, not really multi agent system, but to an external multi agent system with the operators, et cetera. ~~Um, ~~so there’s a lot of, ~~uh, ~~advancement that’s happening in these multi-agent systems. ~~Uh, ~~other trend that I, ~~uh, ~~also see is, ~~uh, ~~and more integrations into the business operations. so there’s a lot of, ~~uh, uh, ~~because now there is increasing confidence on these agent systems being able to, ~~uh, ~~perform these tasks. So there’s, ~~uh, ~~I see a trend of a lot of integrations into business operations. ~~Uh, ~~direction [00:07:00] that, ~~uh, ~~I see, ~~uh, ~~trends happening is the in the multimodal capabilities. so, ~~uh, ~~diverse datatypes, whether it’s, ~~uh, ~~text, images, audio, and even video, right? For example, in medical scenarios, a lot of, ~~uh, ~~video related scenarios are present. Audio is of course there, text and images. And this multimodel is also another direction where it’s rapidly evolving. ~~Um, ~~finally, all of these, ~~uh, ~~as things go more and more autonomous and multi-agent e systems, ~~uh, ~~the trust or the security as well as the ethical and the trustworthy AI also need to really evolve. Right now they’re there, but still, ~~uh, ~~many of these concerns still exist. It’s still a very open-ended problem, not just open-ended problem. ~~Uh, ~~it’s, ~~uh, ~~the challenges are evolving by the day. ~~um, uh, ~~that’s another area where I see some of the trends happening. Okay.

Pratik Roychowdhury: ~~So, ~~so [00:08:00] Raki and you talked a lot about, ~~you know, ~~AI employees and manners and some of the other use cases. So speaking about use cases, maybe, ~~uh, ~~we would like. You hear, I mean obviously since Chad g PT came out in November, 2022, there has been an explosion in the kinds of use cases. ~~So ~~would like to hear your, ~~you know, ~~thoughts on some of the interesting use cases that you have come across and maybe anything particular in the cybersecurity space that ~~kind of ~~interests you.

Rajkiran: Yes. ~~Yes, ~~absolutely. So first I’ll talk in, in general. Then, ~~uh, ~~probably I will talk about, ~~uh, ~~cybersecurity a bit more specifically. So, as we all know, ~~uh. ~~One of the first, ~~uh, ~~area that was, ~~uh, ~~that where, the, the agent use cases was coming into place in the first place was the customer service automation. ~~Uh, ~~that’s where, ~~uh, ~~there was a lot of focus, a lot of, ~~uh, uh, ~~use cases, lot of startups that have come in, and, ~~uh, ~~and I would say, ~~uh, ~~no, they were, ~~uh. ~~Fairly successful, ~~uh, ~~or at least moderate level, successful [00:09:00] last year. And this year, the confidence on them is, ~~uh, ~~really, ~~uh, ~~really blowing. I, I know, ~~uh, ~~many startups with that are in this, ~~uh, ~~world, demand for them is exponentially growing, like exponentially growing.

~~And, ~~and they are not even able to ~~keep ~~cope with the kind of demand and the pace of growth that they are seeing. ~~Uh, uh, ~~that’s one, ~~uh, ~~primary, ~~uh, first ~~area that was getting disrupted. The second area that I, ~~uh, ~~particularly observed, some of this disruption ~~happening or, uh, indicate or deployment of these systems ~~happening is ~~the ~~IT operations and help desk, ~~help desk, right? That’s, uh, another area where, uh, uh, a lot of this, uh, disruption was happening. Uh, ~~the third one, ~~uh, ~~that I see is, ~~uh, ~~healthcare administration. ~~I would say, uh, I’m not sure if I put, I’m putting it the right way. ~~The non-core medical, ~~uh, uh, ~~aspect of it. ~~Like, ~~for example, billing, coding, anything related to, ~~you know, uh, ~~insurance, et cetera.

~~Right? So ~~that’s another area. Where, ~~uh, ~~the, the personalized recommendations, the coding, the, a lot of human effort that used to be needed to, ~~uh, ~~make these things smoother. And of course, they were also having significant, ~~uh, ~~monetary impact. [00:10:00] And hence, ~~uh, ~~this was one of the, ~~uh, uh, ~~especially in healthcare where, ~~uh, uh, ~~where, ~~uh, ~~you know, a lot of these applications happen, right? And, ~~uh, ~~I also see, ~~uh, ~~another area that’s really, really interesting is, ~~uh, ~~a lot of scientific research, right? A lot of scientific research is also, ~~uh, uh, ~~is also, ~~uh, ~~deploying, ~~uh, ~~use cases over here. And this is particularly interesting because, ~~uh, ~~you know, as, ~~uh, ~~these agents are able to, ~~uh, ~~do and aid the researchers. I don’t think they’re very far away from doing research by themselves. ~~Uh, right. So that’s a very interest, very, very interesting direction. In fact, see ~~humans push ~~the ~~technology, barriers via research. Now, think of these, and, and a lot of them are, a lot of this pushing is done by, say universities and the PhD graduates, et cetera. And if these agents are able to match and be better than. those, ~~uh, ~~PG level candidates, you, you can sense what direction it’s heading. [00:11:00] fact, even the benchmarks, right benchmarks. I remember when GB 3.5, I think came out, ~~uh, ~~the comparison was with a 5-year-old, 8-year-old, to some extent, of course, GRE side, et cetera. The next versions when they came in, ~~uh, ~~now you are not comparing no longer with like, you know, the elementary school kid. You’re now comparing with at least a high schooler, but more so, ~~uh, uh, ~~more so with a, ~~uh, ~~SAT and GRE level, ~~uh, ~~exams. And the next, ~~uh, ~~version. I see now you’re comparing with graduates, right?

~~In fact, ~~graduate graduates are usually the after graduation or after bachelor’s is where majority of the people stop their education, ~~So, uh, ~~these months are already at that level competing with them, and now they’re going to the next frontier of actually competing with the. ~~Uh, ~~PhD graduates and so on, right? ~~or ~~in fact, we’d be better than them, frankly, ~~you know, uh, ~~I’m a PhD myself. And, ~~uh, ~~some of the ~~or ~~benchmarks that, ~~uh, ~~[00:12:00] we are targeting, I myself, ~~uh, ~~not solve it at least easily. and even the area that I’m working on, ~~like it ~~needed a humongous amount of effort and thinking for me to ~~even ~~solve them.

~~And them I couldn’t. And ~~these models are already. ~~Uh, at least I would say ~~doing maybe equal to me, better than me, for sure. So it’s a very, very interesting direction. ~~Uh, ~~things are heading now, ~~uh, ~~coming to the cybersecurity space. ~~Uh, particularly I think, uh, ~~this space is also being, ~~uh, ~~hugely, ~~uh, ~~revolutionized by this systems. ~~Uh, ~~few of the common areas are the. threat, threat detection and response. Right. Sorry. So I think firms like, ~~uh, ~~Microsoft, CrowdStrike, et cetera, they have integrated agent TKI into their platforms. ~~Uh, ~~I think the Microsoft security copilot is, ~~uh, ~~hugely popular, ~~uh, ~~to autonomously trash, like phishing attempts, ~~uh, ~~prioritizing of the critical incidents, et cetera, right? ~~Uh, ~~in fact, ~~uh, ~~it also has a, even, even in a copilot scenario, [00:13:00] it has a very, very, ~~uh. ~~Important, very important impact on humans who are in that domain because, ~~uh, ~~in that scenario, you know, a lot of these threats are, ~~uh, ~~you know, ~~uh, ~~phishing attempts, et cetera. There’s so many of them that you tend to ignore, right? You have it’s, you have really try to go and select the important one. And as a human, what happens is once you. if you are having to pick like one or two important ones out of a hundred, you might also even miss those important ones because they become a tendency to, ~~uh, ~~probably ignore, not think of it as a similar, so threatening attack, ~~uh, ~~now that a effective filter happens even in a coate scenario, right? ~~Uh, ~~then the, I would say there’s a lot more attention that’s paid by, ~~uh, ~~humans who are actually triaging this, ~~Uh, ~~the other area that, ~~uh, ~~is really emerging in, ~~uh, ~~in the cybersecurity framework is as these [00:14:00] agent systems evolve, ~~uh, what’s happening is also that, uh, ~~the SaaS layer, right? The SaaS there is, ~~uh, ~~getting hugely disrupted and being replaced, ~~Uh, ~~huge. When, when that. When that’s happening. And then obviously the, the SaaS security and monitoring also, ~~uh, ~~changes because most of the existing paradigm cybersecurity is built, ~~uh, ~~for this scenario. Right. for the scenario of SaaS security, a lot of it, I would say not, not all of it, A lot of it is focused on the SaaS rep.

And when that itself is getting disrupted, obviously you need to look at, ~~uh, ~~the challenges that it brings in. ~~The, the, uh, you know, the, uh, ~~the newer ways of things, newer ways of attacks, ways of threats that are going to come in, such a system. ~~Uh, ~~another aspect, ~~uh, ~~it’s not, ~~you know, ~~very different from the traditional one, but, the cause and effect is different here.

~~Is that, as you know. Uh, ~~white coding is getting popular now. When white coding is getting [00:15:00] popular. You are essentially democratizing, ~~uh, ~~who build applications and when you’re democratizing who can build applications, ~~you are essentially the layer. Uh, where ~~you need to look into these specific details, right? need to pay attention. And, and I see most of the whites essentially attention to the functionality, right? ~~Uh, ~~when they pay attention to the functionality, obviously a lot of these details are not being, ~~uh, ~~paid attention to. And, ~~uh, ~~when, when that happens, ~~uh, ~~you know, they’ll discover these issues only when. It actually hits it. Like, you know, I, I know, I know. ~~Uh, ~~my friends who are, ~~uh, ~~hosting some educational institutes, big, very well Reput educational institutes. They were just focusing on their functionality. I mean, I’m not talking about white, white coding here. They had their own websites, et cetera, but their focus has been their functionality and, and all of a sudden they, at least this aspect of one of their computer, [00:16:00] had a cybersecurity attack on, on, on their staff, right? And that brought, and that had a huge impact on their reputation as well as, ~~uh, uh, ~~you know, comparability for many days.

Chiradeep Vittal: Yeah, back to coding. ~~I think that’s a fascinating and. ~~Clearly the focus this year, I mean, white coding was invented by, or the term was just invented in, I think the third week of February Byre, and it’s already become wild ~~and so, uh, yeah. ~~So definitely something to keep our eyes on. But let’s shift gears and talk about building these agents, right?

What are some of the key considerations that developers should. Keep in mind when creating agents, you already talked about, hey, you know, just don’t throw code out there and be mindful about the security.

Rajkiran: Yes.

Chiradeep Vittal: anything else, ~~uh, ~~that they should be thinking about.

Rajkiran: I think, ~~uh, I mean, ~~if I look at the advice that I give to my own team, particularly here, because we are actually building a lot of these [00:17:00] agency systems, ~~uh, ~~one of it is ~~actually ~~being ~~pretty ~~practical ~~in sense that. Uh, ~~we are in a scenario where things are evolving ~~so ~~rapidly, ~~uh, ~~if you are restricting yourself to one particular framework and binding yourself to one particular framework. then at some, a new one comes up that is rapidly, I mean, massively, significantly better. you are not in a position to easily adopt, ~~and ~~sometimes you need to be there ~~in order ~~to get that quality because it’s an emerging scenario. So modularity and layered approaches is absolutely, absolutely, ~~uh, ~~very, very important, at least in the. Current market, current at

Chiradeep Vittal: Yeah. Because who knows which component they have to swap out because something ~~else come ~~better comes along.

Rajkiran: Yeah. And

Chiradeep Vittal: ~~Yeah. That’s, ~~that’s,

Rajkiran: Yeah,

Chiradeep Vittal: yeah.

Rajkiran: Who knows

Chiradeep Vittal: ~~you, ~~do you find developers, ~~uh, ~~worrying about things like, ~~um, I. ~~Evals ~~and then ~~fine tuning and hallucinations. ~~Like ~~these are all ~~like ~~[00:18:00] topics which, ~~uh, are, you know, ~~ML researchers ~~to ~~go on and on about, but like you said, developers are like, I just need to put the product out there.

Rajkiran: Yes. So ~~you, ~~you talked about, ~~uh, say ~~three different things ~~though ~~in the context of deliverables, evals, ~~uh, ~~Hal

Chiradeep Vittal: and then, ~~um, uh, ~~fine tuning and yeah.

Rajkiran: ~~tuning. ~~Yes. evals, fine tuning. ~~And Hal, so ~~let me address these three differently because ~~I, I see, uh, different. You know, ~~when a product is built, it’s not just ~~a ~~developers, ~~right? ~~The whole company is looking at it. there are different players who are focusing on these aspects in a different way, right? So hallucinations, yes, developers pay attention to, to it, but lot more is paid to hallion by product CIOs, ~~uh, ~~executives, et cetera, because that’s where our reputation. And things of that nature, or the impact of it is, ~~uh, ~~there developers may not always give as much attention to it as ~~it is really ~~needed. ~~Uh, uh, ~~but ~~I think ~~executives ~~and all ~~[00:19:00] pay a lot more attention to these aspects. ~~I, and ~~frankly, ~~the ~~last year, I know so many, so many projects where just got killed because, ~~uh, ~~the executive, ~~uh, ~~and were not getting enough confidence. ~~they, these, ~~their products don’t have smart, or at least give out something that’s not backed by something.

Right. So, ~~uh, ~~that was one of the actual major killer of the, ~~uh, ~~agent K systems now coming to, ~~uh, ~~fine tuning. ~~tuning particularly, you know, uh, because there has been a lot of democratization. ~~Fine tuning is still seen ~~as a scenario that is, uh, ~~by, ~~uh, ~~the experts in the area. ~~Uh, it’s partial, partially true ~~yes, you might, ~~uh, ~~have fine tuning interfaces ~~and you submit ~~and you might get a model. ~~Uh, ~~but how to iterate on it, ~~et cetera ~~still requires, ~~uh, ~~some domain knowledge ~~of this experience, et cetera. ~~what I see is, ~~uh. Uh, ~~there’s some buzz, but a overwhelming majority of developers as well as, ~~uh, ~~the companies not investing, ~~uh, ~~much effort in that fine tuning. Another reason is also that, yeah, now you go and [00:20:00] fine tune one model. By the time they cycle of fine tuning and integration into systems, there new model comes up. And, ~~uh, ~~that might be better than your fine tuned model.

Chiradeep Vittal: Yeah. Yeah.

Rajkiran: So that’s another reason. Evals. ~~Yeah, ~~actually this is one ~~of the ~~area that I have the biggest, ~~uh, ~~growth actually. ~~Uh, ~~the people don’t, ~~um, ~~the importance of evals as much of they should, especially, you know, ~~um, ~~let me take the simple prompt engineer and the look of it. Most people, especially tech, tech guys, as well as the non-tech guys. It as like an instruction that I can write in like five minutes, right? So if I have to ~~change, yeah, I will ~~change. I’ll add one more line or clarify some instruction and ~~then ~~it should work. Why is this a big, ~~uh, ~~task ~~And, uh, ~~that’s where the, the traditional, ~~uh, ~~training of machine learning really. Comes into which, ~~uh, ~~that you know, what you, you [00:21:00] need to realize what all it can impact and what other ways it can impact have your, ~~uh, ~~set that’s represent you, ~~uh, ~~and to evaluate it properly, et cetera. Especially even in this scenario, ~~what I saw that even ~~people who are doing evals as they address one bug after the other . The prompt keeps getting exploring, and then you take a step back and do a ~~really ~~proper fresh eval, now you get a very different result because each increment were just focusing on the problem and you are not focusing on the poll. ~~Uh, ~~and hence, ~~uh, ~~again, when it comes to production level applications, we need to pay attention. This is frankly one of the biggest, ~~uh, ~~brows, I have on how people approach, people think it’s, it’s, it’s a tiny, nowadays people think, okay, I can do it to ask to give me the prompt, they’ll just put it there. Yes, it works. It works fairly well, but, ~~uh, ~~you can’t

Chiradeep Vittal: What are the edge cases? The uh, exactly. Yeah.

Rajkiran: Absolutely.[00:22:00]

Chiradeep Vittal: And ~~yeah. And, uh, ~~I think the most recent, ~~uh, ~~buzz of course, recent being, ~~uh, ~~four weeks, which was ancient history, things like MCP and A 2 A, how agents talk to each other. ~~Is there, uh, should, ~~is that something we should worry about at all or

Rajkiran: Oh

Chiradeep Vittal: pay attention to ~~or just think that ~~something else will come along?

Rajkiran: Oh, absolutely. Frankly, ~~uh, ~~you know, ~~in the, in the, ~~in the trends I was talking about when it comes to multi-agent systems and integrations ~~that I talked about. ~~This is an ~~essential, ~~essential layer, right? ~~Sorry. ~~So primarily the MCP and A2A. These were, ~~uh, that was, that, that were, you know, ~~supposed to come more than a year ago.

We were all waiting for, ~~uh, uh, ~~you know, big players to. out this protocol because you, let’s say, ~~uh, ~~some not so prominent layer out the protocol. Adoption is very important, and I think, ~~uh, ~~essentially laying, ~~uh, ~~laying down that layer because they have been the, one of the most successful ones in coding, building applications, So Anthropic coming up with MCP and thankfully other players like [00:23:00] OpenAI adopting it, and Google, et cetera, everyone adopting that. Actually a huge, huge thing, ~~uh, uh, uh, uh, ~~this layer is frankly very important. Having said that, I still see MCP is very, ~~uh, ~~insufficient. ~~Uh, ~~it, as it rightly says, it’s a model context protocol. So it’s about how you provide context to the model, but then people who are, so let’s say I’m integrating with some service a. And the service a needs to have that, ~~uh, ~~tools in such a way that the agent can really understand it well without having to read through its documentation. ~~Uh, ~~it’s not done in that a smooth fashion by most of these MCP servers. So I would still say it’s in an early stage because MCP just connects that ~~inter ~~interoperability ~~and all. ~~but additionally, you need to have. of the good standards that lays out what makes a good communication. not just sufficient to say [00:24:00] communicate easily now, ~~uh, ~~you ~~also ~~need to establish what makes ~~a ~~good communication. ~~Uh, and another aspect is also that, uh, which is what, eight way the agent to agent protocol to an extent covering. ~~MCP is all about giving context to the model. ~~Uh, ~~but communication between agents is much beyond that. ~~Uh, ~~addresses tool to model communication to an extent. say I want to present some widgets. I want to communicate with two agents, right? MCP is, ~~uh, ~~not sufficient. ~~Uh, ~~it’s a good start. It’s a good start. Or there can be multiple layers on top of it, ~~et cetera. So ~~agent to agent communication is again, a ~~very good, uh. Uh, uh, uh, layer, ~~very good protocol that’s coming up it allows agents to collaborate, shared knowledge and tasks, et cetera. ~~Uh, ~~so frankly, ~~uh, ~~it’s a, it’s a very good one. Having said that, ~~uh, in my view, agent to agent is also not yet sufficient because. Still that focused on this, text-based communication and, um, ~~the communication needs to evolve to [00:25:00] be ~~much more richer and ~~richer. ~~So ~~I’m looking forward to. ~~Uh, ~~more protocols emerging, or at least these protocols emerging in the direction to those gaps. ~~ uh, ~~see these protocols similar to, ~~uh, ~~the, the value that HTTP has brought, uh, websites had their own, ~~uh, ~~content Now, how, how do you communicate with the HTTP being that communication protocol? ~~Uh, ~~enable that massive, massive explosion. of course, the search came into picture, ~~uh, ~~which connected many businesses to many consumers. So I see things evolving in the same direction where I. Each human, ~~uh, ~~will have their own personal AI assistant and each business can have their singular, multiple assistant and these assistants or agents talk to each other and accomplish a task or negotiate, et cetera.

Pratik Roychowdhury: ~~So, yeah. So, ~~so maybe, ~~maybe, uh, ~~switching gears a little bit and going back to the intersection [00:26:00] of model selection and security. ~~Uh, ~~security is obviously a. Huge concern ~~and, ~~and a hot topic ~~for, ~~for our audience. So from a security perspective, ~~maybe would like to hear your thoughts on ~~how should developers think about, ~~you know, ~~what models to select.

And especially I’m curious to hear your thoughts on the non-US models like Deep Seek and others coming in from purely from a security perspective. ~~Yeah, ~~that would be great to hear.

Rajkiran: Yes, absolutely. ~~So, uh, ~~first staying on the previous topic ~~itself ~~from the cybersecurity ~~security ~~point of view. Right now, if the communication layers are changing, ~~uh. ~~Right. Your security paradigm is also changing. So, you, whatever you established earlier as your, ~~uh, ~~way to address all the security issues ~~right now, that ~~has completely changed. ~~And as you, uh, rightly pointed out, like ~~protocols, frankly haven’t paid ~~much, ~~much attention to that. Whether it’s MCP ~~to takes it on, ~~they haven’t paid much attention ~~to. uh, there’s, ~~that’s why there’s, ~~uh, ~~MCP Guard. ~~Uh, guardian, I think, uh, ~~or things of that nature slowly starting to ~~emerge, ~~emerge, [00:27:00] but ~~still, uh, uh, ~~the security aspects are unfortunately, almost, ~~uh, ~~nearly ignored in this protocols.

I would say to an extent. ~~Uh, ~~maybe that’s a very strong statement, but, yes, ~~uh, ~~they’re nearly ignored. there’s lot of scope and not just scope, but, ~~uh, ~~a, it’s a challenge that. People have to take up and probably, I am hoping newer and newer, ~~uh, ~~et cetera, come and address those things right from security point of view. ~~Uh, ~~now coming to the other question that you asked about, ~~uh, ~~model selection ~~and, uh, ~~particularly with, ~~uh, ~~non-US models, I think people are referring to here, deep seek model cetera. So, so I, I, ~~uh, ~~when, ~~uh, ~~when I talk to who are, especially from the technical, actually, I think there is a, lot of misinformation that use a Chinese model, ~~I. ~~And the data ~~go, ~~goes to China. ~~I mean, ~~even if it’s open source ~~cetera, I think ~~there’s a lot of misinformation. ~~So ~~especially when it comes to, ~~uh, ~~[00:28:00] model selection, the model selection as such does not, ~~uh, ~~impact your security in a, in a direct way, of course can make things lose, et cetera, et cetera. But, in a direct way it doesn’t impact, but where that model is and who is the provider. That’s where, ~~uh, ~~you need to pay attention to. So deep seek, the company offers deep seek model, let’s say, at a very cheap price. of course, you are choosing that as a provider, then you are sending your data there. ~~Uh, ~~similarly if you use, ~~uh, ~~AI or any of these closed source ones, right? the problem with the closed source, especially from the security scenarios.

Now if they’re closed source, then you are sending over there. ~~Uh, ~~and ~~they’re the o ~~they are the only provider for the most part, ~~uh, ~~for that closed source models, right? ~~Uh, ~~so unless you have, ~~let’s say ~~some guarantees like Azure does on open ai, ~~um, uh, ~~from, from security point of view, from your data privacy [00:29:00] you are sending your data there. If this is really critical. Either you need to choose your provider or you’ll be your own provider. post these models, it doesn’t matter whether it’s a US model or non-US model in of, ~~uh, ~~security or privacy of the data. a provider that you choose that matters, where you host it, where you send your data, et cetera. ~~Uh, ~~unfortunately, or ~~uh, ~~for whatever reasons I saw whenever I talked to a lot of ex, ~~uh, ~~there’s a, ~~uh, ~~misconception using a Chinese model means the data goes to China. It doesn’t, ~~it’s, ~~it’s a model. ~~It’s ~~a bunch of metrics and applications happening on the computer.

Pratik Roychowdhury: Makes sense and, ~~uh, ~~yeah, thanks for clarifying that. So, ~~uh, ~~staying on the course of security. ~~Uh, ~~maybe we go back to the vibe coding, ~~uh, ~~aspect that we were talking about earlier. ~~Um, ~~there is a huge amount of code that is being developed because of vibe coding, right? So maybe if you would ~~like to ~~highlight a little bit on the security [00:30:00] implications of so much.

Code that is being generated. And obviously these are trained on open source code, et cetera. ~~So ~~maybe we would like to hear your thoughts on how, why coding is gonna impact security. I, I think you touched upon it earlier a little bit. Would ~~love to ~~love for you to elaborate on it. I.

Rajkiran: ~~Yeah, absolutely. Absolutely. So, ~~so Vibe coding is, ~~you know, uh, as, ~~as, ~~uh, ~~was being said, ~~like ~~started a few months ago or maybe many months ago more fun, fast. And a easy way to ship to prod, right? then what it also means that you are shipping to prod without tests, reviews, all of the processes ~~that were ~~established by, ~~uh, ~~this domain in the past two and a half decades, ~~right? of those ~~are bypassed. agents are writing code, they’re querying databases, they’re making modifications to databases, they’re making decisions. And in such scenario, when you obfuscate out all of these layers, then security, ~~kind of ~~[00:31:00] becomes an afterthought, right? you need sandboxing, you need permissions, you need runtime monitoring. ~~Uh, ~~it’s essentially, otherwise it’s like you are, you are letting a. intern have all kinds of permissions in, in the company and letting them go wild. ~~Uh, ~~in fact, even when it comes to, ~~uh, ~~I mean mildly digressing, even beyond, ~~uh, ~~vibe coding, ~~even ~~when it comes to MCP et cetera, the Auth ~~and the token, uh, ~~tokens and ~~the ~~security are not. ~~Uh, ~~really part of those protocols, right? And it’s more so when vibe coding is even obfuscating, even beyond that, Security is almost ignored, or it’s an afterthought completely. Right? I mean, I don’t know. And the, it’s, it’s, still a, I would say vibe coding is still a fun way, kind of showing the promise. if you are [00:32:00] serious, taking your, ~~uh, ~~taking your applications to prod, uh, you can’t, ~~uh, ~~just be vibe coding your way. ~~Uh, ~~if, if security and all aspects are really important for you, right?

Pratik Roychowdhury: Yeah. So, ~~so, uh, ~~raki ~~and ~~as we wrap up, ~~uh, ~~I would like to hear your thoughts on how ~~do ~~you see the future of the agent world evolving? Where do you see we are headed in the next few years? I think one of the things that, ~~uh, ~~we. You’re talking about is, ~~uh, ~~you know, should kids pursue a CS degree or PhDs ~~in, ~~in computer science anymore?

So, would like to just hear your thoughts on how we are seeing the future.

Rajkiran: Absolutely. ~~uh, uh, ~~the only thing that we can predict about ~~the, uh, ~~the future, ~~uh, ~~in this world is that it’s so hard to predict, right?

Pratik Roychowdhury: Yeah.

Rajkiran: so earlier future used to mean years. Now future means months. So my predictions are probably valid for months, right? So future of agent tech world evolving.

~~Actually it’s, I think, uh, ~~I think the agent tech system will evolve as ~~a ~~[00:33:00] another layer of operating system, maybe kind of a personal operating system, ~~et cetera, right? uh, ~~there’s ~~a ~~OS kind of a layer that will form, which is a general purpose computer, ~~whether ~~you can. take LLM ~~as a, you can say LM ~~as the chip or the processor, right?

~~A general purpose process ~~like ~~the intel, ~~intel et cetera. ~~Uh, ~~but agentic system essentially would be evolving like a systems on which, ~~uh, ~~that becomes a platform on which a lot of these agents will be like a play store apps you. and that you, ~~uh, ~~like to use them and then they communicate between each other.

Unlike, ~~let’s say ~~the app store where one app doesn’t communicate with other, So I don’t want to really, ~~uh, ~~make an analogy with the play store kind of thing, but it’s an apps, but they’re also communicating with each other, right? So that’s the direction it’s heading. ~~And more and ~~more autonomous systems. are going to be, ~~uh, ~~a reality. ~~Uh, a lot of, uh, uh, ~~a lot of, ~~would say ~~replacement of [00:34:00] mundane, ~~uh, ~~human tasks, ~~right? ~~And a lot of personal assistant ~~kind of ~~scenarios, ~~uh, ~~happening is what I see, ~~not even in far in future, ~~very soon in the future, ~~right? Other aspect, ~~other direction that I see is, ~~uh, verticals and ~~verticals ~~going, uh, people ~~going deep into one vertical disrupting the whole vertical is what I would see. ~~Uh, ~~coming to, ~~you know, ~~the future of education, kids education, et cetera. ~~Uh, I think, you know, ~~should they pursue this, ~~right? ~~Absolutely. ~~I mean, I think the direction the, the, the areas or ~~the degrees that you are trying to. Get educated on not going to change, is content of course is going to change, No one learns assembly level language. ~~I think ~~nowadays, ~~uh, ~~I should say kids, but are not learning cc plus plus at all, ~~Uh, ~~maybe not even object programming that I see. it’s python that people are learning very soon when, ~~uh, ~~vibe coding takes off, ~~would say maybe in four years. ~~might even see people not ~~even ~~learning Python, et cetera.

~~Right? ~~So is it needed, ~~uh, you know, ~~just as, ~~uh, ~~every generation, definitely layer, ~~uh, ~~thinks the, the fundamentals as what [00:35:00] was the top most layer for our previous generation? I think the same thing is going to happen. ~~Uh, ~~right, and like instruction level assembly, CC plus plus for foundations for us. now no one learns, right?

~~Uh, so ~~similarly Python, all of these, ~~uh, protocols is DP ~~protocols, APIs, et cetera. There’s going to be that layer ~~for, ~~for the next generation, right? They will learn, they will think ~~that is, ~~those are the fundamentals. ~~and, and. Uh, it’ll head in the direction. Yeah. ~~People should still stay in this direction because as, uh, you are saying evals, the thought process, et cetera, they’re all still ~~very, ~~very relevant. It’s just that what are you leveraging, ~~of ~~when you are evaluating those, like these are the SVM models, addition trees, et cetera, to a deep planning model, now these LLM models and pros. ~~Right? ~~But the thought process is still ~~in the, uh, ~~in the same direction.

Chiradeep Vittal: Awesome. I think, ~~um, of ~~what you said, ~~uh, ~~resonates. ~~Uh, ~~we are also ~~building, you know, ~~furiously building agents ~~our, uh, And so ~~a lot of what you said with MCP, ~~et cetera ~~really resonates. ~~uh, ~~I [00:36:00] would say that, ~~you know, ~~as far as ~~CS or ~~computer science goes, ~~the, ~~you have to know one layer below.

~~So ~~even if you’re ~~wipe ~~coding. you have to understand how that code is running on the CPU, on the hardware, on the desk, and so on ~~and so forth. So, and, um, I guess ~~if you’re working on the OS and hardware ~~and stuff that ~~you need to understand how distributed systems work, et cetera. So some, some things you still need to know. I hope, ~~uh, ~~they continue teaching these things.

Rajkiran: ~~Yes, yes, ~~I hope the curriculum adapts to, ~~uh, ~~this rapid pace of evolving. ~~Okay. Because, uh, you know, ~~in our time, , the curriculum course used to change in few years. Like, ~~uh, uh, ~~now, ~~uh, ~~it’s not just one course that has to change in few years. ~~Uh, ~~the whole curriculum has to look at it in a different way.

Chiradeep Vittal: Yeah,,~~ uh, yeah. ~~This was great. Raj Kiran, thank you for, ~~uh, ~~sharing your insights. , I, what I expected, I think, , from a deep researcher like you, , very ~~extremely ~~well. ~~I. and, ~~and detailed answers to our questions. It’s [00:37:00] been an absolute pleasure, ~~uh, ~~speaking with you and, ~~uh, ~~thank you to all our listeners for joining us on Project Decoded. you found value in today’s conversation, please subscribe, leave a review and share with our colleagues. be back soon with another deep dive into the evolving world of product security. Until next time, stay secure.

Rajkiran: Absolutely. Thanks for having me here. Absolutely enjoyed this conversation.

Pratik Roychowdhury: ~~Thank you. ~~Thank you.

Rajkiran: Thank you. Bye.