In this must-see BlackHat 2025 interview, Doug White sits down with Michael Callahan, CMO at Salt Security, for a high-stakes conversation about Agentic AI, Model Context Protocol (MCP) servers, and the massive API security risks reshaping the cyber landscape.
Broadcast live from the CyberRisk TV studio at Mandalay Bay, Las Vegas, the discussion pulls back the curtain on how autonomous AI agents and centralized MCP hubs could supercharge productivity—while also opening the door to unprecedented supply chain vulnerabilities. From “shadow MCP servers” to the concept of an “API fabric,” Michael explains why these threats are evolving faster than traditional security measures can keep up, and why CISOs need to act before it’s too late.
Viewers will get rare insight into the parallels between MCP exploitation and DNS poisoning, the hidden dangers of API sprawl, and why this new era of AI-driven communication could become a hacker’s dream. Whether you’re a security leader, developer, or tech enthusiast, this conversation will leave you both fascinated and just a little bit scared—in the best way.
Segment Resources: Blog: https://salt.security/blog/when-ai-agents-go-rogue-what-youre-missing-in-your-mcp-security Survey Report: https://content.salt.security/AI-Agentic-Survey-2025_LP-AI-Agentic-Survey-2025.html
This segment is sponsored by Salt Security. Visit https://securityweekly.com/saltbh for a free API Attack Surface Assessment!
- 0:00 - Welcome to BlackHat 2025 at Mandalay Bay
- 0:38 - Introducing Michael Callahan, CMO of Salt Security
- 01:15 - What is Agentic AI and why it sounds “dangerous”
- 02:10 - How MCP servers broker AI agent communications
- 03:40 - The hidden API explosion behind AI productivity
- 04:55 - Shadow MCP servers and growing security risks
- 06:15 - DNS poisoning as an analogy for MCP attacks
- 07:45 - Why traditional security can’t keep up with AI speed
- 09:05 - CISO decision-making under pressure to adopt AI
- 11:00 - The “API fabric” concept and radioactive supply chains
- 13:20 - Autonomous AI agents creating unpredictable vulnerabilities
- 15:10 - How attacks can bypass detection by looking legitimate
- 16:25 - Closing thoughts and where to find more Black Hat coverage
Michael Callahan is the Chief Marketing Officer at Salt Security, a leading API security firm. Appointed in October 2023, he brings over 20 years of cybersecurity executive leadership, with prior roles at Acronis, Cofense, McAfee, HP, FireMon, Juniper, and Zimperium. At Salt, he leads brand, demand generation, and global go‑to‑market strategy.
