Episode 23:AI Voice Agent Security: Voice AI Under Siege: SIP Spoofing, Cost Drain, and How to Fight Back

Show Notes

In this episode of Traffic Light Protocol, we kick off our AI series with a hard look at how voice AI agents are being targeted; and how fast small businesses and startups can rack up serious bills overnight.

Guest Myles Agnew returns to unpack how old-school telecom tricks are being repurposed in the age of SIP/VoIP and AI: caller ID spoofing, open SIP trunks, and automated call loops that tie up your agents and quietly burn cash. We break down how easy it is to spin up a low-cost PABX, why authentication is weak in SIP land, and what practical controls you can turn on today to reduce fraud and noise.

What we cover:

• How SIP (Session Initiation Protocol) is abused to hit voice AI agents
• Why caller ID “verification” often isn’t verification at all
• The $5–$10/month attacker vs. your $/minute billing problem
• Channels/lines, trunk limits, and how attackers amplify cost
• Geo-fencing, call gating, and rate limits that actually help
• “Stop loss” ideas for web and voice agents
• How provider security maturity (and defaults) drives your risk
• Where laws and policies are heading (AU, US) and what to watch

If you’re building or buying voice AI, this is a must-listen before you scale.

Free course (limited time): The AI Cybersecurity Starter Pack

 Get practical checklists, templates (incident response, HIPAA/GDPR/APPs), and step-by-step hardening for AI apps and AI voice agents. 

Join the Skool community and learn how to protect your voice AI from abuse.

https://www.skool.com/ai-automation-security-5754/about?ref=3e3ebf81027c4bceb6f7cbfdbabe22ea

Join the AI Cyber Security Skool Group
Inside the group, you’ll learn how to defend against prompt injections, lock down API keys, and stop your automations from turning into costly incidents. It’s a space for cyber pros, engineers, and AI builders to share playbooks, tools, and real-world lessons on keeping AI secure.
https://www.skool.com/ai-automation-security-5754/about?ref=3e3ebf81027c4bceb6f7cbfdbabe22ea

Transcript

 Welcome to Traffic Light Protocol, the Digital Forensics podcast. This is our first video podcast to kick off the AI series. You know that we've been doing a bit of a transition away from traditional digital forensics and incident response, and now starting to go into the, the more AI side of things because I'm running a new startup for ai. 

Today's gonna be a killer. I'm so excited. And, and I shouldn't be too excited because people are actually really losing money, uh, in, in what is actually happening right now. And it's not, it's not great for them and it's not an, not an amazing feeling to wake up and find that you've lost a bunch of money in your business, particularly if you're a startup.

But today we are talking about. Exploitation of voice AI agents and the scams and common fraud things that are going on. And I wanna welcome back Miles to the podcast. It's been about a year. So mate, welcome back. 

Thank you very much. It's great to be back. 

What is going on? What is happening with voice AI these days?

Uh, 

isn't it crazy how, , the old techniques become new again? , , we were having a previous conversation about email, how that was being exploited in the nineties. And, , sip, which is session initiation protocol, which is used for voice calls over the internet, is one of those ones that has just been leveraged in ai. 

So for those people that dunno what that is, it's basically AI is answering sip phone calls. So it's not like a dependency on a general telecommunication infrastructure. It just does it via IP on a particular port. So it, that port is clearly open and anyone that initiates the session correctly, it doesn't matter if the details are incorrect.

Meaning that the number's been spoofed or it's from a different IP or a different country, it doesn't matter. It just accepts it for what it is. So there's some controls you can put around that, but um, yeah, it's just generally a free for all at the 

moment. So this is, this is happening because we are now in, in voiceover IP land and, and voiceover IP has been around for, oh God, it's 2025.

Mm-hmm. Like 20, 25 years. Correct.  But it started. Internally in, in offices, and then has now moved on to what we're doing today. And that facilitates people using Viber or WhatsApp and doing telephone calls over the internet, right? Correct, 

yes. 

And then people are now  able to spin up their own pxs and use voiceover IP  with some free providers too. 

Yeah, absolutely. And you can set yourself up as a, like an interim provider, um, because you're not dependent on telecommunication providers anymore. You can just do the IP to ip. As long as you've got the, uh, sessions set up correctly, it'll, it'll work. 

How hard is it to get started in setting up your own PAB? 

About 15 minutes.  Is 

that all? And, and what does it cost to set up? Uh, less than $10 Australian, so about five bucks US.  

So anyone can do this. Mm-hmm. It costs next to nothing. It's 10 bucks. Yep. And then you can become a voiceover IP  scammer if you wanna be or you can things Yeah. Use it for your business.

Yeah. 

Yep.  Then is that what people are doing? Are they having, when they wanna start a, a voice AI agency? Voice AI is massive. Now, you and I looked at this,  I was asking you some questions about how to set up some voice AI stuff a few months ago. It seems that everyone in AI land at the moment has heard of  voice ai or is actually doing it. There's like two camps. One camp is, yeah, we're gonna code and use chat, JBT and Claude, or now we're building a,  voice AI agency. 

Mm-hmm.  

What is involved  in kind of setting a voice AI agency up using one of these free SIP providers?  

So there's obviously two options.

You can use a provider that has its own PABX,  uh, which I think we did some modeling around. And then you've got ones where you have your own PABX and then you plug it into another service, which.  Uses the voice to text and the AI components. Some like vay or retail? Yeah, they're the two, they're the two main providers out there at the moment that do that very well.

So they use 11 labs voice, but it's, you know, it's a lot of moving parts for a lot of people. So it's easier to use, consume these types of services to, um, get your AI online. So it's very quick. You could, within an hour, you could have an AI.  But set up to receive or make 

calls.  So say, say we wanted to do that from scratch,  we would sign up to  retail.

'cause retail's a bit nicer to use than Vapi, I think. And there was some, I mean, you could go either way. It's not like Vapi is bad or anything, it's just personal preference . Mm-hmm. But if you set up  retail, then you need a number as well. Could you do it through retail? Just do make them a one-stop shop.

I think they integrate with Twilio.  Twilio, that's right. Yeah. Yeah. So you use Twilio and retail, and then they do the integration and then 

Yeah, off 

you go. That's, 

that's the quickest and easiest way to get going. 

So then there's some dangers there, right? Because this is starting to pop up a lot on LinkedIn.

Some people are, are experiencing some, some fraud activity, some scams. So what's 

happening with those is this, from the recordings that I've listened to, it's either playing a recording to the AI to confuse the AI to keep it talking,  but it's spoofing a whole bunch of numbers and they're all seem to be UK based on what I've seen, and that's quite easily to do.

So it's  in the SIP world. There's no authentication or verification of, uh, caller id. It's just not because it's an IP address. To an IP address with a session initiation protocol over the top.  

So, oh, so there, there's no actual,  I guess  it's a voice conversation, so there was never a need to have an authentication.

If you shouldn't be sharing confidential stuff, just don't share it. It's not about authenticating at all, is there? Correct,  yeah. So 

a lot of providers do encrypt the traffic.  TLS. However, back in the day you could do an intercept, was clear. You could listen into phone calls, you could do whatever you want, but now it's a little bit more secure, as in it's encrypted, but it's still not secure as far as call line identification and ip,  associating the IP with that particular. 

Caller id. So for example, if we set up a, our own little PABX, we could say we're an Australian number, a UK number, and a US number, all from that same ip. Even though the IP is Australian, it's that, yeah, it doesn't validate the, , other call room, , information over the top. 

So say you wanted to say you had a bit of skill and you weren't just a script kitty with,  a credit card, you might set up a piece of infrastructure in the AWS.

Region that you are targeting in the, say you're targeting an Australian company, you'd set up a infrastructure on that region.  Then you could spoof  the number to pretend to be an Australian number.  Then you can do the outbound.  Then if someone thinks that  they're a bit of an investigator, they put their detective hat on, they're going through the logs. 

All they see is an Australian IP  and an Australian phone number.  They do a Google looking for that number. They see the Reverse Australia website. They punch the number in. There's no record. 



What recourse do they have? Like how do they do anything from that point?  

Uh, in Australia we're under the A CMA, so you can lodge it as a nuisance phone call, but other than that, there's not much else you can do.

That's why a lot of them will use international numbers because that's out of 

control.  Yeah. Okay. So the A CMA doesn't have any jurisdiction of, of a UK phone number, correct? Yeah. Right.  Okay.  Interesting.  

So that's how you get around it. But you, we've obviously been talking about like Texas law, how they're, um, introducing different laws about how you use telecommunications and AI to call people and do stuff.

It's like the old age of email, how you had to get permission based the spam act here in Australia. It's eventually going to happen with voice as well.  

Yeah, and I mean.  What we're seeing is, is people are starting to, in the same way that people are getting sick of reading AI slop, you know, AI generated content that's,  that's being copied and pasted and it's, it's clearly been written by ai.

Sometimes it's, it's so obvious. You just wonder why people bother.  People are getting sick of that. They're also now starting to get sick of AI outbound phone calls, correct? Yeah, just a new, another nuisance. So that's becoming.  I guess you've got these anti, it's like the Luddites during the industrial Revolution going and smashing all the machines.

You've got people who are going, I'm taking a stand. I don't like ai. Or maybe they're concerned that AI will take their job or something. So they're actively trying to attack these systems and then attacking these, these voice AI systems. 

Mm-hmm.  

So you've got that angle. Then you've also got the angle of I want to inflict harm and malicious damage and cost. 

These people money. So I'm just going to tie up the phone line. 

Yep, a hundred percent. 

And then if you've got multiple phone lines.  

Yeah, so it most sip allow you at least 10 channels. So that's 10 simultaneous calls. Uh, retail does 20. So for you to consume retail's capacity, you would just need two set, two sip installs or two sip trunks configured at 10.

That, and the reason why I say 10 is 'cause that's usually the free mark when you want to get above 10, you get into enterprise and you wanna.  There's a pay  paywall there, but yeah, under 10 there's not much of a paywall. It's very cheap and common.  

And then what's the, what does the cost for the user, the person who's the mil, who's initiating the malicious calls, what does it cost them to do this? 

Next to nothing. So, like we were saying earlier, it's about five bucks or 10 bucks Australian a month and that's it. It's unlimited. And they can do,  oh look, oh, 

I just got a call. Oh, this is amazing. I, oh, if only I could have caught it. I got a, I just had a call from a UK number. They've been doing it all week.

I get a call and they hang up straight away. 

Yeah, 

it's, oh, it's, yeah. It's just so great. But that's, that's the problem, right? Yeah. Yeah. They're doing it. They're just blasting. Unlimited phone calls everywhere.  Oh, it's just, and, yes, it's brilliant, but it's so destructive. 

Yeah. That's it. But they can also use it for other methods as well as verifying that it's a legit number, it's got a voicemail or male, female just general  things like that. 

So it's costing the attackers five, 10 bucks depending on where you are. 



But what does it cost you if you're a business with voice ai?  

Yeah. Well, that's it. It can cost I think we did a quick cost analysis and it was like  10 

cents a minute.  So you got 10 cents a minute. You've got by default, 10 trunk wait.

10 trunks or 10 lines? 

Yeah, 10 lines in. So a trunk is basically 10 lines in. But with retail you can do 20 simultaneous. 

Yeah. So depending on how far you've gone with your setup  or  if you're a voice, a voice AI agency, you've set it up for your client.  That's 10 times 10. So that's a, that's a dollar a minute.

Mm-hmm. 

And that could be completely automated if the attackers are smart or if they're just lucky because they're on the other side of the world targeting someone on the other side of the world when they're doing this work. They're obviously awake and we would be asleep, or the business would be asleep.



The businesses might be out of hours from 6:00 PM at night to, I wish I could type this into ai to 8:00 AM in the morning. Yep. 6, 7, 

8, 14 hours. 12 to 14 

hours. Yeah. Right. Well, your maths is good. Yeah. Mm-hmm. I'm doing that one.  So  14 hours.  Geez, hang on. 14 hours at a dollar a minute. Yep. So one times  60, that's an hour times 14. 

60 times 14  is $840. 

Mm-hmm. And  

that's if you're paying attention.  Correct.  Can you imagine if.  You only do a check once a week as part of your health check or once a month, or it's over the weekend and you come back on Monday and it's 1600.  I love this. The weekend is the classic one, right? So we were talking about the old telephone scam where a voicemail will be redirected because by default the pins used to be four zeros.

Probably still is the case of much of corporate Australia  and.  Plenty of old phones. Anyway, let's not get into freaking on this call, but it is a fascinating topic and  yeah, they would redirect the voicemail to, uh, Southeast Asia number. I think the Philippines was quite popular for a while  over the weekend.

Imagine how many, and if you're a bigger business with a lot of phones,  the damage could be. Thousands, tens of thousands. Mm-hmm. I, I worked for an accounting firm back in  2008 where this happened. Yeah. And at the time it was extremely confidential.  They lost 30 to 40,000. 

Mm-hmm. 

By the same attack. 

Yep.  

Oh.

It's, it's just getting, it's just getting worse. And the problem is, this is becoming the wild West, but as you'd said before, everything old is new again. It's  the same attacks that we're working on PSTN, the Public Switch Telephone Network,  and now happening on VoIP.  Yep.  And everyone's jumping into voice AI thinking, this is great and it is great, but are people prepared?

Yeah. 

So in Australia, telecommunications has come a long way. Devices are authenticated into the network, which is using IMEI on mobile and on PSTN. It's, um, authenticated by, you know, using E ones. So you can't you could spoof a, uh, number, however, it's difficult for it to, um, like you, you couldn't do it in mass scale because the, the way the, the technology's set up, it's very limiting.

But, um, internet, there's no, there are no rules.  

Yeah. So I just don't understand why it's been, why it's been left and why it's, why it's allowed to happen.  

I think.  Because it's so dynamic, the internet is so dynamic. So for example, if you want to just set up A-P-A-B-X thing or cloud instance it's gotta be able to use those ports and use that protocol to connect to other services.

And there's no sort of centralized security or protocol that, checks everything and make sure that all the infrastructure's legit. I think that would be a, a hard ask. It'd be like, um,  making, uh, IMEI on every,  every, uh, sip tunnel or sip trunk and, and that would be, you know, a difficult thing to do.

You'd have to register it and username and IP with a central authority and, do some sort of ident identifications verification and stuff.  

So where, where should the line of responsibility be drawn then should it be the responsibility of the voice ai developer, the telco provider who's issuing these, these numbers for 10 bucks a month?

Or is it on the business who's  deploying it? I think it's a joint, it's a 

shared responsibility. Yeah. Much like the cloud, you know, your cloud provider it's a shared responsibility. It's your responsible to configure things securely, have the right controls. It's also the telco's responsibility.

You sit provider to have some of that security functionality,  uh, in their network and you are able to turn it on and off  or, you know, make adjustments. I think. We had a really good in our test scenario where if you weren't in Australia, it would just go to voicemail, or if you didn't have a call, id, it goes straight to voicemail.

I mean, something so simple is a great way to you know, divert from those  

global attacks. So there are some simple things that can be done, but what we're seeing of default fraud prevention. I, I guess, controls for prevention, security controls aren't really turned on by default.  

Yeah, that's a hundred percent.

Yeah. 

So there is, there is a much more, there's much more responsibility on the,  on the AI agent  providers that could be done, but.  Part of it is they need to implement the functionality to allow people to turn them on. People are starting to get aware of this stuff. They'd love to turn it on, but if it doesn't exist their hands are kind of tied. 

Do you think that that's gonna start to  cause people to jump ship if, if retail, for example,  didn't, and I'm, I'm picking our favorite provider, so they decided not to implement these security controls, but Vapi did.  We've seen it happen before where Vapi had some kind of issue and everyone jumped from Vapi to retail.



That could start happening again. It becomes, well, you've got more protection, so I can't put my business at risk. I'm gonna have to go with these other guys. Yeah. And that becomes a bit of a point of difference and, and maybe if they're charging more,  then they might get more business that way. 

And, and it's the same on the provider's end, right? So they, they would be seeing this across all their customers and under having an understanding of that threat model and feeding that threat intelligence through their whole customer base, or sharing it externally to a service that would, you know, help the community stop this sort of thing.

And I think that's where the maturity's gotta come in. And, that's gotta happen relatively quickly.  

Yeah. We're, we're seeing, we're seeing legislative changes happen in, in America. And I think there's also,  there is also protections in Australia against  specific ai, outbound marketing that, that you must opt in for this,  but it's not gonna stop people who have a problem with AI from  generating these spam calls.

If they've got an issue with it, then they're not gonna, they're not gonna stop. Especially if they're in countries that  just don't prosecute their citizens. I mean, we've got the same thing happening with ha happening with hacking attacks where  they're free to launch attacks outside the country, and as long as it's not against their countrymen, then, then they're fine. 

So what, what can we do about it? I mean, we're working on a course at the moment in, in school  that's.  The best way to to do it is to include some content in there, right? We can actually give people some real practical steps on what they need to turn on, and then  whether they're using a voice provider, whether they're  doing a done for you service, maybe they need to run through a checklist and say, Hey, if you are implementing an AI agent for me, can you please make sure that these default security controls are turned on  

correct and you want to target it for your market?

So for example, when we did our testing, it was Australia only. There's no need to have international calls turned on. It's,  yeah, be very, very niche on who's providing, who you're providing the service to and just lock it down for that particular market.  

And that's just one of maybe a dozen security controls that you can turn on to actually stop this kind of fraud from happening.

Correct. Yeah. It's a whole bunch of configs that you can do based on, you know.  Your, um, SIP firewall or your waf, depending on how you've got your AI agents set up. Even on your AI agent, you can have it set up, um, only accept x amount of calls from the same person, same number  in a 

30 day period. 

What level of technical skill are people gonna need to be able to follow along with, with what we've got for them in the school course? 

Oh, not a lot. I think a lot of the easy stuff like we were saying about voicemail it's very simple. And that it's that one little trick can 

save you one, one simple trick to lose belly fat.

Yeah. 

One simple trick to stop your voice. Say, I getting hacked. Yeah. 

Yeah. We're getting spam calls from the uk. Um,  yeah, I, I'm lucky that on my phone, all international calls go straight to voicemail 'cause I've got it set up that way on my,  on my, um, mobile phone. So I don't, I don't get that problem.

But, um, listening to the recording, it's quite interesting to see all these sort of things are playing out 

because as, as anti, there's a lot of anti AI sentiment. And you are seeing some chatter in the dark web as well about people who are wanting to just be dodgy and, and, and try and ruin people's day and ruin their, ruin their livelihood.

Yeah. Well, that's it. They're fed up with the outbound, the spam outbound.  Call it. I know in Australia, the SMS in election time, if, if someone figured out how to, actually, I think they did. I found the, found the, uh, authorizing person for that political party and basically spanned the life out of his mobile phone, and he had to get it changed.

They published it, didn't they? Yeah. Yeah. Yeah. And it's hilarious.  Yeah. Yeah.  But, uh, yeah, the dark web's very similar to that. Um, they have that sentiment, oh, we don't want this. And I think.  The best way I described it is like, you know, the two Chinese restaurants and putting the phones together and trying you to get an order.

So what happens is, they find an outbound AI agent and then an inbound AI agent, and then join them to get us, send the information from one to the other. And then obviously it, the outbound calls the inbound and they sit there and.  Uh, both, uh, AI agents and costing double the money. 

Well, it happened, it happened when I was testing.

What was it? Was it the, I was testing the retail agent and I thought that I was gonna do this on the cheap  by not actually calling the number, and I was just using the chat interface. Yep. And so I finished the testing, walked away, made a coffee, forgot about it. Yeah. Whatever. I'm just using a chat. Turns out that the, the meter was running, and if you hadn't come in and and found it, then I would've, yeah.

Run up a, a substantial bill. 

Yep. 

Yeah. There is some functionality I think is, is missing from, from retail at the moment, which is a bit of a, a, a stop loss. So that.  Nothing is happening. It's, it stops running. I think it's, I think it's a bit of an ethical requirement that they're gonna need to implement.

Because it's, I don't really feel that that's, that's right. And I'm, I could be wrong that the functionality doesn't exist. And if it, if it does, I'm sorry, retail, but from what I understand it's a, a function that has not been implemented as yet. That's on the 

web, certainly on the voice it's implemented, so you can tick a little box if, if you haven't had a response in like 30 seconds, hang up the call.

But in web it, 

uh, yeah, keeps it open. Yeah. Okay. I don't wanna give away all the secrets. The best thing about the school course is that at this point in time.  We are giving it away for free. Yeah. So if you're listening to this in let's September, 2025 right now, then we may be charging for it. But right now the course is free and we wanna get your feedback and we want, we want anyone who's, who's listening, who wants access to, to reach out.

And we'll give you access to the school course and, and you can learn how to protect your voice. AI amongst other things. There's a bunch of stuff that's real, really practical. There's a whole bunch of templates and things you can use for incident response. And if you work with American organizations or European organizations, there's some privacy controls around HIPAA and GDPR.

There's some templates that allow you to, um, provide to your users that will allow them to request that their data's. Deleted and just following on some compliance stuff. There's a business associate agreement template. If you need to work with hipaa, organ registered organizations, you're dealing with personal health information.

There's a whole bunch of stuff in the course about Australian privacy principles as well. Yeah, it's all there. It's all free right now, but in future we will, we will have to charge for the course because it's going to require substantial amounts of updates as.  AI is changing. I mean, I was at an event last night in the, uh, the Parisian Springs AI hub, and one of the guys there who was talking about using cursor for AI coding said he's used the software in the morning. 

By the time it rolls around to the afternoon,  there's been a change.  And he's a developer. If he's having to deal with it, imagine what the rest of the, like, the rest of us are having to deal with mm-hmm. The constant change. Yes, all I can say is get in there and just, you gotta keep updated. 

Absolutely.  It's pretty scary. I know that this is just.  One of the first issues that we're starting to see for a long time, people were talking about AI is being used to proliferate attacks. It's being used to generate amazing phishing emails, so there's no more grammatical errors and no one's hacking into ai.

But now we're starting to see some real examples. People are putting their hand up and saying, Hey, you know what I'm getting, I'm getting popped here. Don't, don't fall the victim to the same way we did.  

Yeah, it is quite interesting to see that, people are using AI against ai, punch out some large bills overnight with these, uh, voice AI agents.

It's pretty, pretty scary. And I'd imagine it'd be very similar in the web, web chat as well, because web chat's much bigger market than, uh, voice ai. A lot of sites have those agents, but.  A lot of the larger companies have it in-house, so it's just pure compute and time. But, um, yeah. If you were using a third party service, then yeah, there's a  cost to that.

Anyone implementing a chat bot  and there's, I've never seen a capture on a chat bot. No. You, 

yeah. Most,  I, I haven't seen a capture, but I have seen a verification.  

Okay, 

that's good. Verifies, yeah, your email or your account number. So you type in your account number  or your billing number, and it, then it asks you what's, what's the email address associated with that, and then you type that in. 

Uh, the other method I've, yeah, the other method I've seen is you type in your email address, send you a code, and then you type that code in, and then you're authorized to start chatting.  

So there are, there are systems, there are ways of implementing it, but it's,  it's gonna become more and more important.

I know bots are getting a lot better. Have you ever, have you signed up for X recently? Like the formerly known as Twitter?  Have you done the six step  process? It requires you to pass like all the captures. Wow. It is like a sick joke by Elon Musk, how difficult this is.  My eyes are fine.  My brain is at a hundred percent capacity.

You know, I'm young, and all the rest of it, it's working. But imagine if you've got, if you are of a different age demographic or if you have  challenges in, in other areas, if your site's not as good as you'd like it, or, or you have other, other disabilities.  I don't even know how you would begin to get past these challenges.

It's, you've gotta rotate shapes and then you've gotta slide this and make it fit, but it's all grainy. I get that. There's issues with with bots and stuff, and Twitter was. A horrible, horrible, uh, experience full of bots for a long time. But yeah, it's, it's a real, it's a real hassle too. It's a real pain in the ass actually to get signed up there.

So,  I don't know. There's methods around it. There's methods of securing the agents, there's methods of securing the chat bots.  I hope we don't have to get to some kind of, you need a license to operate on the internet.  Yeah, that would just be really nasty, but yeah.  I don't know. Someone needs to come up with a better way of doing it. 

Alright. 

Alright. 

That was amazing. I'm,  I can't wait to listen to this again and then document it and then Yeah. Make some cool notes.  I can't wait for the next one. Alright. What's the next one gonna be on? I don't know. You tell me. Let's figure it out. Alright, let's figure it out and then do another one very, very soon.

Alright. Alright. Let me kill this recording. What a fantastic episode that was with Miles. I hope you got a lot of value out of it and are now starting to understand. There are more risks with ai and it is not just AI being used to proliferate attacks. AI systems are now starting to be attacked by people who have an anti AI sentiment, and it's up to us to make sure that our systems are resilient. 

And have the safeguards in place to prevent them from being taken offline to prevent significant cost being incurred, especially for voice AI systems and agentic AI systems as they start to evolve. That's why I've created this school course to give you the AI fundamentals called the AI Cybersecurity Starter Pack, which helps you to understand what is required in hardening your AI apps and start to get a bit of a picture of.

What the risks are with using AI and how you can protect yourself against attacks, like what we spoke about today in the podcast.  I've included a link in the description to the school group where you can join that course for free. As of September, 2025. It is free to join. I'm really keen to get your feedback and see what you think.

And we're building a community on school of AI professionals, AI cybersecurity professionals, and people who are interested in securing their AI and learning from the decades of experience between myself and Miles.  As we can share what we've learned in digital forensics, incident response and system engineering.

So it would be great to have you along. I really look forward to seeing you in the community and I can't wait to release the next podcast for you. We're looking to do these weekly, get back onto the weekly schedule that we once had for TLP, and it's gonna be a great time and there are so many developments in AI and AI cybersecurity that we really can't wait to share these with you.

I'll see you in the next episode. Bye for now.