As AI agents begin operating within connected vehicle ecosystems and mobility platforms, cybersecurity must evolve beyond protecting models and prompts. The emerging risk surface lies in the execution layer. Within this layer, AI agents interact with real-world systems through tools and protocols such as the Model Context Protocol (MCP). Unlike traditional APIs that operate on stateless request-response models, agentic interactions are stateful and session-aware. Individual tool calls may appear legitimate in isolation but can represent a malicious operation when evaluated across a full sequence of agent-driven actions.
In this session, Upstream’s Sarit Kozokin, VP of Product Management examines these risks through an automotive lens. She will dissect how the transition to AI-powered systems introduces a critical Action Layer where vulnerabilities can translate into immediate physical risks.
By correlating agent behavior with API activity and physical outcomes, cyber teams can secure the data-to-action pipeline. This talk provides the blueprint needed to govern complex agentic environments and ensure that the next generation of autonomous machines remains resilient against sophisticated manipulation.