Episode 65 · April 16, 2026 · 39m listen · 8,024 words · ~40 min read
Vibe Coding Security Risks & Malicious Injection with Jake Rodriguez of Triangle Tech | Ep. 66 - Full Transcript | The Med Device Cyber Podcast
Read the complete, searchable transcript of Episode 65 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.
Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.
Episode summary
In this episode of the Med Device Cyber Podcast, hosts Trevor Slattery and Christian Espinosa are joined by special guest Jake Rodriguez, CEO and Founder of Triangle Tech. Jake shares his unconventional journey from a pre-pharmacy track at Virginia Commonwealth University to becoming a B2B marketing entrepreneur specializing in the pharma, life science, and tech sectors. His pivot was sparked during the COVID-19 pandemic while researching the differences between traditional and mRNA vaccines. Frustrated by the lack of accessible information on traditional methods, he delved into Google SEO, which ignited a passion for digital marketing and led to the creation of his own agency.
The core of the conversation revolves around the intersection of artificial intelligence, marketing, and cybersecurity. The group discusses the significant shift in user behavior, with younger generations increasingly turning to Large Language Models (LLMs) like Gemini, Claude, and ChatGPT for information, moving away from traditional Google searches. This transition presents new challenges and opportunities for SEO, as companies must now optimize their content not just for search engines but for AI-driven platforms. Jake explains that these LLMs often pull information from high-traffic, user-generated content sites like Reddit and Quora, making a multi-channel, omnichannel brand presence more critical than ever. The discussion also introduces the emerging concept of "vibe coding," a more fluid and creative approach to software development where developers use AI to rapidly generate applications based on an idea or a "vibe" rather than a rigid set of specifications, a method starkly contrasted with the highly structured and regulated process required for medical device software.
The podcast also delves into the security implications of this technological wave. A major concern raised is the potential for malicious actors to exploit AI. Through creative prompt engineering, hackers can trick AI models into bypassing their built-in safety guardrails to generate malicious code or reveal sensitive information. The hosts draw parallels between this and traditional social engineering, but now targeted at AI instead of people. The conversation touches upon everyday cybersecurity risks, such as users unknowingly granting invasive permissions to mobile applications, allowing them to access microphones and cameras. This highlights a broader theme of a lack of consumer awareness regarding digital privacy. The participants agree that while AI is a powerful tool for ideation and refining content, its unreliability, potential for hallucinations, and security vulnerabilities make it unsuitable for critical, end-to-end development in regulated industries like medical technology, where safety and verifiability are paramount.
Key takeaways from this episode
The way people search for information is shifting from traditional search engines like Google to AI-powered Large Language Models (LLMs) such as Gemini, Claude, and ChatGPT.
While AI is a powerful tool for brainstorming and content creation, it's not a replacement for human oversight, as it can be unreliable and susceptible to bias.
"Vibe coding" is a new trend where developers use AI to build applications based on creative ideas and general flow, rather than strict, traditional software engineering specifications.
Relying solely on AI to build critical software, especially in regulated fields like medical devices, is unsafe and would not pass compliance standards like those set by the FDA.
Malicious actors can use 'prompt engineering' to trick AI into bypassing its safety guardrails, a modern form of social engineering targeted at machines.
Users often grant invasive permissions to mobile apps without understanding the privacy risks, allowing potential access to their microphone, camera, and personal data.
Effective marketing in the AI era requires an omnichannel strategy, as LLMs often pull data from diverse, high-traffic platforms like Reddit, Quora, and YouTube.
A brand's aesthetic and social status, exemplified by Apple's iPhone, can be a powerful marketing tool that creates strong consumer loyalty, sometimes independent of technical superiority.
Full episode transcript
Page 1 of 9· Paragraphs 1 - 16
'You're more going towards Gemini and Perplexity and Claude. I think OpenAI kind of took the L, but in the future is going to be doing more LLM search instead of Google search. But of course, if you're skeptical and you really want the real answers, it's best to use Google to validate your sources.' If you turn over the reins to AI and say, 'Build me a medical device,' the FDA is going to burn the building down. You're never going to be able to have a safe and effective product. Why would the China Airlines app need access to my microphone or my camera? So I think most people just click on next, next, next, next, next. And pretty soon, like their phone is listening to things they don't even know, but they gave it permission. The whole brand of Apple just got into their heads and now they're like, I have to have an Apple. Could you explain this vibe coder thing? You're like smoking pot and like coding or something? People are creating apps based on creativity, something random that they want to make, turn it into an app or a website. Before you were just doing it to people, now you're doing it to the AI. Malicious actors are getting pretty good at this. Creative prompting to try to trick the AI and break it out of its own guardrails. And so that's where you start to see those really malicious use cases.
Hello and welcome back to the Med device Cyberpodcast. Today we're wrapping up the quarter. We've got a really exciting conversation ahead. We're going to dive into some exciting topics around AI and marketing, cyber security and how any of those three things can tie together.
I'm your co-host Trevor Slattery joined with our other co-host Christian Espinosa as usual. And here we have a really special guest today Jake. I'll go ahead and turn it over to you for a little bit of an intro and love to hear a bit about what you're working on.
Yeah, hello everyone. My name is Jake and I guess starting with my origin story. I went to college in Richmond, Virginia, Commonwealth University. And there I was on the pre-pharmacy track. Um worked in a pharmacy as a tech and didn't really like it. Um explored different areas such as the realm of research and during my time in undergrad, I did a research project on heparan sulfate and it really opened my eyes to um the pharmaceutical industry and ever since then, you know, I've been in process science and pharmaceutical manufacturing and how I got into marketing, well, that's a funny story.
So when COVID hit, I was trying to find out what was the differentiation between traditional vaccines and these new mRNA vaccines, and I couldn't find a lot of information on traditional back scenes and so I looked up why was this happening and it brought me into Google SEO and I just went down a rival hole of understanding SEO and marketing and you know ever since then, I've just been learning more about marketing and then I started my own B2C agency called Let's social media and recently I kind of rebranded and turned into B2B. So now I'm working with clients in pharma, life, um a little bit of tech and manufacturing vendors.
And where are you coming to us from?
I am currently in Raleigh, North Carolina.
Cool, I have a couple questions. uh you mentioned like Farm tech, they just like count the pills of putting the bottles. is that in like explain like the side effects? I know you said you left it because you're bored with it. Is that pretty much true?
So as a pharmacy technician, you're calling patients, you're calling nurses and doctors, handling, you know, patient transactions and stuff like that. I didn't really handle the drug side of things. That's what a pharmacist would do.
Okay, that's a pharmacist. I I don't know all.
That's a lot of admin work.
Cuz you have to like go to pharmacy school or something, but I just see them like taking like a massive amount of pills and like, you know, counting them one by one to put them in a bottle and give them to a patient. I'm like, yo, why do you have to go to a massive a lot of school for this. This seems pretty simple, but.
pretty intensive school too. And I mean.
I mean, they have to understand the side effects of what would happen if.
It's on the bottle though. It's on the bottle. They print out the label, they print out on the on the bottles.
I don't think a lot of people understand SEO, you mentioned the term SEO which is search engine optimization. I I probably spent thousands of hours myself trying to master SEO and you know, it always changed a little bit uh especially with AI. and now you have to be search engine optimized for AI um platforms. so they can if someone searches in chat GPT, they can find your organization. So maybe let's like step a little bit back and explain Jake from your perspective what SEO is and some of the things we can do to optimize that.