Practical Applications and Future Predictions for AI Security in 2024

06/17/24 • 44 min

What is the current state and future potential of AI Security? This special episode was recorded LIVE at BSidesSF (thats why its a little noisy), as we were amongst all the exciting action. Clint Gibler, Caleb Sima and Ashish Rajan sat down to talk about practical uses of AI today, how AI will transform security operations, if AI can be trusted to manage permissions and the importance of understanding AI's limitations and strengths.

Questions asked:

(00:00) Introduction

(02:24) A bit about Clint Gibler

(03:10) What top of mind with AI Security?

(04:13) tldr of Clint’s BSide SF Talk

(08:33) AI Summarisation of Technical Content

(09:47) Clint’s favourite part of the talk - Fuzzing

(15:30) Questions Clint got about his talk

(17:11) Human oversight and AI

(25:04) Perfection getting in the way of good

(30:15) AI on the engineering side

(36:31) Predictions for AI Security

Resources from this coversation:

Caleb's Keynote at BSides SF

Clint's Newsletter

Questions asked:

(00:00) Introduction

(02:24) A bit about Clint Gibler

(03:10) What top of mind with AI Security?

(04:13) tldr of Clint’s BSide SF Talk

(08:33) AI Summarisation of Technical Content

(09:47) Clint’s favourite part of the talk - Fuzzing

(15:30) Questions Clint got about his talk

(17:11) Human oversight and AI

(25:04) Perfection getting in the way of good

(30:15) AI on the engineering side

(36:31) Predictions for AI Security

Resources from this coversation:

Caleb's Keynote at BSides SF

Clint's Newsletter

Previous Episode

AI Highlights from RSAC 2024 and BSides SF 2024

Key AI Security takeaways from RSA Conference 2024, BSides SF 2024 and all the fringe activities that happen in SF during that week. Caleb and Ashish were speakers, panelists, participating in several events during that week and this episode captures all the highlights from all the conversations they had and they trends they saw during what they dubbed the "Cybersecurity Fringe Festival” in SF.

Questions asked:

(00:00) Introduction

(02:53) Caleb’s Keynote at BSides SF

(05:14) Clint Gibler’s Bsides SF Talk

(06:28) What are BSides Conferences?

(13:55) Cybersecurity Fringe Festival

(17:47) RSAC 2024 was busy

(19:05) AI Security at RSAC 2024

(23:03) RSAC Innovation Sandbox

(27:41) CSA AI Summit

(28:43) Interesting AI Talks at RSAC

(30:35) AI conversations at RSAC

(32:32) AI Native Security

(33:02) Data Leakage in AI Security

(30:35) Is AI Security all that different?

(39:26) How to filter vendors selling AI Solutions?

Next Episode

Exploring Top AI Security Frameworks

Which AI Security Framework is right for you? As AI is gaining momentum, we are starting to see quite a few frameworks appearing but the question is, which one should you start with and can AI help you decide! Caleb and Ashish tackle this challenge head-on, comparing three major AI security frameworks: Databricks, NIST, and OWASP Top 10. They break down the key components of each framework, discuss practical implementation strategies, and provide actionable insights for CISOs and security leaders. They may have had some help along the way.

Questions asked:

(00:00) Introduction

(02:54) Databricks AI Security Framework (DASF)

(06: 38) Top 3 things from DASF by Claude 3

(07:32) Top 3 things from DASF by ChatGPT

(08:46) DASF Use Case Scenario

(11:01) Thoughts on DASF

(13:18) OWASP Top 10 for LLM Models

(20:12) Google's Secure AI Framework (SAIF)

(21:31) NIST AI Risk Management Framework

(25:18) Claude 3 summarises NIST RMF for 5 year old

(28:00) ChatGPT compares NIST RMF and NIST CSF