Safe AI Implementation

Red models associated with AI technologies highlight real-world
vulnerabilities and the importance of proactive security
measures. It is vital to educate users about how to explore the
challenges and keep AI systems secure. Today’s guest is Dr.
Aditya Sood.


Dr. Sood is the VP of Security Engineering and AI Strategy at
Aryaka and is a security practitioner, researcher, and consultant
with more than 16 years of experience. He obtained his PhD in
computer science from Michigan State University and has authored
several papers for various magazines and journals.


In this conversation, he will shed light on AI-driven threats,
supply chain risks, and practical ways organizations can stay
protected in an ever-changing environment. Get ready to learn how
the latest innovations and evolving attack surfaces affect
everyone from large companies to everyday users, and why a
proactive mindset is key to staying ahead.
Show Notes:

[01:02] Dr. Sood has been working in the security industry
for the last 17 years. He has a PhD from Michigan State
University. Prior to Aryaka, he was a Senior Director of Threat
Research and Security Strategy for the Office of the CTO at F5.

[02:57] We discuss how security issues with AI are on the
rise because of the recent popularity and increased use of AI.

[04:18] The large amounts of data are convoluting how things
are understood, the complexity is rising, and the threat model is
changing.

[05:14] We talk about the different AI attacks that are being
encountered and how AI can be used to defend against these
attacks.

[06:00] Pre-trained models can contain vulnerabilities.

[07:01] AI drift or model or concept drift is when data in
the training sets is not updated. The data can be used in a
different way. AI hallucinations also can create false output.

[08:46] Dr. Sood explains several types of attacks that
malicious actors are using.

[10:07] Prompt injections are also a risk.

[12:13] We learn about the injection mapping strategy.

[13:54] We discuss the possibilities of using AI as a tool to
bypass its own guardrails.

[15:18] It's an arms race using AI to attack Ai and using AI
to secure AI.

[16:01] We discuss AI workload analysis. This helps to
understand the way AI processes. This helps see the authorization
boundary and the security controls that need to be enforced.

[17:48] Being aware of the shadow AI running in the
background.

[19:38] Challenges around corporations having the right
security people in place to understand and fight vulnerabilities.

[20:55] There is risk with the data going to the cloud
through the LLM interface.

[21:47] Dr. Sood breaks down the concept of shadow AI.

[23:50] There are also risks for consumers using AI.

[29:39] The concept of Black Box AI models and bias being
built into the particular AI.

[33:45] The issue of the ground set of truth and how the
models are trained.

[37:09] It's a balancing act when thinking about the ground
set of truth for data.

[39:08] Dr. Sood shares an example from when he was
researching for his book.

[39:51] Using the push and pretend technique to trick AI into
bypassing guardrails.

[42:51] We talk about the dangers of using APIs that aren't
secure.

[43:58] The importance of understanding the entire AI
ecosystem.



Thanks for joining us on Easy Prey. Be sure to subscribe to
our podcast on iTunes and leave a nice review. 
Links and Resources:

Podcast Web Page

Facebook Page

whatismyipaddress.com

Easy Prey on Instagram

Easy Prey on Twitter

Easy Prey on LinkedIn

Easy Prey on YouTube

Easy Prey on Pinterest

Aditya K Sood

Aditya K Sood - LinkedIn

Aditya K Sood - X

Aryaka

COMBATING CYBERATTACKS TARGETING THE AI ECOSYSTEM: Assessing
Threats, Risks, and Vulnerabilities

Empirical Cloud Security: Practical Intelligence to Evaluate
Risks and Attacks

Empirical Cloud Security: Practical Intelligence to Evaluate
Risks and Attacks