Securing Azure Open AI apps in the Enterprise
Karl Ots
BSidesSF 2024 · Day 1
This talk, presented by Karl Ots at BSidesSF 2024, delves into the critical and often complex task of securing Azure OpenAI applications within an enterprise environment. As a consultant specializing in cloud and security, with a recent focus on AI, Ots shares lessons learned from a real-world engagement with a large banking organization. The core of the presentation addresses the challenges faced when integrating a rapidly adopted, "generally available" generative AI service into a highly regulated and continuously audited corporate infrastructure.
AI review
This talk provides a brutally honest and technically deep assessment of securing Azure OpenAI in an enterprise context. It cuts through vendor marketing to expose the actual controls available, their limitations, and the necessary workarounds. The speaker's hands-on experience in uncovering undocumented features and highlighting the 'black box' nature of the service offers critical, actionable insights for anyone deploying this technology.