Securing Generative AI: Is it all an Illusion?
Rachana Doshi, Michael Samson
BSidesSF 2024 · Day 1
This talk, "Securing Generative AI: Is it all an Illusion?", delivered by Rachana Doshi and Michael Samson from Salesforce, addresses the critical and rapidly evolving challenge of securing **Generative AI** systems, particularly those leveraging **Large Language Models (LLMs)**. The speakers highlight the unprecedented speed at which Generative AI technologies, exemplified by ChatGPT's ascent to 100 million users in just two months, have been adopted across enterprises. This rapid integration has left security teams with mere weeks or months to establish robust security postures, a stark contrast to the years typically afforded for assessing and securing prior technological advancements.
AI review
This talk provides a pragmatic and technically sound overview of securing generative AI systems within an enterprise context. The speakers effectively break down the unique threat landscape introduced by LLMs, covering common attack vectors like prompt injection and data exfiltration, and then pivot to actionable technical controls. While not revealing novel zero-days, the session offers a crucial synthesis of existing security principles applied to a rapidly evolving technology, making it highly relevant for practitioners grappling with GenAI adoption.