27 min listen
Real-life Examples. Benefits, Risk & Security Implications of AI - Frank Catucci - ASW #234
Real-life Examples. Benefits, Risk & Security Implications of AI - Frank Catucci - ASW #234
ratings:
Length:
38 minutes
Released:
Mar 28, 2023
Format:
Podcast episode
Description
With the increased interest and use of AI such as GTP 3/4, ChatGPT, GitHub Copilot, and internal modeling, there comes an array of use cases and examples for increased efficiency, but also inherent security risks that organizations should consider. In this talk, Invicti’s CTO & Head of Security Research Frank Catucci discusses potential use cases and talks through real-life examples of using AI in production environments. Frank delves into benefits, as well as security implications, touching on a number of security aspects to consider, including security from the supply chain perspective, SBOMs, licensing, as well as risk mitigation, and risk assessment. Frank also covers some of the types of attacks that might happen as a result of utilizing AI-generated code, like intellectual property leaking via a prompt injection attack, data poisoning, etc. And lastly, Frank shares the Invicti security team's real-life experience of utilizing AI, including early successes and failures. Segment Resources: On-demand webinar on the topic of generative AI - https://www.scmagazine.com/cybercast/generative-ai-understanding-the-appsec-risks-and-how-dast-can-mitigate-them Invicti Research - https://www.invicti.com/blog/web-security/analyzing-security-github-copilot-suggestions/ - https://github.com/svenmorgenrothio/Prompt-Injection-Playground This segment is sponsored by Invicti. Visit https://securityweekly.com/invicti to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw234
Released:
Mar 28, 2023
Format:
Podcast episode
Titles in the series (100)
Google, Intel, Mozilla, and Starbucks - Application Security Weekly #00: In the Application Security News, Paul and Keith talk about impatient employers designing their own courses, measurable CPU differences in AWS from Intel CPU vulnerabilities, the CEO of Intel selling a gigantic amount of stock, and Starbucks Wi-Fi... by Application Security Weekly (Video)