Ep150: Security Considerations for Generative AI with CyberArk, Fortra and Sysdig

Security leaders from CyberArk, Fortra, and Sysdig share actionable strategies for securely implementing generative AI and reveal real-world insights on data protection and agent management.Topics Include:Panel explores practical security approaches for GenAI from prototype to productionThree-phase framework discussed: planning, pre-production, and production security considerationsSecurity must be built-in from start - data foundation is criticalUnderstanding data location, usage, transformation, and regulatory requirements is essentialFortra's security conglomerate approach integrates with AWS native tools and partnersMachine data initially easier for compliance - no PII or HIPAA concernsIdentity paradigm shift: agents can dynamically take human and non-human roles97% of organizations using AI tools lack identity and access policiesSecurity responsibility increases as you move up the customization stackOWASP Top 10 for GenAI addresses prompt injection and data poisoningRigorous model testing including adversarial attacks before deployment is crucialSysdig spent 6-9 months stress testing their agent before production releaseTension exists between moving fast and implementing proper security controlsDifferent security approaches needed based on data sensitivity and model usageZero-standing privilege and intent-based policies critical for agent managementMulti-agent systems create "Internet of Agents" with exponentially multiplying risksDiscovery challenge: finding where GenAI is running across enterprise environmentsAPI security and gateway protection becoming critical with acceptable latencyTop customer need: translating written AI policies into actionable controlsThreat modeling should focus on impact rather than just vulnerability severityParticipants:Prashant Tyagi - Go-To-Market Identity Security Technology Strategy Lead, CyberArkMike Reed – Field CISO, Cloud Security & AI, FortraZaher Hulays – Vice President Strategic Partnerships, SysdigMatthew Girdharry - WW Leader for Observability & Security Partnerships, Amazon Web ServicesFurther Links:CyberArk: Website – LinkedIn – AWS MarketplaceFortra: Website – LinkedIn – AWS MarketplaceSysdig: Website – LinkedIn – AWS MarketplaceSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

There are no comments yet.

Please log in to write the first comment.