In this episode of the ChAI Chat podcast, host Jomar Gacoscos welcomes Ads Dawson, a Staff AI Security Researcher. They discuss their first meeting at DEFCON, Ads' journey from information security to AI security. Ads shares his insights on his contributions to OWASP and the ethical considerations surrounding AI security, emphasizing the importance of understanding vulnerabilities in AI applications. Ads and Jomar Gacoscos also delve into the complexities of vulnerabilities in LLM applications, particularly focusing on OWASP top 10 vulnerabilities for LLMs, particularly LLM08: Excessive Agency and LLM10: Model Theft. They discuss the implications of Anthropic's new computer use feature and the associated security risks. 

Resources and Links

Podcast Guest, AI Security Researcher Ads Dawson (aka GangGreenTemperTatum)

https://www.linkedin.com/in/adamdawson0/ 

https://github.com/GangGreenTemperTatum 

AI Security Researcher Johann Rehberger (aka Embrace The Red)

https://embracethered.com/blog/ 

https://x.com/wunderwuzzi23 

OWASP Top 10 for LLMs

https://owasp.org/www-project-top-10-for-large-language-model-applications/ 

Proof Pudding (CVE-2019-20634)

https://avidml.org/database/avid-2023-v009/ 

https://github.com/moohax/Proof-Pudding 

Chapters

0:00 Introduction to the ChAI Chat Podcast
2:47 Meeting at DefCon - A Unique Experience
5:46 Ads Dawson's Journey into AI Security
8:53 Transition into AI Security
11:49 Understand Cybersecurity and AI Security Intersections
14:58 Contribution to OWASP and AI Security Projects
17:36 Exploring Vulnerabilities in AI Applications
23:15 Understanding OWASP Vulnerabilities in LLM Applications
23:53 Exploring Excessive Agency Vulnerability (LLM08)
28:10 Model Theft (LLM10) and Its Implications 
34:23 Anthropic's Computer Use Feature and Security Risks
42:54 Community Engagement and Networking in InfoSec