Sign up to save your podcasts
Or
Share Ep150: Security Considerations for Generative AI with CyberArk, Fortra and Sysdig
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep150: Security Considerations for Generative AI with CyberArk, Fortra and Sysdig
Security leaders from CyberArk, Fortra, and Sysdig share actionable strategies for securely implementing generative AI and reveal real-world insights on data protection and agent management.
Topics Include:
- Panel explores practical security approaches for GenAI from prototype to production
- Three-phase framework discussed: planning, pre-production, and production security considerations
- Security must be built-in from start - data foundation is critical
- Understanding data location, usage, transformation, and regulatory requirements is essential
- Fortra's security conglomerate approach integrates with AWS native tools and partners
- Machine data initially easier for compliance - no PII or HIPAA concerns
- Identity paradigm shift: agents can dynamically take human and non-human roles
- 97% of organizations using AI tools lack identity and access policies
- Security responsibility increases as you move up the customization stack
- OWASP Top 10 for GenAI addresses prompt injection and data poisoning
- Rigorous model testing including adversarial attacks before deployment is crucial
- Sysdig spent 6-9 months stress testing their agent before production release
- Tension exists between moving fast and implementing proper security controls
- Different security approaches needed based on data sensitivity and model usage
- Zero-standing privilege and intent-based policies critical for agent management
- Multi-agent systems create "Internet of Agents" with exponentially multiplying risks
- Discovery challenge: finding where GenAI is running across enterprise environments
- API security and gateway protection becoming critical with acceptable latency
- Top customer need: translating written AI policies into actionable controls
- Threat modeling should focus on impact rather than just vulnerability severity
Participants:
- Prashant Tyagi - Go-To-Market Identity Security Technology Strategy Lead, CyberArk
- Mike Reed – Field CISO, Cloud Security & AI, Fortra
- Zaher Hulays – Vice President Strategic Partnerships, Sysdig
- Matthew Girdharry - WW Leader for Observability & Security Partnerships, Amazon Web Services
Further Links:
- CyberArk: Website – LinkedIn – AWS Marketplace
- Fortra: Website – LinkedIn – AWS Marketplace
- Sysdig: Website – LinkedIn – AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
View all episodes
By AWS - Amazon Web Services
5
99 ratings
Security leaders from CyberArk, Fortra, and Sysdig share actionable strategies for securely implementing generative AI and reveal real-world insights on data protection and agent management.
Topics Include:
- Panel explores practical security approaches for GenAI from prototype to production
- Three-phase framework discussed: planning, pre-production, and production security considerations
- Security must be built-in from start - data foundation is critical
- Understanding data location, usage, transformation, and regulatory requirements is essential
- Fortra's security conglomerate approach integrates with AWS native tools and partners
- Machine data initially easier for compliance - no PII or HIPAA concerns
- Identity paradigm shift: agents can dynamically take human and non-human roles
- 97% of organizations using AI tools lack identity and access policies
- Security responsibility increases as you move up the customization stack
- OWASP Top 10 for GenAI addresses prompt injection and data poisoning
- Rigorous model testing including adversarial attacks before deployment is crucial
- Sysdig spent 6-9 months stress testing their agent before production release
- Tension exists between moving fast and implementing proper security controls
- Different security approaches needed based on data sensitivity and model usage
- Zero-standing privilege and intent-based policies critical for agent management
- Multi-agent systems create "Internet of Agents" with exponentially multiplying risks
- Discovery challenge: finding where GenAI is running across enterprise environments
- API security and gateway protection becoming critical with acceptable latency
- Top customer need: translating written AI policies into actionable controls
- Threat modeling should focus on impact rather than just vulnerability severity
Participants:
- Prashant Tyagi - Go-To-Market Identity Security Technology Strategy Lead, CyberArk
- Mike Reed – Field CISO, Cloud Security & AI, Fortra
- Zaher Hulays – Vice President Strategic Partnerships, Sysdig
- Matthew Girdharry - WW Leader for Observability & Security Partnerships, Amazon Web Services
Further Links:
- CyberArk: Website – LinkedIn – AWS Marketplace
- Fortra: Website – LinkedIn – AWS Marketplace
- Sysdig: Website – LinkedIn – AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
More shows like AWS for Software Companies Podcast
View all
Planet Money
30,782 Listeners
Hidden Brain
43,673 Listeners
Economist Podcasts
4,158 Listeners
The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch
535 Listeners
Security Now (Audio)
2,004 Listeners
The a16z Show
1,096 Listeners
CyberWire Daily
1,021 Listeners
Super Data Science: ML & AI Podcast with Jon Krohn
302 Listeners
Cybersecurity Today
178 Listeners
Practical AI
205 Listeners
AWS Podcast
204 Listeners
Dwarkesh Podcast
518 Listeners
Cybersecurity Headlines
139 Listeners
Hard Fork
5,522 Listeners
AI + a16z
35 Listeners