L. Elliott Abraham’s Post

This is the type of creativity and innovation that is needed when you are applying generative AI to security usecases.

AI-driven technologies, like AI chatbots, have access to a lot of data and functions that help users in many ways. These include answering product questions, helping write code, and changing passwords. However, if not protected properly, these AI systems might share important data or perform harmful actions beyond their intended functions. In Veracode's latest blog, learn how Manual Penetration Testing can help strengthen the security of your AI chatbots, safeguarding them against potential vulnerabilities outlined in the OWASP Top 10 for LLMs. 

Great discussion on Generative AI. As security leaders, there ia both good and bad that will challenge us to secure our organizations. From firmware exploitation to misleading code, hackers are going to write more sophisticated means of generating trust only to inject bad objects into our systems.

As more companies rush to embrace AI, basic developer security hygiene has never been more important. See how far the problem has spread in this article in ZDNET- then see how Codezero Technologies Inc. can help you get it under control quickly and with minimal disruption to your developers. https://lnkd.in/e82VJkra

If 2024 had a question-of-the-year, it would be "How can we use AI to improve [fill in the blank]." In this session from LeanAppSec Winter 2024, AI-expert Rob van der Veer (Sr Director, Software Improvement Group) answers that question for appsec professionals. Watch now >>> https://lnkd.in/ggd28axP He covers: 👉 The security of AI systems 👉 Using AI as a security tool 👉 Building the OpenCRE chatbot #security #cybersecurity #aisecurity #aiml #ai #aiadoption #appsec #appsecurity #leanappsec

In the second chapter of a series of educational pieces captured during our time at RSAC, learn about unique vulnerabilities in the AI supply chain and how they differ from traditional software security. Protect AI's Adam Nygate sheds light on AI supply chain main asset classes and emerging threats such as prompt injection, prompt extraction, and data extraction and data poisoning and the cutting-edge tools developed to keep your AI supply chain secure. Read more here --> https://hubs.ly/Q02CGKGR0 or check out the full video --> https://hubs.ly/Q02CHbVT0 #AISecurity #MLSecOps #AIsupplychain #vulnerabilitydatabase

Cybercriminals are using AI and machine learning in increasingly sophisticated ways to exploit vulnerabilities. Learn how these technologies can be manipulated and discover steps you can take to protect your organization. Check out our latest article for tips on securing your AI systems and safeguarding your data during #CybersecurityAwarenessMonth. Read here: https://loom.ly/tRubyz0

Researchers claim to have created a GPT-4 agent that can autonomously exploit web vulnerabilities in real-world systems with an 87% success rate. We're not too far away from seeing fully autonomous exploits. This new era, where AI can both find and exploit software bugs at scale, demands AI-powered defenses. https://lnkd.in/egYPrNfQ

Sonar has announced it will be a contributing member of the U.S. Artificial Intelligence Safety Institute Consortium (AISIC), established by the Department of Commerce’s National Institute of Standards and Technology (NIST). As a participant in AISIC, Sonar will help NIST implement, iterate on, sustain, and extend priority projects in research, testing, and guidance on AI safety. With how popular and fast AI has become within the last year, I am excited to see how Sonar will contribute to this initiative! #AI #GenAI #security #cybersecurity #AISIC #CleanCode #CleanasYouCode

"Using AI to automate the fixing problem just kills so many birds with one stone. You're fixing the old code that was written by developers years ago that you didn't get to, and it can fix the new code that the generative AI is creating."    Chris Wysopal, CTO and co-founder of Veracode, sat down with Information Security Media Group (ISMG) on the #RSAC floor, where he discussed:   ✔️ The challenge of navigating AI's risks and rewards in #AppSec ✔️ The importance of high quality and trusted datasets to train AI models ✔️ Veracode's strategies for integrating #AI to enhance application security   Watch the full interview to learn more about the latest advancements within the AI #cybersecurity landscape: