Patrick Walsh - Hidden Risks of Integrating AI: Extracting Private Data with Real-World Exploits скачать в хорошем качестве

Patrick Walsh - Hidden Risks of Integrating AI: Extracting Private Data with Real-World Exploits

This talk explores the hidden risks in apps leveraging modern AI systems—especially those using large language models (LLMs) and retrieval-augmented generation (RAG) workflows—and demonstrates how sensitive data, such as personally identifiable information (PII), can be extracted through real-world attacks. We’ll dive into techniques like model inversion attacks targeting fine-tuned models, and embedding inversion attacks on vector databases—key components in RAG architectures that supply private data to LLMs for answering specific queries. The session includes live demonstrations of prompt injections, sensitive data disclosures, system prompt leakage, vector store vulnerabilities, and model inversion—drawing from nearly half of the OWASP Top 10 risks for LLM applications. Attendees will gain a clear understanding of how these systems operate in practice, where the most critical vulnerabilities lie, and how to build AI-powered applications while minimizing exposure to these emerging threats. --- Patrick Walsh Co-founder and CEO of IronCore Labs Patrick Walsh has more than 20 years of experience building security products and enterprise SaaS solutions. Most recently he ran an Engineering division at Oracle, bringing productivity and insights to the world’s largest companies. Patrick now leads IronCore Labs, a technology platform that helps businesses get back control of their data so they can meet increasingly stringent data protection requirements.