当前位置:首页 > 报告详情

SOC 必须继续:保护云安全.pptx

上传人: 一*** 编号:653521 2025-05-01 27页 11.45MB

1、Sergej Epp,Chief Information Security Officer,The SOC Must Go On:Securing the Cloud&AI,2,My first experience with Neural NetworksJoeBot for CounterStrike(2001),3,4,2010Security trying to keep up with Threat Actors2015Security trying to keep up with Software Engineers2025Security trying to keep up wi

2、th AI Agents.,5,SCARLETEEL:220 Seconds From Zero to Data,Sysdig Cloud Threat Report,6,Cloud Security Expands from Posture to Runtime,I Can Secure My Borders,I can fix vulnerabilities in-time!My supply chain doesnt have backdoorsAI agents are totally secure!,Assume Breach,80%code is open source(e.g.b

3、ackdoors like XZ)*24%of cloud vulnerabilities are exploited before patch exists*Cloud attacks unfold in 10 minAI agents are untrusted,RUNTIME&REALTIME,POSTURE,7,Threat Model:From ChatBots to Agents,Model leaks,Training data biases,Data leaks,Training data poisoning,Hallucinations,Malicious/Backdoore

4、d model,LLM,Prompt&Response,TrainingData,Guardrails,Threats,ChatBot,8,Threat Model:From ChatBots to Agents,Model leaks,Training data biases,Data leaks,Training data poisoning,Hallucinations,Malicious/Backdoored model,LLM,Prompt&Response,Plugins,TrainingData,RAG:Unauthorized data leak,RAG:Integrity&P

5、oisoning,RAG:Indirect Prompt Injections,Memory,Guardrails,Threats,+,ChatBot,RAG,9,Threat Model:From ChatBots to Agents,Integration(API)misuse,Code execution,Plugin hijacking,Model leaks,Training data biases,Data leaks,Training data poisoning,Hallucinations,Malicious/Backdoored model,LLM,Prompt&Respo

6、nse,Plugins,Tools,TrainingData,RAG:Unauthorized data leak,RAG:Integrity&Poisoning,RAG:Indirect Prompt Injections,Memory,Reasoning,Guardrails,Threats,+,+,ChatBot,RAG,Agent,10,AI Works Only with Command and Code Execution,11,Shift Left for AI Models is Fake,12,Your AI Workload Is Your New Perimeter,In

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
客服
商务合作
小程序
服务号
折叠