Securing the AI SDLC – Niv Braun – ASW #315
A lot of AI security boils down to the boring, but important, software security topics that appsec teams have been dealing with for decades. Niv Braun explains the distinctions between AI-related and AI-specific security as we avoid the FUD and hype of genAI to figure out where appsec teams can invest their time. He notes that data scientists have been working with ML and sensitive data sets for a long time, and it's good to have more scrutiny on what controls should be present to protect that data.
This segment is sponsored by Noma Security. Visit https://securityweekly.com/noma to learn more about them!
Guest
Niv is the CEO of Noma Security, a stealth cybersecurity startup tackling the ambitious goal of providing security, governance, and compliance across the entire Data & AI Lifecycle. Prior to founding Noma Security, Niv honed his skills as a security manager in Unit 8200, the elite cyber unit of the Israeli Defense Forces, where he collaborated with top experts at the intersection of security and AI. He went on to lead the security products business unit at Verint, experiencing first-hand the undeniable opportunities and unique security challenges of AI. As a core member of the OWASP AI Exchange and a contributor to public policy and community frameworks, Niv is deeply involved in advancing best practices in AI security.