In this Imperva Brand Story episode with CTO and CISO, Kunal Anand, Sean Martin and Marco Ciappelli explore the sometime-mysterious workings of AI, its role in cybersecurity, and the need for businesses to adapt to this AI-driven paradigm.
In this Imperva Brand Story episode with CTO and CISO, Kunal Anand, Sean Martin and Marco Ciappelli explore the sometime-mysterious workings of AI, its role in cybersecurity, and the need for businesses to adapt to this AI-driven paradigm. Together, they examine the unpredictable nature of AI, highlighting how even the brightest minds struggle to fully comprehend why and how these models function.
The discussion also explores the concept of adversarial AI, painting a picture of a future where AI plays a significant role in both cyber attacks and defense strategies.
Throughout the conversation, the hosts touch on the economic implications of AI, underscoring the substantial costs associated with running experiments and training large models. They suggest that the companies capable of leveraging AI will be the ones to lead the market, while those that fail to adapt may find themselves outpaced and outmaneuvered.
The future of AI is also a key topic in this episode, with the hosts predicting a shift towards bespoke models that businesses can run in their own environments. They introduce listeners to the concepts of Grounded LM and RAG, hinting at their potential to revolutionize the use of AI in cybersecurity.
This episode of ITSPmagazine provides listeners with a thought-provoking exploration of AI's role in cybersecurity that you simply can't miss. The discussion illuminates the potential for continued innovation, emphasizing the necessity for businesses to adapt to an increasingly AI-driven landscape.
Note: This story contains promotional content. Learn more.
Guest: Kunal Anand, CTO and CISO at Imperva [@Imperva]
On Linkedin | https://www.linkedin.com/in/kunalanand/
On Twitter | https://twitter.com/ka
Resources
Learn more about Imperva and their offering: https://itspm.ag/imperva277117988
Catch more stories from Imperva at https://www.itspmagazine.com/directory/imperva
Are you interested in telling your story?
https://www.itspmagazine.com/telling-your-story
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Sean Martin: Marco.
[00:00:01] Marco Ciappelli: Sean.
[00:00:02] Sean Martin: I. A.
[00:00:03] Marco Ciappelli: I.ROBOT?
[00:00:05] Sean Martin: Oh wait, I was hallucinating. I'm sorry. A. I.
[00:00:12] Marco Ciappelli: Oh, are you smart?
[00:00:14] Sean Martin: Did you trust me in my first message?
[00:00:19] Marco Ciappelli: Yeah. You know, I, I was just saying before we started this, that I was having a conversation with, uh, with CHAT GPT in the car. And I think I came out as a winner because I told it to shut up on a certain point, but, uh, I was entertained.
I was on the 101, uh, here in LA and just, uh, chilling with, uh, with my buddy, CHAT GPT.
[00:00:43] Sean Martin: Your buddy. I was curious, did you name?
[00:00:47] Marco Ciappelli: No, I should. Is this something we should do?
[00:00:52] Sean Martin: I think so, maybe. I know you yell at it. Oh, I do. I've seen you yell at it. In written form, anyway. But we're not here to talk about your, uh, your, uh, generative AI instance.
We're
[00:01:04] Marco Ciappelli: gonna talk about Kunal's AI.
[00:01:07] Sean Martin: We're gonna talk about Kunal's generative AI instances. Of many there are, I'm sure. He turned me on to a few things, and I realized I'm no longer a coder, but, uh, there are so many ways to access stuff. It's just off the charts. And I think companies are. Doing that, which is why we're here to talk today.
Um, they're, they're trying to figure out how and where, and, and hopefully the what comes out of it at some point, uh, and the, oh I shouldn't have done that. Uh, I'm sure that's there somewhere as well, but, uh, we're going to talk about all that and more, I'm sure. Kunal, it's good to have you on again.
[00:01:52] Kunal Anand: It is great to be here, gents. I'm excited to be here. And I'm also kind of curious about Marco's adventures on the 101 with AI. Uh, but neither here or there, but excited to be back and chatting about a topic that's near and dear to my heart,
[00:02:08] Sean Martin: AI. Well, when, when that conversation leaks, we can all, uh, we can all listen to it.
[00:02:15] Kunal Anand: But the question is. Is it a deepfake? Or is it a real, or would it even be a real conversation? You don't know. You don't know anymore, right?
[00:02:24] Marco Ciappelli: Have you ever seen on, uh, on some, uh, I think TikTok and Instagram where they put one AI next to another two phone and they just let it go at it? That's pretty good.
No, I'm not. No? No. So they get started. I'm not a TikToker. We run and then they talk to each other. No, I'm not on TikTok either, but I've seen it on other platforms.
[00:02:43] Sean Martin: You've seen the TikTok on
Facebook?
[00:02:45] Marco Ciappelli: I've seen the TikTok on Instagram.
[00:02:48] Kunal Anand: On Instagram, even better.
[00:02:51] Marco Ciappelli: Oh my god, anyway, but talking about seeing, uh, you, you have been seen with us many time and heard with us many time, but for those that don't know who Kunal is, uh, quick intro.
[00:03:05] Sean Martin: The fresh crew inter interested in AI and cybersecurity, who's Kunal and what are you gonna, what are you gonna tell us?
[00:03:13] Kunal Anand: Hi, I'm Kunal. I am CTO of Imperva and CISO as well. I spend a lot of time thinking about the intersection of technology and security. And for the last year, I've been going really deep in artificial intelligence.
Started last year, I would say lightly. And then earlier this year, like everybody else. I'm not going to lie and say that, Oh, I read the transformer paper and in 2018, I didn't. I'm just going to tell you the truth. I didn't. I'm not that guy. Instead, like everybody else, I saw what was happening with CHAT GPT and that just really piqued my interest.
And at the beginning of this year, started going really deep, reading papers, coding some things. Getting hands on experience with some of this stuff, practically building things, and this is, uh, it's a wild time. So, yeah, it's a little bit about me, a little bit about my, my most recent passions and interests, and behind me are guitars, and we've talked about music before here, photography as well, so I do a lot of things, and I'm a Los Angelino as well.
I've spent some time on the one on one freeway, but I don't think I've spent time on the one on one freeway with uh, with GPT. I'll have to try that next time.
[00:04:35] Marco Ciappelli: Yep. It's a, it's a completely new experience. The 405, I don't know. 405 might be different, but the 101, the one on one is the, is the thing.
[00:04:46] Kunal Anand: 405 is like bumper cars. I feel like we're doing the SNL sketch right now, which we shouldn't for, for people listening in.
[00:04:53] Marco Ciappelli: That's right. That's right. Let's not go there. Let's not go there. Ugh, Sean, you, you have Kunal here. He knows a lot of things. He thinks a lot. What is the first thing you want to
[00:05:07] Sean Martin: Well, I, I mean, we, we've seen it in, in, uh, coverage in the news that, uh, I mean, the hype.
I mean, we were talking earlier with, uh, somebody about, uh, CES, Consumer Electronics Show, and he was saying that AI was the big topic last year, and it's very rare that the same topic hits as the same topic in the following year, which is happening. This year at CES. So AI continues to be a hot topic and, and that's because people are interested.
And I think they're like you and the three of us together, uh, we we're all playing with it in some fashion and we're, we're individuals and we also have, we do work, right? So we use it for our work. We use it for fun. We use it for work as I know you do as well. We talked about that the other day and. I think with the speed of, of interest and growth and adoption, uh, a lot is surfacing.
So what, are your thoughts on how this is? Let's stick to cybersecurity here. How, how is it impacting our ability to. Detect threats, um, respond to threats. So there's two sides of that coin, right? The, the, the threat itself, and then, then the response part of it.
[00:06:36] Kunal Anand: I think we're approaching the flip the table moment.
And what I mean by that is, you know, for the longest time, I've always sort of rather simplistically. Positioned security mentally, at least for me, as a cat and mouse game, right, where one side tries to get the other or somebody has a malicious intent in mind and they try to take some action and attackers go after something and defenders have to protect it, right?
What's interesting is for the last 20 years. Attackers have naturally just gotten better because defenses have gotten better. Good defense forces someone to get stronger, right? They either try new techniques, they learn new things. What's really interesting is AI, I think completely changes the game and let me kind of unpack AI.
There's AI has been, you know, this broad category of artificial intelligence. Like if you kind of play it out, who knows how many years you eventually. You get to things like AGI, and maybe that's up for debate by some people, but maybe at some point you get to artificial general intelligence, which is not Skynet, but it's something interesting of, uh, cognition, uh, or the ability for these computers to actually, uh, perform something on the level of human cognition.
Right? That's like one element of this. And then the other, the other side of it You know, you kind of think about where we are right now with these large language models, primarily today, and being able to systemically create new things based on past behavior. And that category that I'm really interested in right now is generative AI, right?
So looking at the body of things that you've seen or, or done, whatever it is, putting that into a system. And then in the industry, it's called building a model or training a model and then using that model to do something. And I love where we are now as an industry with things like generative AI of being able to like, Go in and create something new based on what you've already seen.
And in security, there's so many crazy things that I'm seeing right now. Like I'm seeing people building their own malicious models. So there, there been reports earlier this year of stuff like Worm GPT, uh, fraud GPT, you can buy a malicious GPTs like open source. You can buy these things, uh, on the dark web.
I've seen things going for like a thousand bucks for like a thousand bucks. You can buy your own large language model. That'll help you build ransomware as an example. Uh, there's notable cases publicly this year of people building. Interesting ransomware using well known software like OpenAI, uh, OpenAI's GPT as an example to build this stuff.
That's one side of it, these large language models that kind of changes things. And then you have things like vision and object detection that also change some things, like with respect to captions. Like, I'm gonna just go out and say this, and I think people may push back. Captives are dead. Okay, they're dead.
I had our research team do a deep dive in, in an area, and they actually on their own, without me prompting, on their own, the research team went and evaluated every single capture in the world, at least as much as we could get our hands on, and threw it into GPT and asked it to do. Like in the case of ReCAPTCHA, where are the stairs or the traffic lights in the photo?
It got it every time. Or in case of like the interactive CAPTCHAs of like the, Oh, I got to spin this object around or I've got to solve this puzzle. Depending on the way you prompt it, it got it every time too. So I look at this as traditional defenses are going to come under stress, which is going to alter the equation of the cat and mouse game.
So that's, I think, the high level summary of where we are right now, and there's just obviously broad implications for organizations and defenders like Imperva and other companies as well.
[00:11:09] Sean Martin: So is it a matter of we might be looking in the wrong direction? Place, or we might be looking for the wrong thing coming through the same place we always look at, or it might look like something good and it, it's not right.
So it might, might fake, might trick us more. It's probably some, some combination of all that, but your, your thoughts on some of those points.
[00:11:35] Kunal Anand: Yeah, I think it's, I think it's a combination of those things. It could be a general thing of deception where, you know, right now. The bulk of security software, it doesn't matter which vendor you go to, people can talk and wave their hands and say that, Oh, there's behavioral analysis or whatever.
They're just signatures. Okay? Like they're just signatures at the end of the day. And these signatures are really simplistic. If something looks like this, then block it or take some sort of action. What happens when something malicious comes in that doesn't look like X? Well, these signature based systems aren't capable enough to make that call.
They just say, Oh, well, you don't look like this bad thing. So let's let it go through. And I think that's the challenge that we're going to find ourselves in with AI. We may see a model flip, like, and for those who have been doing this long enough, and maybe to sort of elucidate it, there's what's called a positive security model and a negative security model.
A positive security model is You only allow what you want to allow. Negative model is, I don't want to allow certain things. Today, the world pretty much works on a negative model, right? Most solutions in security work on a negative model. I think we're, we may see a shift to go to a positive model, based on behavior, which is, okay, I only want to allow these things to come in, because I know exactly what these things are.
And anything that looks beyond that needs to just be disregarded. So we may see that shift too. We may see a change in people changing the way that they mentally approach security from going from allow everything and deny a few things to deny everything and only allow a few things.
[00:13:40] Marco Ciappelli: Wow, makes sense. And Um, we were joking about the conversation with an AI.
I want to pick your brain on something that I've asked already a few people, which is, you know, when you play adversarial AI, what could they come up with, right? I mean, could we get from random try and failing, like, you know, the adversarial for creating art, for example, do you have the critique and you have the artist and eventually something unexpected comes up.
I'm imagining. The good guys, the bad guys, the good AI, the bad AI, the defense and the attack to play together. And, uh, it's, you know, let's, let's, we can write a movie about it if you want, or let's start talking about it.
[00:14:33] Kunal Anand: We can ask GPT to write the movie for us. Well, I think let's, let's go into one topic first, which is, you know, I don't think people really appreciate this notion that we really don't know how these models are working.
There's a great talk online called, uh, it was a lecture called Sparks of AGI. And what I mean by that is when GPT came out, you could ask it questions and it would give you back answers. And it did it pretty well. You could ask it to write song lyrics. You can ask it to develop a pitch for you on a movie script, whatever it might be.
And it does a pretty good job. But it also surprised a lot of people. When they were able to ask it non objective questions, right, just to see what this thing would do. And if you kind of look around and you talk to the big brains of the world, they'll even tell you that we don't quite understand how and why it's working the way it is.
Like the math itself or the large language model, that's understood. Like what is gradient descent? What are these things behind the scenes? It's clear what the math is. You can go and look at a large language model. There's things. That are like a large language model expressed in a few hundred lines of code.
Actually, you can with a few hundred lines of code, build a large language model. It's not that difficult. The challenges and where people are struggling and where their minds are exploding right now is when you load in a large data set of billions of parameters, that's where the magic happens, right?
That's where this kind of goes crazy and it goes into like a million directions. And if you kind of go back 20 years, We didn't have these trillions or billions of parameters. We didn't have the internet as we have today. We didn't have all this content before to go and train these systems. And I think that's what's fundamentally different this time around.
And so, you know, you think about adversarial AI, I think we're going to see some unexpectedly interesting things. Uh, I think that's, that's a given. We're just going to see that. I think we're going to find that some flavors of AI may do a more interesting or a better job at developing attacks. I think at some point, defenders are going to need to incorporate AI as well.
Like if you want to stay in this negative modality of, I want to allow everything except for a subset of things, that means we need to get smarter about what is the everything that we want to allow, or what are the things that we narrowly don't want to allow. And unfortunately, and this kind of goes back to a real problem right now that we all have in the industry, you can't buy these semiconductors.
You just can't buy these chips anywhere. And who has the economic means? to train these large models. I've heard the statistic recently that for like a data scientist at OpenAI to run an experiment for a week they can spend a couple of million dollars just by themselves running an experiment for one week of training.
So how many companies have that Amount of cash lying around where they could just go and conduct an experiment. Like it's very, very few. And so you kind of think about this, this point, which is, I think we're just going to see some really interesting things. I think we're in really early stages and who knows what's going to happen with like open source AI development now that it's, there's like a long tail here.
Sean and I were like exchanging notes back and forth around like some open source stuff not too long ago. It's wild. It's just so wild. Like I couldn't tell you and pinpoint exactly where adversarial AI is going to go, but what I can tell you is, be surprised, uh, that it's going to be cool and interesting and scary, and also don't be surprised that it's going to be cool and interesting and scary, because we fed it the totality of human data that's been generated on the internet for 20 years, and what do you expect is going to happen, you know?
So, those are my points.
[00:19:05] Sean Martin: Do you have something, Marco? Because I, I mean, my mind's kind of racing a mile a minute here.
[00:19:09] Marco Ciappelli: I'm right there. I've been saying that, I've been saying that AI is human after all. Because that's how we train on our own.
[00:19:17] Kunal Anand: Great Daft Punk song. Great Daft Punk song, by the way. Human after all. Nice, nice record.
Yes, and a great band. The Robots. The Robots. Yeah.
[00:19:26] Sean Martin: Um, so I'm hung up on the unexpected. Um. Yes, I think there might be some interesting ways to look at it, but it's only unexpected if you don't think about what you might expect. I'm getting a little weird here. But I'm, I'm looking, thinking of this from a business perspective, right?
I know what my business does. I know how I've Designed its processes to work. I know how I've developed its infrastructure to support that. I know the tools I have in place to expose those things to users and other systems that allow it to, to. Data to flow and decisions to be made and transactions to take place.
I know the, I know the, I expect those things to happen a certain way. And I'm wondering, so when you take now, granted, this isn't public, uh, data sets in, in the large language models that we're talking about here, but company data, let's say fed into these things, um, you could say here. Using this, I expect this to come out of it.
Let's see what the, the large language model says. Um, and if it doesn't, what does that mean? And if it does, then I could use it this to say, okay, where, where might this, where are the places it might go off the rails, which are to me, the weak spots that can be exploited, not in the form of a CVE. Right. In the form of a business logic attack of some sort, um, that's rooted in technology and infrastructure.
And so for me, I, I get, that's the kind of stuff I think about is here's how my business works. How can I use the large language model to really understand that so that I can then use it to understand how it might be exploited, what do you think? Have you
[00:21:30] Kunal Anand: guys, um, Have you guys heard of like grounded LM or rag?
Have you guys seen these concepts in AI? Not yet. Okay. These are super interesting. So Sean, to your point, I think here's where we are now. People have been playing with these AI technologies, even the open source ones for I think we all realize there's power in these things, but these things were trained off of someone else's data, not necessarily ours.
And I'll give you, I'll give you this thing, which I find really fascinating. I fired up this open, uh, open source AI recently. It's, it was by a company called Mistral. It's a 7 billion parameter set. And I just asked to the really benign prompt and it like just spider down from weirdo path that was about stretching.
Seriously, like it turned into like stretching after you exercise. And I'm like, I just asked you how you're doing and like, you know, the equivalent of that. And like, it just like pivoted into this sort of weird place, which does no go right for an enterprise. So there's two terms that I've been coming up to speed with and playing a lot with.
Which is one, uh, grounded LM, and these are grounded models. That's the idea of it. So it's ground in a set of knowledge, in that the model itself is derived only on what you get it. And maybe there's some additional language capabilities, but there is a source of truth here. And then the other concept is RAG.
Uh, it's re I think it's a Retrieval Augmented, uh, Generation or, or something related to that. But Retrieval Augmented in that. You know how, like in CHAT GPT, you can give it a prompt, but you can also give it custom instructions? RAG is basically custom instructions. Before you call any of these models, but what you can do with rag, which is really cool is you can load in an entire dataset, you can shove in an entire dataset into rack, which is here are the, here's the totality of information that you need to pull from.
If it's not, and you give it an instruction that says, if it's not in here, you just tell me that it's not in here, don't invent anything. And if it's in here, use what you have. And that is, I think, where this all goes into 2024. I think this year was the year of sort of base level generative AI, like leveraging the Google paper for transformers.
We are where we are now. But where do we go from here? And I think everyone's going to want a bespoke model. Everyone's going to want a model that they can run on their own. A subset of these capabilities that they can execute in their own environment. It's clear, like, this is what we need. Sean, you and I were discussing some use cases that you have.
I have similar use cases where I want to be able to build a large language model out of my notes. I collect a lot of notes. I write a lot of notes. I would love to be able to write essays and journal posts based on the things I've collected or ideas in my head. If I were to go to CHAT GPT, it's going to hallucinate on its own.
But if I go to something like a GPT and I'm only saying, here is 20 megabytes of text. Only pull from this 20 megabytes of text. The outcome is going to be totally different and totally interesting. And I think that's where we're all kind of heading now. And in the context of security to kind of bring it all back there, if I'm an attacker, I would want to be generating attacks.
Leveraging RAG such that, okay, I want to go and create novel types of ransomware. I should feed it previous interesting ransomware that did bypass these other controls, these other systems, and then just go let it cook, go let it cook, go build a million different examples of ransomware. And then the beauty of automation is you can literally take that, that new type of ransomware that was generated, set it up, throw it in a container, see what happens.
Does it trigger the alarm? No. Cool. It's new ransomware. Never seen that before. Or let's go and build an attack that'll circumvent a filter for cross site scripting or SQL injection. Cool. You're going to see those workflows now. Leveraging past data in a sort of rag retrieval, augmented, generated model.
Um, I think that's where this goes. And I think that's, if I was an attacker today, I need to go there. And by the way, if I'm a defender. I need to do that too. Like, I need to look at as a defender, here are the rules and signatures or the techniques that work to stop this attack. So here's an attack. Here's the decision that we took.
Okay, you get a lot of those signals that come in, whether it's an auto encoder or whether it's a large language model, you can build a lot of interest there. And it's all ragged too, where it's like, okay, based on this, I now know what I would do on this other side. That's a model as well. So I think where this all goes is Attackers are going to have models, defenders are going to have models, and just like the cat and mouse game, they're going to level up.
And they're all going to reach an equilibrium at some point. And yeah, maybe the attacker will get through sometime. And yeah, maybe the defenders will get to be a generation ahead. Whatever happens, we'll always sort of reach parity, given enough time. And we've seen that, right? We have 20 years of data that show, look what happened to web.
Look at the web attacks before OWASP. They were rampant. OWASP happens, they begin to normalize, but then we see new types of trends, new types of attacks. It explodes open again. And then it narrows back down and explodes open and narrows back down because we get really good at figuring out a way over time for how to stop this stuff.
And also there's an economic benefit to stopping this stuff versus just letting it cook.
[00:27:44] Marco Ciappelli: So I have a question from a, from a business culture, business practice for what a company does. Do you think that they need to adapt to different? Model of doing business in order to, to kind of meet with this new paradigm shift into negative versus positive and AI in general, of course.
[00:28:13] Kunal Anand: Yeah, I mean, so I'll answer the last one first, which is. If a company is not looking at leveraging artificial intelligence, like generative AI right now, in some form or capacity, they're going to get outmaneuvered, and they're going to, they're going to lose their position. Because a smaller, more nimble, more agile company that is going to leverage AI in conjunction with something differentiating of the company, then it could be like the data.
Like, that's the most valuable thing, right? What have we learned over the last year of AI? It's the data. You are what you eat. You know what I mean? And if you don't eat well, you're not going to grow. And so it's the same old concept. And so the companies that realize that they have something differentiating in what they do as a business.
If they can leverage AI in conjunction with that, they can create this economic mode that becomes a lot harder for another company to kind of jump into. And so I think right now every company should be looking at it. A lot of companies are. You're seeing places, some, some stories online, uh, Klarna, right?
The, the lender, K L A R N A. There was a headline about them a couple of weeks ago. I think maybe it may have been last week. Time dilation is real post COVID, but they were talking about how, uh, they're letting go of, you know, more than 10 percent of the company and. They're not replacing them with people.
They're just going to leverage AI. So there's this efficiency gain that people are getting from, from AI. You're going to see startups and businesses. Look, I'm an entrepreneur. I started a company before given AI. Could I start that same company with fewer people? Absolutely. I think you're going to see a model where you don't need 20 or 30 people to get to an MVP anymore.
You're going to need fewer people. And I think you're going to see this sort of diffusion. Of talent and people trying a lot of different things. I think everyone should be doing it. We are right as a business, we, we leverage AI all over the place in marketing, we use it for assisting us in generating data sheets, we use it on the sales side to track things like opportunities and leads, um, and this is actual AI that we're using on those sides.
We use it in customer success. We have chatbots as like our first tier, and we load in all sorts of things like product documentation. And. You know, we're looking at bringing it into our product, where if you want to build a new rule or a policy before, you'd have to know the syntax and grammar. Similar to the way that Marco was whispering to AI on the 101, imagine being able to sit at your desk and instead of having to type out a rule, you can say, Go and block traffic from Russia targeting this website, and we can generate that rule for you using AI.
But we had that in a lab already, which is exciting. Or leveraging AI to look at all this stuff that we've seen in the global network. We process trillions of requests a month. How about we just leverage AI to automatically generate security rules that our researchers don't have to write, but they just have to review, right?
So every company needs to start looking at this, tailoring it to their own needs and requirements. But there's a ton of leverage you can get out of this stuff for sure. It's surprising me though, that I still talk to companies that don't believe that this is going to be a game changer. Like, seriously, like, I don't, I don't understand it.
Um, but it's, it's where it is.
[00:31:57] Sean Martin: So I still a gazillion questions in my head where I'm going to go with this one. For me, looking at the data that we have, are we generating the right data inside the business to have enough information to protect it? And I'm leading to here, the idea that if we're. Using traditional security sensors to detect traditional security threats and attacks and trained our teams and systems to respond to them that way.
We're going to kind of be stuck there as well. So I'm thinking, are there other. Types of sensor data that we have and aren't using, don't have, we should be using, and here's where it gets interesting to me, switching the way we look at threats. So we, we kind of look at the attack chain, right? Did they kill chain?
How do, where's it going and how can we block it? It's very, today it's very threat vulnerability. Not so much, kind of back to my earlier point, business logic focused in my opinion. So do we need to, are we kind of shifting there to look at things differently?
[00:33:20] Kunal Anand: So I'm, I'm writing this blog post now. Um, you'll see it.
I'll send you a link, but. I actually think there's a totally different modality where you can get a lot of alpha or you can get an, you can get an advantage. We have been so conditioned over the last several years to think in terms of computers and systems and software and processes that are digital.
John, you just brought up a really important thing, which is people are in the loop. Take an issue. Let's say you work at a company, big company. You probably have a SOC, so you have a security operations center. And they're looking for bad things all the time. And when they see that bad thing, they take some sort of action.
Who's actually looking at the data of that, like the analyst that makes the decision, not like the incident response itself, but at some point a human made a decision to take an action. Are we capturing that data? And where else could we not be capturing decisions that humans are making in the cyber security chain?
If we can start to harvest those signals, that intelligence, That, I think, is the game changer, right? Not necessarily, oh, let's take logs from a security vendor, and a log from that vendor, and a log from this vendor, and throw it all in, shake it all up, and have GPT read out a report to us. You can do it, but there's no advantage to that.
There's nothing unique about it, and we all get the same GPT. It's just a question of how you prompt it. But that commoditizes to zero. I think the difference here is, to you. Extract data from places where we are not extracting data from until your first point. And what we're not doing a good job of extracting data is around the behaviors in these enterprises.
So that, that would be my suggestion for everybody is you're creating data everywhere. When you send an email, you're creating data. When you reply to someone on Slack, you're creating data. When you take an action, you're creating data. Is if there's a way to collect all that information, yeah, that's when it gets super interesting and super valuable, right?
[00:35:50] Marco Ciappelli: So you, you gave us some example of what you guys are doing internally and, uh, you highly recommend everybody to play with it, at least to figure out where they can apply it. So if somebody it's coming to you, you're you, Imperva has a lot of clients, a lot of knowledge and somebody like, well, I have no idea where to start with this.
I know I need to do something, but, um, what, what is the first step, like the first two or three steps to. To get into that and prepare to be resilient versus. AI attacks.
[00:36:26] Kunal Anand: Yeah, I'll say number one. First place. If you've never tried any of these things, you should. There's actually not a lot of people, surprisingly, who've played with GPT.
Yes, they achieved, you know, a certain amount of revenue. Very happy for them. But majority of those people may just be enterprises and large companies buying subscriptions and whatever. There's a very long tail of humans who've never actually I would say number one is people need to get hands on with these things and for those who are technical and you have a lot of folks who listen who, who are, and they may know how to program, they know how to build software, take the leap of running these models.
In your own environment, you can download these things. You can run them. They're very, very straightforward in terms of like how to set it up and how to get this stuff running locally and try it, play with it, you know, there's opportunities to leverage code generation. With things like github copilot, that's an amazing solution, right?
Where you may not be a programmer, but you can prompt GPT to write that code for you. And it doesn't do a bad job. It does a pretty decent job. Is it perfect? No, but you know what? It gets you to where you need to be. And honestly, We're not building Mars rovers, right? We're not, we don't need the performance of a Mars rover.
You know, it's not like we're operating with four kilobytes of memory. Like we're, we're sitting here and we're operating with gigs and gigs of memory. My Chrome tab that I'm talking to you on right now, I'm recording this, is consuming several hundred megabytes. Don't know why, but cool. Good job, Chrome.
But you know, I think I would just sort of suggest to people to get hands on with this stuff and just start playing with it and be curious. And if you don't actually know something, ask the bot. It actually does a really good job. And my favorite prompt in the whole wide world, my favorite prompt, and I do this all the time, and you have to come with a beginner's mindset, and this is more of like a meta thing.
If you're willing to accept that you don't know everything in the world, and you're willing to remove and kill the ego, go ask a chatbot to explain something like you're five years old. It is one of the most interesting things in the world. Go ask, and for anyone who's listening right now, I did this last night.
Go to GPT, CHAT GPT, if you have a subscription, and ask it to explain quantum physics like you're five years old. Seriously, I encourage you to take any topic that is so complex that you think is so complex that it's so difficult to grasp and ask it. And then apply that same logic back to, what is generative AI?
Explain generative AI like I'm five years old. Explain large language models like I'm five years old. And then ratchet it up. Change your prompt over time for any one of these things to go from, don't explain like I'm five years old, assume I have a high school degree. I have gone to that extent, like, assume I'm a PhD in economics, explain whatever it is.
And it's so amazing to get these different types of responses. I just think for everybody right now, just start playing. Really, we are still in early stages here. We really are. Even though this stuff's been around for a year, it's still way, way, way early. There's no such thing as a winner. We're all figuring this out.
And I would just get in the arena and start playing.
[00:40:17] Marco Ciappelli: So this is good for getting your feet wet with CHAT GPT. And when it comes to defending yourself?
[00:40:29] Kunal Anand: Oh lordy.
[00:40:30] Marco Ciappelli: Does the CISO go and say, explain me how to defend myself like I'm a five years old. I don't know if that's good.
[00:40:39] Kunal Anand: No, what a CISO is most concerned about right now is you've got all these people in the company.
How do you know what they're actually doing? How do you know that they're not giving away your trade secrets to these SaaS services? How do you know that people are using these things in the way that they should? So, are they using these things with, following the acceptable use policy? I think where most CISOs are right now are twofold.
One, I want to allow my company to use these things. Because for various productivity reasons, but I am terrified that someone may upload financials. Like, let's say I'm a publicly traded company and someone uploads financial, sensitive financial documents over to this thing. You've leaked potentially sensitive information now to one of these vendors online.
Should you have done that? You know, that's what, that's an AUP question over there. And so CISOs are grappling with that. And so this goes back to like more of the classic software inventory problem of like, what do I have? Who's using what? Do I have the right controls? And then the second part is, I am worried about novel attacks coming through and coming in to break me or break my, my environment.
And right now I'm seeing people change the way that they think about defense systems, security controls, that mix we were talking about earlier at the onset of the conversation of the positive and the negative models use a common, a combination of those two, uh, people getting smarter about isolating content.
People getting smarter around who has access to this stuff, requiring multiple steps, MFA as an example to get to things, pressuring vendors, talking to vendors and asking them questions like, what is your AI strategy? I spend a lot of time talking to customers who are asking me what our AI strategy is, as an example.
I do the same for my vendors too. I ask them, what are you doing to stay ahead of generative AI? Again, it's so early, we're all figuring this stuff out. There is no one answer other than I think it's just try a lot of different things, even as a CISO, and see what works and what fits the environment. And if it doesn't work or you're not getting a return out of it, move quickly, try something else.
I think that's where we are.
[00:43:04] Sean Martin: I know we should probably wrap here, but I'm not going to, I'm going to ask one more question because Margaret loves it when I do that, I can't stop and I have you on. I want to take advantage of this time. I can't stop thinking about building apps, building systems using knowingly pulling in large language models to do things for us, but then also leveraging third party services and open source.
services and API driven things that may tap into large language models and use our data outside of our organization as well. And I know it's not necessarily a direct one to one example, but there's a fairly well known cloud storage Service that it's been claimed that they're using people in companies, data to train AI models to help help their customer find and make sense of their data that they've stored on it.
Yeah, exactly.
[00:44:16] Kunal Anand: Help me help you
[00:44:17] Sean Martin: help me help you. And I can, I know I, I use a competitive version of that, that I don't believe they're doing that at this point. Um, I use that service through APIs and drive a lot of stuff through, through there. So I can, I can see, is that, is that a current threat model that you think CISOs need to be worried about?
[00:44:43] Kunal Anand: They need to. Yeah. I think what we're all realizing is that data is the thing that makes these things unique. And if you can train these models on unique data, you're in a really special place. I mean, there's a reason why OpenAI has the moat they do is because they started crawling before anybody else.
It's because they started connecting the dots before anybody else. They were scraping Reddit and other places, which we now know, right? Before, before other people were, they were, they were scooping things up before other people were. And now I think what you're going to find is people who want to build these models have to train somewhere.
The difference is publishers and people who know that they've got an important data set are going to close that stuff up. And so I'm not surprised to see a storage vendor try to train a model based on your data. But I think we have to reconsider what it means to use these SAS services and what it means for storing our data there.
Are we giving them the express permission implicitly to go and train models based off of what we're uploading? And the answer is probably true, right? We, no one really reads the EULA, to be honest. And I think It's true. We all scroll to the bottom and hit agree because we just want to start using something.
We want free storage, right? In that example, or we want storage in general. So we'll accept whatever to get the one terabyte, one gigabyte or two gigabytes of storage. We'll move on from there. I just think that. As a CISO, data is paramount, right? I think about it all the time, like, the data is my business.
I'm always terrified about it getting breached or compromised in some way. Did I ever have on my bingo card that someone could theoretically build a large language model and then how do they protect the large language model out of my data? No, I didn't have that on my bingo card going into this year.
And now I need to think that way. Now I need to start asking questions. Are you going to train an AI model based on my data? If the answer is yes, I probably am not going to use you. And maybe you'll give me a better quality of service. If I do, I don't know how you're securing all of that. And we didn't even get into this yet, but I can go and like, tell you what freaks me out the most right now is there is no visibility into what these models are, what they're doing.
This is all a hallucination. How do you know what this stuff was trained with? Again, it goes back to you are what you eat. How do I know what you ate? You know, like what did you eat? And this, you see, you can have like a part two. Yeah, . Exactly. Yeah. We can have a part two on this at some point, but like I, what I really feel right now that I would want to know as a CISO is I want to know what you train this thing on.
And I want you to publish the weights of your model, even if it's an enterprise deal. If I buy an AI solution from a large enterprise, let's say I'm buying a model or using a model as a SaaS service, help me understand the weights of this model. Like when we say weights, like Help me understand not only what the model was trained with and on, but also why it was designed in a certain way.
Like, what are the parameters of this underlying model? Because if I want to put something in a critical place, today we're talking about a bot, a chatbot, but you guys know this. We've been in this industry for so long. These models are shrinking in size right now and the efficacy is going up. Could you imagine five years from now when you can fit a large language model on a thumb drive?
Could you imagine when you can fit a large, not a large language model per se, but like any one of these models in a healthcare device that is implanted in you? What happens at that point? Or could you imagine putting these models into energy reactors or like control systems around energy reactors? Like we're talking about fission fusion, right?
All that stuff. Could you imagine like this, these models running everywhere? Sure. I can, I can imagine it, but. I'm not going to put these things in those places if I don't know what this stuff was trained on and trained with. And so we just need more visibility there.
[00:49:06] Marco Ciappelli: You're coming on my show and we're going to go philosophical.
I always say when we talk about the personal assistant, right, you You want your personal assistant to really assist you, not Siri. Sorry, Siri, you need to improve. You gotta, you gotta bring me something here.
[00:49:29] Kunal Anand: I would say it, but I'm like terrified that like six devices in this room are going to go off if I use the code word right now.
I'm also glad I have you on headphones because like this, this room would go bananas right now,
[00:49:40] Marco Ciappelli: but my point is I'm not getting what I want, but I know that if I want to get what I want, I also need to give. A lot of information about myself, the example of a real physical personal assistance, right? You give away your taste.
You give away a lot of things. If you want to get stuff done and long guests or to be very generalistic and generalized. And again, we go back to who you're going to trust. You're going to have to pick one. And hope that they stick with their gun and they do what they say they do. Right?
[00:50:17] Kunal Anand: Yeah, you do.
You're going to have to. And you have no guarantees what's going on. And it goes back to the trust but verify. You can trust somebody, but there's no way to inspect these things, right? Right, unless someone tells you what's in there. That, I think, is the big issue. That, I think, is the big thing that we should be talking about with respect to AI and, quote, regulation.
Transparency. This idea of labeling, you can't, that doesn't scale. You know that. It just doesn't scale. Instead, we know right now there's always going to be a handful of vendors that have access to these chips. To build these models, what is in this stuff? And by the way, I, this is why I love these open source models that are out there, Mistral Facebook is doing with Llama, they're just giving you the weight so you can see this stuff.
You can modify these models. You can fine tune them on your own. Like, I love that about this and that. It may not be as elegant as a shrink wrapped thing like, like OpenAI's GPT, but I would argue that the open source thing gives me more faith because there's more eyes looking at this thing and that there's a lot of other concerned people who are smarter than us that are aware of what's going on here.
You may not want any guardrails in your GPT or your, your, your LLM. Cool. You can remove it. Or you may want to prevent going down certain paths. You can set it up that way. I think what's really important is telling people what you did to those models, because otherwise, who on earth is going to feel comfortable putting these things in sensitive places?
[00:52:17] Sean Martin: Yeah, and I'm excited. I got my, uh, my Mistral, uh, access granted to me today, so.
[00:52:24] Kunal Anand: 7B.
[00:52:27] Sean Martin: Yep. Yep. The latest one. Yep. So, uh, that'd be
[00:52:30] Kunal Anand: super cool.
[00:52:31] Sean Martin: That's going to be, that's going to be a fun journey. Um, I joked at the beginning, Hey, I didn't say AI, I said, I, and, um, I'm going to close with that here. And yes, we'll have a part two.
And it sounds like you're going to get invited to another show. I don't know if they'll invite me or not. Cause I always ask one question, but, um, the. The reason I'm going to close with IA is because that sums up this conversation for me. I ask, right? I don't know the answers. So we've been talking about prompting and asking GPT, which is good.
It doesn't know every specific situation and nor do any of us, but by asking each other, right? Um, we can learn and we can tailor our understanding to what matters. Um, And I know you, you described doing that with, with your customers and your prospects and your vendors and providers. What are you doing?
Why are you doing it? How does that impact me? How does what I do impact you? Those are the conversations. Those are all the asks that need to be happening and those need to happen. If we're going to proceed with some level of confidence here and, um, I agree, my call, my call here is, uh, and I did this, I asked you a question before, uh, before we chatted here, um, I would encourage everybody to connect with you and the team and Imperva to ask those questions that, that they have, uh, need answers to.
And yeah, you may or may not know, but you're going to have a very interesting and certainly a meaningful conversation when that question is asked.
[00:54:24] Kunal Anand: And by the way, I, uh, I encourage folks who are listening and tuning in to this. You can find me on Twitter or X. My handle is KA. You can also find me on threads as well, or LinkedIn.
I actually really enjoy getting into these things. I'll post about this stuff all the time. I try to write and go pretty deep in these areas, maybe once or twice a week. Um, so yeah, follow along and you can see how I'm learning about this stuff too. We're learning, we're making mistakes and we can do it together.
That's
[00:54:57] Sean Martin: where we differ. I learned, but I don't make mistakes.
Can you are I'm hallucinating. Very good. Super fun.
Super fun.
[00:55:15] Marco Ciappelli: Always to treat everybody. Stay tuned. More stories coming Imperva. I don't know how many fantastic story we had already and how many already we have. Uh, Stay tuned.
[00:55:30] Sean Martin: Lots of fun stuff coming up.
[00:55:32] Marco Ciappelli: Take care everybody. Thank you.
[00:55:35] Kunal Anand: Thanks guys. I'll see ya.