TindraAs a hacker, to break systems, you first need to understand what is the expected behavior, what are the guardrails?
Because that knowledge of guardrails is how you get around them.
#BSidesHBG
Because that knowledge of guardrails is how you get around them.
#BSidesHBG
Another org had a chatbot that allowed them to get data from SharePoint files without actually touching those files (because it would helpfully summarize things) #BSidesHBG
One chatbot: weren’t validating chat history, instead passing the entire chat history into the API call and accepting that was the history.
#BSidesHBG
#BSidesHBG
OWASP LLM Top 10 have lots of things that are really familiar - they’re classic web issues applied to new technology.
The interesting one is unbounded consumption because of the costs. Kindof like before people learned to lock down cloud, but worse.
So: direct financial impact.
Wrapping up the day by talking about breaking websites via their chatbots with Paul Brownridge #BSidesHBG
You’ll likely have to make sacrifices, but it shouldn’t be your default response to situations; save it for when they really matter. #BSidesHBG
Learning with intent
Gotta focus on what you need for your career goals. Unfocused learning, trying to absorb everything (you can’t) can be exhausting.
You need to spend intentional tine reflecting on what you’ve learned.
Learning beyond the keyboard- psych, presentation skills, etc etc. have to improve your whole self, not just tech skills.
Make sure that your networking goes both ways - it’s mutual support, giving as much as you take. #BSidesHBG
You’re not alone - your network matters!
Your family support network is important, but you also need a professional support network.
They can help with not just career tools, but emotional support. Share the load with your colleagues inside your org. They’ll also help you process change in your org.
External to your org is also important - gives perspective, sounding board, growth opportunities.