Loading…
April 16-18, 2024
Seattle, Washington
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Thursday, April 18 • 3:15pm - 3:55pm
Logically Securing the Illogically Logical Use of Large Language Models - Sarah Evans, Dell Technologies & Jay White, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.


LLMs, like any other emerging technology, are designed to innovate and push the boundaries of technology. This is often done without considering potential security risks. In this session, we’ll consider the supply chain risk of the following scenario: downloading a model off Hugging Face and running it against an internal dataset. Based off the use of a widely known risk management framework (NIST 800-53, rev 5), and an emerging AI related risk management framework (AI RMF 1.0), this talk will introduce attendees to a few risk control families: access control, incident response, configuration management, supply chain risk management. This session will build a bridge showcasing how widely accepted security fundamentals can be applied to LLM development to be more secure by design and have more secure and efficient enterprise adoption. Attendees will leave with a foundation in pre-emptive risk management measures in security fundamentals they can apply to their LLM development.
Speakers
avatar for Sarah Evans

Sarah Evans

Senior Engineering Technologist, Dell Technologies
Sarah is a security innovation researcher at Dell Technologies, on the Product and Operations Global CTO Research & Development team. She leverages diverse experiences in cybersecurity, IT, defense, business, education and fine arts to research innovation to improve security by design... Read More →
avatar for Jay White

Jay White

Security Principal Program Manager, OSS Ecosystem and Incubations Team, Azure Office of the CTO, Microsoft
Jay has 20+ years of IT/information security experience dedicated to cyber risk, security, privacy, and compliance. He provides a combined tactical and strategic balance towards the implementation of security and compliance requirements that aligns to an organization’s broader business... Read More →

Thursday April 18, 2024 3:15pm - 3:55pm PDT
434 (Level 4)
  SupplyChainSecurityCon
  • Content Experience Level Any