Summary of "Think Before You Prompt Securing Al from the Inside Out|"

Summary of "Think Before You Prompt Securing AI from the Inside Out"

This video presents an in-depth discussion and live demonstration on securing AI technologies within organizations, focusing on Symantec’s integrated security solutions, particularly within their Secure Service Edge (SSE) platform. The session covers how AI is transforming security needs and how Symantec addresses these challenges without requiring customers to buy separate AI-specific products.

Key Technological Concepts & Product Features:

1. Symantec SSE Platform & Unified Agent
   • Symantec provides a broad, integrated security platform (SSE) that includes AI protections as part of its existing services—no separate AI security product purchase needed.
   • A single lightweight agent installed on endpoints (10 seconds install, no reboot) handles VPN, proxy, XDR, RBI, DLP, and SSE traffic, simplifying deployment and management.
   • Traffic is routed through Symantec’s cloud infrastructure (hosted on Google Cloud Platform, including data centers in Israel), enabling scalable, low-latency protection.
2. Cloud Security & CASB (Cloud Access Security Broker)
   • Symantec’s CASB monitors and controls cloud application usage, including AI services, via API and proxy integration.
   • Supports detailed visibility and control over cloud data, sharing permissions, and compliance enforcement (DLP, CSPM, SSPM).
   • Provides retrospective scanning of cloud storage (AWS, Azure, Office 365, Salesforce) for sensitive data and policy violations.
3. Zero Trust Network Access (ZTNA)
   • Symantec replaces traditional VPNs with ZTNA connectors that only allow outbound connections to Symantec cloud, reducing attack surfaces.
   • Granular access control by user, group, port, and protocol, with session monitoring and restrictions (e.g., block copy-paste, file transfer).
4. Remote Browser Isolation (RBI)
   • Transparent cloud-based isolation of web content prevents malicious code from reaching user devices.
   • Supports all browsers and operating systems without special client requirements, including complex web apps like WhatsApp.
5. AI Security Specifics
   • Shadow AI Discovery: Identifies all AI services used within an organization, including unsanctioned (shadow IT) applications, by analyzing traffic logs from proxies or firewalls.
   • AI Service Analysis: Over 200 known AI applications are categorized and graded based on 300+ attributes (e.g., encryption support, data residency, 2FA).
   • Policy Enforcement: Organizations can block or allow AI services based on these attributes and enforce usage only of approved corporate AI tools (e.g., corporate GPT chat).
   • Full DLP Integration: Sensitive data detection and blocking apply to all AI interactions, including text, files, images, and code—across browsers and applications.
   • Prompt Injection Protection: Symantec detects and blocks malicious or unauthorized prompt inputs and AI responses (front-injection attacks), a critical emerging threat in AI security.
   • Enterprise AI Frontend Protection: Organizations can deploy internal AI frontends (e.g., enterprise GPT or Gemini bots) that Symantec protects by scanning all inputs and outputs for sensitive data and malicious content.
6. Granular Controls & Customization
   • Policies can be applied at user, group, application, and service levels with fine granularity.
   • Supports overrides to allow specific AI tools while blocking others within the same category.
   • Customizable incident notifications and user messages in multiple languages.
7. Integration with External Providers & Hybrid Environments
   • Supports hybrid deployments with local DLP agents for on-premises data and cloud DLP for cloud services.
   • Controls access and data sharing with external service providers via controlled frontends and policy enforcement.

Analysis & Insights:

• The solution emphasizes broad, platform-based security rather than niche AI-only products, leveraging years of Symantec’s DLP and cloud security expertise.
• AI security is treated as an extension of existing data protection and access control frameworks, ensuring consistent policies across all vectors.
• Real-time monitoring and control of AI usage help organizations mitigate risks related to data leakage, compliance violations, and AI-specific attacks like prompt injections.
• The approach supports visibility, control, and compliance across both sanctioned and unsanctioned AI tools, addressing a common blind spot in enterprise security.
• The solution is designed to be transparent and user-friendly, minimizing disruption while maximizing protection.

Guides, Tutorials, and Demonstrations Provided:

• Live Demo by Daniel Weisman (Symantec Sales Engineer):
  • Discovery of AI services in an organization via CASB dashboards showing shadow AI usage, sessions, traffic, and policy alerts.
  • Enforcement examples blocking unauthorized AI apps like DeepSik and Copilot, while allowing approved tools like GitHub Copilot.
  • Real-time DLP enforcement on sensitive data inputs into AI

Category

Technology

Share this summary

Share on X/Twitter Share on Facebook Share on LinkedIn Share on Reddit Share on WhatsApp Share on Telegram

Video