Nick Reva: [00:00:00] Yeah, we want to shift the far left to embed small teams, small tiger teams of security engineers into the development teams to harden the AI initiatives.

Ashish Rajan: This guy came with a blank slate, and I don't know the language, but I'm gonna get a pulled request in and it work out within a week. It blows my mind.

Shivani Doke: I'm a GRC engineer is not a field that a lot of people know about. So we are here to sort of change that.

Ashish Rajan: There's a lot of nervousness being created by vendors specifically about the rise in AI attacks and the world's gonna end Terminator's coming. Script Kiddy is no longer script.

Nick Reva: They're, they're Claude kitties.

Ashish Rajan: Oh, the Claude.

Nick Reva: Using AI tools to respond to the pushback from the bug bounty like administrator.

Shivani Doke: If a policy says, no code that has been developed by an AI agent can be merged, or having some flag that will automate block that code from being merged.

Ashish Rajan: Do I still have to take screenshots?

Ashish Rajan: Like, I mean that's because that's like the bane of GRC, right? Yeah. Does that go away like an ai, AI engineering world?

Shivani Doke: Your agent doing the work for you? You know, that's the future. Maybe. Wait.

Ashish Rajan: So there are two big topics that people don't talk [00:01:00] about in AI today. First one is offensive security because all of us are trying to figure out whether can we detect the vulnerabilities that you're seeing with ai, generated by ai, done by ai, agent ai, all of that and how people respond to it.

Ashish Rajan: Second is the governance aspect of it because a lot of US work for regulated industries, whether it's compliant to financial industry standards, health standards, or SOC two, type two or 27,001.

Ashish Rajan: Now both of these are big topics and fortunately we had Nick Reva and Shivani Doke who came and spoke about this particular topic in front of a crowd of almost 50 people.

Ashish Rajan: This was a live recording in San Francisco.

Ashish Rajan: The first half is all about offensive and proactive security, where Nick will share with us a model for forward deployed teams build guardrails based on threat modeling and a red team feedback.

Ashish Rajan: The second half of the conversation is about the governance space where Shivani spoke about her experience as a GRC engineer talking about what the AI world could look like in A GRC engineering context as they're moving towards a world where everything is API connected, and AI is making a lot more possible options available for GRCs, which traditionally would not have been.

Ashish Rajan: Overall, it was [00:02:00] an interactive conversation and you'll hear from the crowd as well who I'm super grateful for that were kind enough to kinda share their experience and talk more about what they. We're facing themselves or seeing themselves and what others can learn from them as well. So I think overall it was a great conversation.

Ashish Rajan: By the way, if you want us to bring this to your city, drop your city name in the comment section. If you're on Spotify, YouTube, LinkedIn, wherever you're listening or cheering to this, this is the first of many and we look forward to having a lot more of these in-person conversations to hear from you. So you get to find out what other peers are working on for the same problems that all of us are dealing with.

Ashish Rajan: I hope you enjoy this episode of AI Security Podcast.

Ashish Rajan: And if you know someone who's trying to tackle the offensive, proactive security and the governance challenges of ai, definitely share this episode with them.

Ashish Rajan: And if you are here for a second and third time, definitely share this with them.

Ashish Rajan: And I hope you enjoy this episode and I'll talk to you soon. Peace, uh, as you can tell the, my co-host is missing. Unfortunately, he has, he is unwell, but he sent his regards. So him, him and I have kind of curated a three format ways we can get, she'll get the interaction from everyone. And I [00:03:00] mean, if anyone wants to join in, we've, I've got, uh, a few people who've kindly said yes to come on the stage with me, so we're gonna be starting conversations. Would love to have interaction from all of you as well. First of all, thank you so much for coming. I really appreciate all of you spending time. People flew in from Canada, la San Jose. It's like, oh wait, someone Santa Clara as well. So it's like, I mean, I didn't realize how far these places are apparently, but I appreciate all of you coming in.

Ashish Rajan: So I'm looking forward to this interactive conversation. Uh, for the first one, I've got Nick coming in. Thanks for coming in. Can we have a round of applause. Thanks.

Ashish Rajan: Welcome to the AI Security podcast, live from San Francisco, where Fang Restaurants.

Ashish Rajan: Shout out to Kat and Caleb for providing the venue. So we're gonna have some live interaction. Nick filling in for the first segment, the first segment that we came up with, is, ai, AI is an attack, amplifier, signal versus noise.

Ashish Rajan: That was the first one. Now, to put some context and color on this, uh, [00:04:00] the first question I had, so every time I open anything on the internet, at least from a security perspective, there's always like AI attacks on the rise.

Ashish Rajan: I'm just curious, what kind of attacks are these? 'cause I, is that AI bots, actually, maybe let's, let me just, is it that you've seen that there's an AI attack on Rise? If, I love to see your hands. No one's. Oh, alright. Okay. Oh, kind of some kind of, okay. But majority people have not seen it. Okay.

Ashish Rajan: So maybe I'm in that majority crowd for a bit. Now. The people who are seeing it, is it AI bots or AI bots, air bots. Is there a sophisticated attack done by a agentic AI as I, I mean, I guess, should I define a agent? AI for people? Oh, you have seen a Gen ai?

Audience: I've read about it.

Ashish Rajan: Oh, right. I mean, yeah. I'm like, wow.

Ashish Rajan: You mean we had one person? No,

Audience: so I won't name them because they

Ashish Rajan: Of course, yeah.

Audience: Uh, they are early stage startup. They use vibecoding to build the entire [00:05:00] software.

Ashish Rajan: Yeah.

Audience: And, uh, it's doing well, what they're doing. Yeah. But somehow one of their junior engineers, we use vibe coded or something, you know, the key happened to, you know, the key was actually lost in the code. And

Ashish Rajan: Oh. The API key was lost in the Oh, right.

Audience: And then one of the, there was a sophisticated attack, which kind of did, uh, you know, did data exfiltration and did remote execution on the cloud. Wow. And that was done by an agent because essentially the trace, the logs that they were able to see, it was clearly from an agent, the fires they could see. So,

Ashish Rajan: wow.

Ashish Rajan: But the agent that the developer had created, or was it an external agent that started doing this?

Audience: No, it was designed to attack systems like this.

Ashish Rajan: Oh, right, okay.

Audience: Not only vibe coding apps these days. Yeah. Have these vulner. In fact, there's this research and report as well. These vibe coding tools and code of the world, they are impeaching a lot of bug, a lot of vulnerabilities in the code itself.

Ashish Rajan: Right.

Audience: Which is being exploited sophisticated by people who are building these.

Ashish Rajan: [00:06:00] Oh wow. So

Audience: that's what I'm aware of. And the large scale was, I I read about that lot.

Ashish Rajan: Oh yeah. Fair. No, I, I appreciate you sharing that though. Thank you so much for sharing that. So at least I've gotta set the scene for benchmarks. So AI bots definitely. I've seen that. I mean, I've heard that quite, I mean, Fernando hasn't seen it. You're still not convinced. Hopefully we have a few more, but I've got Nick here. Maybe to start off with, if you wanna give a bit of about, uh, introduction about yourself.

Ashish Rajan: Of course. What do you do where you are?

Nick Reva: Yeah, of course. So currently with, with DoorDash, yeah. Been there for about six months. Let's tell the new guy running our security engineering team globally. Uh, before that I spent eight years, uh, in LA working with, uh, Snapchat in a similar role.

Ashish Rajan: Right.

Nick Reva: Before that, I was with SpaceX for about four years, uh, working with Yong.

Ashish Rajan: Oh. Just small companies here

Nick Reva: and there. Just small companies. Yeah. There,

Ashish Rajan: fair

Nick Reva: and early part career was Chicago and that was exciting, but, uh, I, uh, I really, I really admire the hustle of like Silicon Beach, which is what we call our little silicon strip in la

Ashish Rajan: In la I'm like, Silicon Beach. I'm like, that's a new one.

Ashish Rajan: Okay, so is that what La Silicon Valley or Silicon Exactly. Silicon Beach. Okay.

Nick Reva: [00:07:00] Fair. That's our silicon. That's our Silicon Valley. We have a, we have a Silicon Beach.

Ashish Rajan: We have Silicon Beach.

Nick Reva: So between doing burpees and pull-ups, you can do some vibe coding.

Ashish Rajan: Oh, right next to the Muscle Beach that you have.

Nick Reva: That's right.

Ashish Rajan: It's Muscle Beach. And Silicon Beach. Right.

Nick Reva: That's right. Well, it's in the same area, so,

Ashish Rajan: oh, you, you work out, then you work when your start to come back

Nick Reva: against No, no, no, no. You go surf.

Ashish Rajan: Yeah.

Nick Reva: You vibe code and then you go work out and then you go, uh uh, do some workouts.

Ashish Rajan: Oh, fair.

Nick Reva: At Gold's with Arnold.

Ashish Rajan: Oh, right. Gold. Oh, Arnold goes, yeah, gold.

Nick Reva: Arnold goes there still. You

Ashish Rajan: still see him? And specifically, obviously we were talking about this earlier. Yeah. Uh, AI clearly has been a huge part of what you've been working on and the theme that we're talking about right now as a whole, AI as an attacker.

Ashish Rajan: Mm-hmm. But I think you've obviously integrated AI into your teams and you working on getting that across security teams as well. What can you share about that? So at least for people to get nice. Sure, sure, sure. In terms of how you are seeing this and how you guys are using this across the board?

Nick Reva: Yeah.

Nick Reva: Yeah. So we're really adopting the principle of, of secure by design and shift far left. So people talk about shifting left. Yeah. What we want to [00:08:00] shift far left. What,

Ashish Rajan: what's

Nick Reva: far left means you embed small teams, small tiger teams of security engineers into the development teams are working on the AI initiatives to harden the AI initiatives.

Nick Reva: This is more on the product side, right. Not so much on the enterprise.

Ashish Rajan: Right, right.

Nick Reva: But for, for sake of our conversation, let's just focus on that, right? Yeah.

Ashish Rajan: Yeah.

Nick Reva: So if you're, if you're building an AI experience into your product. We are a threeway marketplace. We have dashers people who deliver DoorDash.

Ashish Rajan: Yeah. To

Nick Reva: you.

Ashish Rajan: Yeah.

Nick Reva: We have merchants like Fang restaurant I believe. And we have customers, people like yourself who order DoorDash.

Ashish Rajan: Yeah.

Nick Reva: We have AI experiences in each of those surfaces. Right. And they're different depending on the context.

Ashish Rajan: Interesting. Okay.

Nick Reva: Right. And so depending on the context, you have to threat model it differently.

Ashish Rajan: Yeah.

Nick Reva: And the shift far left is establishing guardrails not gates into your product development story. Right.

Ashish Rajan: Yeah.

Nick Reva: Taking things like Prompt FU and integrating it into all the repos where AI development is happening. So you can see, so, so you can write rules basically lins that look for prompt injections for the agent [00:09:00] frameworks that you're adopting, depending on the surface.

Ashish Rajan: Okay.

Nick Reva: And surfacing those early and giving those teams feedback so they can address the problems. And then even working with them to build in like middle tier service layers that do that. Do problem filtering. Yeah. Both on the prompt and the response.

Ashish Rajan: Interesting. I mean, I have so many questions, but before I jump into mine, anyone has questions for Nick before I kind of start?

Audience: So what about Promptfoo, do you guys, uh, maintain or you buy a commercial version of, uh,

Nick Reva: open source is very powerful,

Audience: so you just use the open source and you don't enhance it?

Nick Reva: Well, we certainly make it work with our, with our software development lifecycle, but I don't believe at this time it's necessary to purchase the commercial version.

Ashish Rajan: Oh, actually, what is prong food? Just wanna say, everyone

Nick Reva: respond? Okay. So just, just to establish a base level understanding. So Prom fu is a, is a open source, prompt injection testing framework. So it basically takes what you would test for as a attacker using various tools, and it it gives you [00:10:00] test suites Yep. To attack AI frameworks using the prompt for framework. So it's similar to like, like Burp has like different tools that you would both Yeah.

Nick Reva: That you would have, like, let's say one, one of the, one of the tools would be like a repeater or a interpreter or a

Ashish Rajan: spider

Nick Reva: that could also, or like a spidering kind of, kind of tool. Profu is specifically created to test prompt injections.

Ashish Rajan: Right.

Nick Reva: With a lot of it, a lot of package rules Yeah.

Nick Reva: That you can then tweak and adjust to your workflows, to test for prompt injection. Yeah.

Ashish Rajan: And I guess people use it for more than prompt injection as well. I think OpenAI and other people also use it for, like the benchmarks we hear about from LLMs. A lot of them can be going down that

Nick Reva: path as well.

Nick Reva: Yeah. You, you could also, you use it for that like, like f model efficacy. That's right. Yeah. In a way where you basically test for model model efficacy in terms of the responses.

Ashish Rajan: That's right.

Nick Reva: But also model, model ethics, which is very, very important. Right.

Ashish Rajan: Kind security kind of plays a huge role.

Ashish Rajan: Yeah,

Nick Reva: exactly. Yeah.

Ashish Rajan: Just on the ethics part of it as well. 'cause a lot of times and I'll be curious to know from the crowd as well, the conversations that I have with people, [00:11:00] what's stopping AI to go into production is all usually red teams. Just kind of like your team, I guess. But the, I mean, maybe not in your, they're not, they're red team.

Ashish Rajan: Yeah,

Nick Reva: they're not, they're not exactly red. They're more blue purple, but,

Ashish Rajan: oh, fair. Actually, I'll be curious to know about that as well. But just to kind of finish that question, a lot of people find that they're not able to take AI into production because nine or 10 times securities would fail because of prom injection or some kind of a leakage, whatever.

Ashish Rajan: Are you guys coming across those challenges or something like prom foods is actually helping you?

Nick Reva: Well, I, I, look, I think the challenge is. Engineering teams at major companies or even smaller companies, they wanna move at the, at the speed of engineering teams. Right. They don't want to ask for permission to get approval to do everything.

Nick Reva: Right. Yeah. You need some healthy guardrails to find the things that are risky and consequential identify them and give the team quick engineering feedbacks. Yeah. They can, they can address it, right? You can do that through GRC style mitigation processes. You have to meet the team at the speed of that the team is [00:12:00] operating at.

Audience: Yeah.

Nick Reva: Yeah. So if, for example, an engineer opens up a PR on the repo for one of the, a, a agent frameworks and prom FU runs as an integration test and gives them direct feedback on the pr, they're gonna respond to it like, no, no engineer wants to ship, uh, ship Angen framework that has prompt injection.

Nick Reva: Mm-hmm. That's not satisfying to me. Right,

Ashish Rajan: but it's in line with the,

Nick Reva: it's in line. Yeah. Oh, wow. Okay. You have to make it in line, otherwise how, yeah, if you don't make it in line, it's not gonna be the speed of engineering. Like we can't be coming. Coming at them through like a GRC framework, right?

Nick Reva: Yeah. We have to be operating the speed of engineering.

Ashish Rajan: Yep. Yeah.

Nick Reva: Which is why these teams that I tell you about this is using the Netflix model. Thank you. Jason Chan, if you're watching, God Bless you. Uh, Jason Chan invented this idea of forward deployed security teams. Yeah. That were deployed into the product areas in small tiger teams are three to five engineers.

Nick Reva: Alright. And I've, I've adopted this at DoorDash

Ashish Rajan: Right.

Nick Reva: To do exactly this.

Ashish Rajan: Oh, that's the team you were talking about earlier. Correct. So, just to give some context for people, how is it that you've designed your team for this particular 'cause? I guess a lot of people already have traditional, they already have [00:13:00] Anec team.

Ashish Rajan: They have a cloud

Nick Reva: team. Okay. Excellent question. Excellent question. So you have a AppSec team that works on pro AppSec tooling

Ashish Rajan: Yeah.

Nick Reva: And AppSec process.

Ashish Rajan: Yeah.

Nick Reva: Things like sas, SCA das, like the the common three, four letter acronyms that we're all familiar with, right?

Ashish Rajan: Yeah.

Yeah.

Nick Reva: You have the team like that, that team doesn't have specific low level context on how.

Nick Reva: And how the business operates necessarily. Right? Yeah. Especially in a large engineering organization.

Ashish Rajan: Yeah.

Nick Reva: Imagine you have an engineering organization of 2,500 engineers like we do. It's like 30 teams doing different things.

Ashish Rajan: Mm-hmm.

Nick Reva: Why don't you take the top three teams that are the most important, that are developing the most kind of customer facing product.

Nick Reva: So we have merchant, yeah. Everything to do with the merchant experience. We have dasher. Yeah. Everything to do with the dasher experience. And we have customer everything to do with the customer experience. Let's take those three teams and let's embed security engineers into those teams that actually work very closely and intimately with those teams.

Nick Reva: Understand exactly what they're shipping. Yeah. Prioritize the highest risk projects and build security controls into that. Into that, into those projects directly, including AI [00:14:00] controls versus an AppSec tooling team, which works on the side that has like this understanding of how to do AppSec. Like enterprise wide.

Nick Reva: Yeah. But they're not deeply integrated and they're not gonna be able to tell you what the merchant team is building in a given month.

Ashish Rajan: Yeah, I

Nick Reva: That's the difference.

Ashish Rajan: Yeah. 'cause I was gonna I think someone on that side I was talking to earlier, you guys have tried, doing you I security partner.

Ashish Rajan: I think we had a similar conversation about getting security across the organization. Uh, if you wanna share your experience as well, and maybe if you had some question, we would love to hear that as well.

Ashish Rajan: Yeah. So, uh, it's quite similar to what think was mentioning, right? The forward deployed security model, and that's what the security partnership is, uh, in a, in a way where, uh, you know, you have a security partner, two for critical teams or critical product speeches, et cetera. And, uh, they essentially are responsible for, uh, integrating security into the design, right?

Ashish Rajan: So it's like a very early human feedback from security expert to, let's say, uh, the architects or, uh, the tech, uh, so that they don't have to worry about security [00:15:00] after implementation typically happens. And it kind of blocks the teams, right?

Ashish Rajan: Uh, and the problem that we have seen is that, uh, how can like a or like one, or maybe, you know, a couple of security partners are enough to enable like a larger team of, uh, let's say 120 engineers, right? And that's where I think the AI has, uh, come into, come into,

Nick Reva: oh, that's a really good dovetail. I have a really good example on, yeah.

Nick Reva: Yeah, yeah. So one of, one of my challenges is like, I have 2,500 engineers and I have three of these security pods, right? Like for, for, for the well scoped areas that are the highest priority to the company.

Nick Reva: I don't have 10, I don't have 20, I probably never will from a headcount perspective. So how do I make those three people like really good at their job? So one thing we've been experimenting right now is with ai, AI enabled threat modeling, AI enabled product security reviews.

Nick Reva: These are emerging in the scene. Right? So this is more than like taking chat GPT and using it to do your, your product security reviews and threat modeling. It, it's contextual specific models that are specifically trained to understand the context of product security [00:16:00] and that they're even connecting like GitHub apps in, into your GitHub repos that you're, you're reviewing, reviewing that repo, like holistically and giving you feedback.

Ashish Rajan: Uh, actually you had a question as well. Yeah.

Ashish Rajan: So, uh, do you use it alongside your forward deployed security engineers or is it like the security engineer is still, you know, at the concept, design phase and then the AI takes over and,

Nick Reva: The, the idea, so the, okay.

Nick Reva: That's a really good question. The idea is to make the forward deployed security engineer more productive. And then later the idea is to take this and give it to the product teams as like a Chrome extension or like, you know what, a Google doc, you have like a more menu. You could put that more and make it this agentic security review framework.

Nick Reva: This is my vision. Like, just like everybody bear with me. The more menu, we'll have a virtual security engineer that'll give you feedback that's like really calibrated. But to get to that vision, we first had to get the, like, the actual security, the human engineers to do this. Well iterate on that model as part of like this the threat [00:17:00] modeling and, and product security review process.

Nick Reva: And then later we can hopefully do this.

Ashish Rajan: Awesome.

Nick Reva: Well, that'd be cool, right? Yeah. We're all outta jobs, but

Ashish Rajan: yeah, when we get to the agentic

Nick Reva: future I am constructing my own demise.

Ashish Rajan: Oh, fair. This question over here as well.

Audience: Yeah. This is uh, where I call it the automated baseline project.

Nick Reva: So Nice.

Audience: I was running the

Nick Reva: Let's patent that

Ashish Rajan: someone already after listening to the episode, you saying

Audience: the integrated prodsec model. So where Forward deployed Engineers. Now they're called as Forward deployed, but that time I used to call it as integrated EC engineer.

Audience: Right. Again, being in the team, we already talked about it. Yeah. And it helps. It doesn't scale.

Nick Reva: It doesn't scale

Audience: and nobody's giving me .

Nick Reva: But this scales.

Audience: So that's where slowly started building. So again, picking up those things where we were using tools SAST, DAST, SCA threat model, how can we piece it together? So whatever human was doing, yes,

Nick Reva: yes.

Nick Reva: But then

Audience: again, at this moment, they are not at par.

Nick Reva: Not yet, no.

Audience: So the [00:18:00] new word came in baseline, we call it as baseline automated prod sec. Mm-hmm. So now you democratize security. Uh, that's what, uh. I'm doing where Right. Everybody, all the features that are being developed. So I'm responsible for engineering organization, which is like 6,000 engineers.

Ashish Rajan: Yeah. Wow.

Audience: A lot of things and different products. So, and different charity.

Ashish Rajan: Yeah.

Audience: Get come in, have a democratized security model where every feature that we are developing that the engineers are developing is touched by this automated baseline concept.

Nick Reva: Yeah.

Audience: They get immediate early feedback and then we pick where humans will get involved.

Audience: Mm-hmm. So like complex code reviews?

Nick Reva: Yeah.

Audience: Complex threat models.

Nick Reva: Yes.

Audience: More tabletop exercises. That's where, uh, we are going.

Nick Reva: It's almost like the triage function happens via the, via this mechanism.

Audience: Exactly. So, uh, not in terms of vendors. The way I'm building is just using the same things and wherever the same as in SAST, DAST things and then [00:19:00] wherever the gaps are, by coding or developing more tools so that it's gluing together. I know vendors are like lower. I've seen like in the past

Nick Reva: that was a crazy round, right? It was wild. Like 34 for an eight. Wow.

Audience: Instead of getting to a vendor, uh, let's try something inhouse. Yeah. Yeah. And if it works, at least we'll get to know where we are missing.

Audience: And then it is easier to get a vendor

Nick Reva: or, or, or, okay. A little dirty secret. You can also learn from what the vendors are doing and get inspired and

Ashish Rajan: build. But, but my question to you, you guys is, and I think this comes up quite often where as a security function in most organizations, we are not, like a lot of people are not incentivized to build a security product in-house.

Ashish Rajan: And most of the LLM investments is going into sales, marketing drivers of revenue first. And I'm not saying it should not be the case, but it's definitely a case where. You could be an engineering heavy security team. Yeah. But the money for the budget, I mean, you have an enterprise license to ChatGPT, Claude whatever, guys go crazy.

Ashish Rajan: Don't worry, don't it? [00:20:00]

Nick Reva: It's a different, for me it's a different, uh, trade off. Yeah. It's not so much the money, it's much the speed.

Ashish Rajan: It's money or the speed.

Nick Reva: It's more a speed than money because this, the space is moving so fast.

Ashish Rajan: Yeah.

Nick Reva: There's so little opportunity to inject yourself. If you could inject yourself sooner rather than later, you win.

Nick Reva: Right. So for me it's like, Hey, let me experiment with some vendor things. Maybe they're not great, I know they're not great, but let me experiment with them. Maybe pick the best one or maybe get inspired and build one. Oh, right. And then at least I'm moving faster. Right. Otherwise, it just always, always, always takes more time to build.

Nick Reva: Yeah. I think you should, like generally what I've seen from building and Snap for example, built a lot of things. Snap was more of a, uh, engineering first, like a hundred percent engineering first. Like more like a Netflix style culture.

Ashish Rajan: Yeah.

Nick Reva: Is. 80% of the work is after you build the the V one.

Nick Reva: Right. It's all the maintenance, it's all the upkeep, it's all the, you know, the key person risks of the, the one guy who knows this thing really well leaves and then you're screwed.

Ashish Rajan: Yeah, yeah.

Nick Reva: Right. What do you do? So there are some things you should always, always build a hundred percent.

Nick Reva: Right.

Nick Reva: There's some categories. I have like a mental [00:21:00] model for that, but if you want to iterate, especially with like new, innovative things, why not?

Ashish Rajan: Yeah. But I guess because that's why, going back to what you were saying about the baseline, 'cause in my mind is that baseline, the new in-house that we maintain as engineers on our side.

Ashish Rajan: Yes. Whereas a vendor can come in and we can just plug and play APIs. Exactly. So is that what, what you envisioning?

Audience: Yes.

Ashish Rajan: Yeah.

Audience: Because again, they're not getting enough money.

Ashish Rajan: Yeah.

Audience: We have to convince and we are competing with the, as you mentioned, like engineering teams asking for the same budget.

Ashish Rajan: That's right.

Ashish Rajan: Yeah. Sales is also asking for it. Marketing's also asking for it. Yeah.

Audience: So yeah. So that's where, uh, like build baseline.

Ashish Rajan: Yeah.

Audience: Show the velocity.

Ashish Rajan: Yeah,

Audience: the value. And then either we can go and ask for more money or it's still a baseline. Good enough. Earlier it was zero. Now it is something.

Ashish Rajan: Oh, but then does that allow them to go into production?

Audience: Yes. So the caveat is, uh, where identify an acceptance criteria.

Ashish Rajan: Yeah. That's

Audience: the criteria. So when they meets a certain criteria, they'll go into production. And we also have a few humans [00:22:00] here.

Ashish Rajan: Right.

Audience: So that's where some of the critical features you're talking about, critical features.

Ashish Rajan: Yes. Identify, yeah.

Ashish Rajan: That

Audience: plays a role. So for everything, if they meet baseline, they'll go into production. Because these are low risk features.

Ashish Rajan: Yeah.

Audience: High risk features will need a human

Ashish Rajan: Right. Okay. So you're already segregating in between like low,

Nick Reva: medium, high risk. It's like, it's like holy risk based. It's not only low, low, medium, high based on.

Nick Reva: Like surface area and exposure, like kind of complexity. Like where where does the, where the high touch human needs need to touch it?

Ashish Rajan: And I guess maybe that's where the untouched parts of the, if you have 20-year-old software still when I was still a cso, I remember this software, I think it was dotnet or something even older.

Ashish Rajan: And it was like no one could do any deployment on it. It's like really in the core of the organization, you

Nick Reva: can't touch it.

Ashish Rajan: You can't touch it. No deployment, no updates. But I, I spoke to someone so I was running a CSO panel at in Sydney, uh, last week and someone mentioned that one of their team members was given a task for that.

Ashish Rajan: They used CLO code. And this engineer, by the way, he was an intern somehow and like one week, uh, the code [00:23:00] was able to understand what that old legacy piece of code was doing. Wow. Built a feature in a language that he'd not even know. And he go, what is that possible? And I was like, I mean, in my mind I'm going, that's impossible for an intern to do it.

Ashish Rajan: Leave it told someone who's experienced with years of software engineering experience. But this guy came with a blank slate and I, oh, I don't know the language, but I'm gonna give it a short, but I'm gonna get a pulled request in and hopefully it works out and it work out within a week. And I'm like, blows my mind.

Ashish Rajan: But it also raises a question to what you guys are saying with the baseline.

Audience: Yeah.

Ashish Rajan: Because we were talking about the AI attacks. As people are talking about, there's a lot of nervousness being created by vendors specifically about is an, there's a rise in AI attacks and the world's gonna, and termin coming, all of that.

Ashish Rajan: Is there an AI attack that you guys have heard of or seen that current is still makes you a bit nervous? Or do you feel at the moment that doing the approach that you guys have, the baseline approach, it kind of covers [00:24:00] the things that you care about mostly?

Nick Reva: Yeah. Look, I, I can speak about what I've seen actually at DoorDash.

Nick Reva: Yeah. It's not, not permissible, but what I can speak about is the. Speed of penetration testing and probing is becoming faster and more, and the quality is becoming higher. And the, the way I look at this is based on bug bounty reports across the industry and companies, there's a lot more noise.

Nick Reva: 'cause like the hobbyist level people are getting involved, right? There used to be like a, like a level of technical proficiency that you have to have to do this kind of work. It's gone, right? So that, that's, that's more or less gone. 'cause they're vibe coding the bug bounty reports.

Ashish Rajan: So the script kit is no longer the script?

Nick Reva: They're Claude Kiddies.

Ashish Rajan: Oh, they're, yeah. That's a good one. Yeah,

Nick Reva: it came to me.

Ashish Rajan: Yeah. Yeah. I mean, we should trademark that one.

Nick Reva: Clark

Ashish Rajan: Kitties get a T-shirt. So the, the Clark kitties are, should probably definitely get a t-shirt on that.

Ashish Rajan: Uh, but do you find the Clark kitties are a lot more smarter in terms of getting like the low, low risk, you know how you used to, [00:25:00] I'm sure people still get emails for, Hey, I can. Tell you all the secrets that are exposed. Gimme a hundred, gimme money. I'll tell you, uh, what, what ex exposed secrets you have, or export security vulnerability that are, I should get all those emails as part of the domain being exposed on the internet.

Nick Reva: Sure.

Ashish Rajan: So that's no longer the case.

Nick Reva: They're not like, they're not savvy, but then they're using AI to respond to like the, the pushback feedback from the company. Like, how do I respond to this? Oh, they're using AI to like respond to the res, to the research. The tri, the triage, the researchers, the Claude Kitties, are using AI tools to respond to the pushback from the bug bounty, like administrators.

Ashish Rajan: Wow, okay. So that they will argue on, yes, this is a high

Nick Reva: Right.

Ashish Rajan: Oh. But do you, do you guys,

Nick Reva: you can tell because like, you can always tell, you can always tell how it's formatted. You can tell how they're interacting with you. You can just tell. Right?

Ashish Rajan: Is that if then don't do Yeah. Fair.

Nick Reva: Yeah. It's, it's too like structural, right.

Ashish Rajan: Oh, fair.

Nick Reva: So there needs to be add some like noise into it to make it like less good, right?

Ashish Rajan: Yeah. Fair. But I'm curious in terms of

Nick Reva: maybe Claude kitten

Ashish Rajan: kitchen, why not puppies, we're getting in a very [00:26:00] different conversation, but I'm curious into if anyone else wanted to share their insight or thoughts on this part.

Audience: I'm curious on this because, uh, Curl recently like closed their bug bounty program, right? Because they had this problem with a, a large influx of like AI generated. Oh, in Bug Bounty reports. Right? Oh, uh, so how, like, how do you think about like how Bug Bounty is evolving or is it

Nick Reva: evolving?

Nick Reva: Well, I think we have to fight fire with fire, right? So if they're using, if they're using Clo Claude to generate bug bounty reports, we have to use CLO to triage those reports. There's only so many ways, like

Ashish Rajan: AI agent talks to AI agent.

Nick Reva: Yeah. Like instead of like a bug bounty engineer looking at every single one of them, maybe, I don't dunno, 50% of 'em are looked, looked at first, like from a triage perspective and then maybe maybe, I don't know what people are really doing this, but they probably are like actually interacting with a researcher, using, using an agent.

Ashish Rajan: Oh. But I went, and I guess it's, I'm curious, is there still a belief system that Bug Bounty should exist considering?

Nick Reva: A hundred percent. A [00:27:00] hundred percent should exist, but it's getting way too noisy. There's way too much cruft.

Ashish Rajan: But is that the case across the board in security? Because I mean, we've been doing security for a long time, right?

Ashish Rajan: And I. The, the belief system has been Oh yeah. So it's a opinion at the back as well. Go for it.

Nick Reva: Ah, alright.

Audience: Yeah, I, I think I, um, my point of view is that I don't think we're gonna need bug bies in the next, you know, three to five years. And my rational for that is like, we, we've needed bug bies for a long time because we have, we've have pen testers, you know.

Audience: Yeah. Or maybe to hire folks at pen test our most critical applications once a year. If you're a really important company, you know, a few times more than that now we've got, you know, vendors like XBOW that are able to do it.

Nick Reva: Yeah.

Audience: Automatically. And so why have an open bug bounty program? Well now you can pen test consistently.

Audience: Do get you have

Nick Reva: be because the really novel, nuanced vulnerabilities are not gonna get found by expos of the world. I will say that today, whatever today is, that will not happen. Right. Some of the stuff I saw at [00:28:00] Snap, like, I can't talk about it 'cause it was bug bounty, but it was extremely novel and complicated.

Nick Reva: Right. And it was very consequential. We paid out. A lot on it. Right. That's not gonna get found by the expos of the world. Probably never. And that's okay. And it shouldn't be. Right? Like we shouldn't, we don't need to democratize it. There shouldn't be a race to the bottom in every category. I think for, it may be lower profile companies that don't have like high complexity infrastructure, like your stand standard like attack and pen stuff.

Nick Reva: Sure. But for companies that have really complex product ecosystems, it's not gonna happen.

Ashish Rajan: Also there's a, on that old automated pen test phase as well, there's a challenge. So a lot of people work with third party and they also have to pen test third party as well. When now there's fourth party. fifth party as well.

Ashish Rajan: But I think the idea has been when you say, let's lose something like this. I'm not gonna name companies, but you're not able to say that. 'cause as as say for example, if I have a third party that had to pen test as a regulatory requirement, I can't guarantee that something like that would stop. When they find the vulnerability and they would not keep going ahead.

Nick Reva: Yeah.

Ashish Rajan: Whereas [00:29:00] my quote unquote responsible this disclosure would be, I stop when I have identified

Nick Reva: something. Yeah. What are the XBOW rules of engagement?

Ashish Rajan: I actually don't know. Like the, the reality is, 'cause

Nick Reva: I remember writing these rules of engagement when I was in consulting 15 years ago.

Nick Reva: Like, yeah,

Ashish Rajan: yeah. But the, you can't tell an AI agent to stop this is far enough. We don't go

Nick Reva: beyond this. So, so I think really where this is gonna go is kind of similar to the philanthropic report that we can talk about. Oh

Ashish Rajan: yeah,

Nick Reva: yeah. That's right. Yeah. It's hu Okay. Here's what it is. It's human in the loop for the critical decision points.

Ashish Rajan: Yep.

Nick Reva: And then, then maybe like the main line aspects of it are, are mostly automated, right?

Ashish Rajan: But with a human loop. Yep.

Ashish Rajan: Yep. I think I, so in general, the theme has been that it's like to, to your point about, to Nick's point about the complicated vulnerabilities, they're still hard to find. The logic is, you may know something internally, you may ask to test it, but an automated agent would just go, I know Seql injection, I've seen read all the cvs, but they can't combine a, they can't make a kill chain out of it, if that makes sense.

Ashish Rajan: But that's a good point though. I can definitely, I mean, [00:30:00] obviously to Nick's point, we are saying it today, and then like I, tomorrow something else comes out. And this is completely I mean, not needed, but in, in terms of obviously I, I've got another topic to cover as well. So I'm gonna wrap this up.

Ashish Rajan: Final thoughts, uh, before I wrap it up, is there any questions? Any more questions for Nick before I wrap up? No. Perfect right. Oh yeah, go for it. Fernando,

Audience: thanks. I do have one. It's more organizational, if you will. I'm not sure if you can comment, but

Ashish Rajan: Yeah.

Audience: Uh, you've, you've been able to get, uh, your four deployed security engineers working alongside your, what would you advise companies in terms of.

Audience: Who pays for this if it coming out of the engineering budget, if it's coming out of the security budget. And, and who answers for security in your organization? Is it your engineer innovation or is it your security organization?

Nick Reva: I mean, UL ultimately security. We're led to believe security decisions are a security team responsibility.

Nick Reva: They're not, they're a business decision ultimately. Right? Everybody, let's [00:31:00] hopefully agree this is true, right? The security team is the fact finder about risk and we help them provide technical solutions to solve problems, right? But ultimately the business makes the decision on what we wanna do. So if you're asking for a budget, whoever your business reporting line is, you need to go to that person and ask for a budget.

Nick Reva: We actually report into legal, which is an unusual reporting model, but it actually works just fine, right? 'cause legal has a lot of, a lot of like risk considerations and it works just fine for us. So for these forward deployed pods, which. I'll, I'll hand it to Suha. My, my manager, the CISO of DoorDash he brought this in about a year ago when he came in, and then he hired me to like, operationalize this and run it.

Nick Reva: Right. And that's what we're doing and scale it.

Ashish Rajan: Actually, I'm curious do we have an understanding of, there's a whole question of ownership for who owns the risk for ai, which is, I can only see people laughing that it's like, oh yeah, that one. Yeah. I it's worthwhile is, I'm curious if people feel is there an AI risk person in terms of someone responsible for AI that you [00:32:00] think it's well-defined?

Ashish Rajan: Anyone thinks it's well-defined? Who owns the risk for ai? No one oh, one person does, I mean, you wanna share your thoughts on this as well?

Audience: So I think the response to that is very worrying, right? I think it really depends on the organization,

Ashish Rajan: right? So

Audience: there's no one, one size fits all.

Audience: I think some companies, uh, that have established a more, you know, structured, you don't have a governance structure. I know they have a, a risk committee or something like that.

Ashish Rajan: Yeah.

Audience: But usually there's a very large institution, maybe more regulated like financial institutions, et cetera.

Audience: Majority of companies, they don't do that. Mm. Majority of companies, if they establish some sort of, I dunno, AI governance committee or something.

Ashish Rajan: Yeah.

Audience: Uh, they do that to kind of like help address, you know, uh, the regulatory expectations. Right. Or kind of like, just say we have AI governance side. I think the challenge with that is that then it becomes very blurry.

Audience: It becomes almost like you're,

Ashish Rajan: no one owns it.

Audience: Yeah. Like you, you're pretending that you have this body that owns it, when in reality it's not really like responsible or like [00:33:00] accountable for that.

Ashish Rajan: Yeah.

Audience: Right. So I think for that type of organizations, uh, I really like what you said about, you know, like, Hey.

Audience: Business is the ultimately the owner of the budget. Yeah. So I would tag on that and say, well, same thing with the a risk, right? I mean like a risk is just one category of risks. It's novel, it's very complex. It's,

Nick Reva: look the board of your company needs to know about this, right? How do you speak to the board of your company?

Nick Reva: You speak to your board of directors who speaks to the board of directors.

Audience: So I think, again, there's like different types of error, right?

Nick Reva: Sure.

Audience: Talking about the errors that your products that you are building, if you have some sort of AI features, right? Capabilities

Nick Reva: Exactly.

Audience: Be examples. Yeah. Are you referring to that or are you referring to like, Hey,

Nick Reva: I, I think it's both on the enterprise side of the, the tools and adoption that you're doing to make your salespeople more productive, right. In stats. But it's also if you have a customer facing product, it's even more important I think. Right? That's

Ashish Rajan: true. Both sides. Yeah.

Nick Reva: I mean both sides a hundred percent matter.

Nick Reva: It's just, just depends like kind of where you prioritize.

Audience: And I think this is where like different organizational dynamics varies, right? Some ways they [00:34:00] have more like a leading four facing, they focus, uh, heavily on what's. What's coming out to customers. Right. So they first focus on that.

Ashish Rajan: Yeah.

Audience: And then ownership would typically be sitting with the companies who like either like product, right?

Audience: Or companies who are really responsible to make sure, hey, like if we have an AI capability, a feature that let utilizes some sort of AI technology, whether it's using Frontier third party, lms, building in-house AI models or doing something else.

Ashish Rajan: Yeah.

Audience: Ultimately it's a product feature. Right? So they should be the ones responsible for that.

Ashish Rajan: Oh yeah. So if, if point about

Audience: like

Ashish Rajan: the business, if something went wrong with the product the person raise his hand going, Hey, it's my, it's my job on the line. To your point, their responsible risk as well.

Audience: We'll be there to help obviously, right?

Ashish Rajan: Yeah.

Audience: To make sure that, because if you think about it like security or safety is one aspect, right?

Audience: There is also like, hey, budget spend, right? Like on how many tokens you use, right? That's another aspect of it. Third would be like, I don't know,

Ashish Rajan: legal aspect

Audience: of SLAs. Third would be legal. So almost like every team would contribute in different ways, but ultimately the responsibility should be sitting with the one who's either [00:35:00] utilizing that Yeah.

Audience: Increase the value of the company and like who's responsible to making monetary decisions. 'cause at the end of the day, it's money.

Nick Reva: Yeah. Look, if, if there's a trust busting moment with AI that either bust trust with customers or other stakeholders who's gonna be involved, is it gonna be only the security team?

Nick Reva: No.

Ashish Rajan: No. Everyone. Yeah, absolutely. No,

Nick Reva: exactly. And that's why this needs to be, this is at a different level, right? This is why this is largely a business decision. It is a

Ashish Rajan: business decision. Yeah. Exactly. Exactly. I think you both are agreeing on the same thing. So, but on that vote, uh, maybe you kind a quick wrap up.

Ashish Rajan: Uh, any final thoughts for the. Anyone who's trying to figure this out in their organization. Um,

Nick Reva: look there's a huge body of knowledge in this space. People are really getting passionate about this space. Follow others, meet people on the internet, reach out to peers who you find as inspiring knowledge share.

Nick Reva: It's, there's only so many things that we can do as single individuals. There's a lot more we can do through our community and our, and our forums even like this. Like this is the reason I flew here from LA tonight to be with you guys to share [00:36:00] a little bit. I appreciate that. To share a little bit of what I, what I've been doing.

Ashish Rajan: I mean, people came from Santa Clara as well, so the people at Santa Clara, yay. Uh, no, but I think I appreciate it coming over. So got the next segment is about GRC which is kinda like go take, go straight into that kind of conversation as well. So I appreciate kind of where this is going. Uh, but dude, thank you so much for coming.

Ashish Rajan: Thank you. Round of applause fro him as well. Thank you. Questions that I had for the crowd While we are the, the second most important topic that keeps coming up for us.

Ashish Rajan: So there's obviously the, the part of AI going into production. Then there's a conversation about, hey, attacks are on the rise. The third one is the GRC space, which is kind of like a lot of regulatory who's responsible? Is there even a compliance standard for this that we need to follow? Does NIST cover this?

Ashish Rajan: Is there 2.0 3.0 coming out that we need to care about? So, by the way, can we have a huge round of applause for Shivani? 'cause she did. Like, I, I kind of pulled her from the crowd. She was like, oh, I don't know. But I'm like, no, you, you're awesome at this. So [00:37:00] maybe to start off, if you can share a bit about yourself.

Ashish Rajan: Yeah. What you've been up to, where you are, all of that.

Ashish Rajan: Yeah.

Shivani Doke: So, um, I'm a GRC engineer. . So GRC engineering is not a field that a lot of people know about.

Shivani Doke: Um, he was telling me that it's a bit, you know, a little bit of, um, very theoretical, not very practical. So we are here to sort of change that. Um, yeah, and I'm excited for

Ashish Rajan: today. Are we talking about AI and GRC at the same time as well? So no pressure on that conversation as well?

Ashish Rajan: Yes. But obviously she's representing herself so shi just come from Harin, but I think to sets, to set some context, I'm curious about how many people in GRC space here is there?

Ashish Rajan: Oh, wow. Okay. Quite a few. Okay. So there's definitely some opinions. Everyone in the GRC technically Yeah, by, by loose connection. We are all part of GRC. There's a love hate relationship between GRC, let's just say that. Uh, so the question that I had, uh, obviously we spoke about the ownership part.

Ashish Rajan: There's one question that came up was, so in terms of the, the standards, do you guys believe there's a, any of the [00:38:00] existing standards that have been established for years that we've been following is NIST standards, NIST CSF ISO 27001 SOC two, type two. A lot of people have gone through that process.

Ashish Rajan: Now suddenly AI is in the mix. Is there some belief system that these standards are enough for us to do, is already No, Fernando's already saying no, but is there like a belief? Is anyone believe that? Yes, this can still work in an AI world?

Shivani Doke: No,

Ashish Rajan: it's, oh, okay. There's a, there's a thing. Oh, I mean, Mo you have some opinion, right?

Audience: Yeah, I mean, like, I don't think they were ever designed to be sufficient, right? I think they were just designed to be enough to keep your organization running. And it's like these are the a baseline, like we can call it that. Um, this is like as much as we know at the moment.

Ashish Rajan: Yeah.

Audience: And it's like fill in the gaps. And this kind of allows organizations to go and be a little bit flexible with how they build out their programs and the functions around the governance standards and [00:39:00] regulatory requirements and stuff. Unfortunately I've been part of some of these processes and I've seen those conversations.

Audience: They go on for months and it's like, um, both like actually building the like, um, policies with the regulators and then internally, like actually trying to figure them out with your company.

Ashish Rajan: Yeah.

Audience: On the regulatory side, it's like, oh, well we need to define things like how do you define catastrophic risk?

Audience: Right. What does that actually mean with different types of areas of. Risk. And then internally it's like, how do we define catastrophic risk? Well, if I like cannot pay someone tomorrow, that's pretty bad. But also, if we go broke and we're not operating or like we're down and our downtime's like, you know, a hundred percent.

Audience: Yeah, I think that's pretty catastrophic. So it's totally defined differently in different areas and I think that's what makes it confusing. Like you can't just like put a metric or a specific number or like just say this Is it in regulation or standard?

Ashish Rajan: Yeah.

Audience: You kind of have to figure out a definition based on all the information we have.

Ashish Rajan: But I, and going back [00:40:00] to what you were saying earlier about the governance councils, do we believe that the risk for AI can sit with one team or

Shivani Doke: no?

Ashish Rajan: Anyone believes yes. Yeah. Yeah. Go go for it. Yeah. Share.

Audience: Okay. So, so, so I haven't thought about this and I think maybe if we step away from AI for a second, right?

Ashish Rajan: Yeah.

Audience: So maybe I'll ask question to the audience. So imagine like all of your organizations right now, if dedicated security, compliance, risk management, whatever teams, if they disappear tomorrow, how likely is it the organization will have like a catastrophic for a major failure Within foreseeable future?

Audience: Adam? Yeah. Within a quarter, within two. Like how likely is it in reality, right? I don't know. Like who feels that? Hey,

Shivani Doke: highly likely.

Audience: I dunno. The company.

Ashish Rajan: Highly likely.

Shivani Doke: Highly likely. Yeah. Because security folks, they're the champions, right? They're sort of directing you towards the line of protecting your organizations from risk.

Shivani Doke: [00:41:00] Business focuses on making money, but security is mostly, or different goals. An afterthought. Yeah.

Ashish Rajan: Different goals. Do you, I mean, so in, in case maybe we have,

Audience: maybe again, like say, you operate with a lot of sensitive data, you're in regulated field, right? So there would be but I guess my point is that

Ashish Rajan: majority may not be, I guess the category

Audience: majority won't see an immediate impact, right?

Audience: Yeah. There will be an impact sometime in future. And I think why it's relevant to call that out, that I think right now we're kind of like the novel agent ai, you know, like, it's like a very novel concept of the past two years. Everyone's talking about it. Every event you go to talks about AI and why shape.

Ashish Rajan: I mean, we, we are an AI event as well right now.

Audience: And that's fine and that's fair. But, uh, I think a large portion of that is that, uh, we need to start switching from like more, uh, traditional thinking into more like, okay, how do we change our paradigm? I'll, I'll give you an example, right? So. I think there's been mentioning about like, you know, like AI security in the [00:42:00] previous conversation, right.

Audience: And I think what large portion of the companies who now offer AI security products are doing, they're basically building AI perimeter, right? So like, it's the same concept. Pay, we'll build the perimeter.

Ashish Rajan: Yeah.

Audience: Just around ai, right? So they try to adopt the existing paradigms in like a more traditional security into AI space and say, Hey, this is normal, right?

Audience: And to some extent it will work in some cases, but I think maybe in order for us to actually have like a clear, like, Hey, should it be owned by one team or not, et cetera. We need to really understand that this is a paradigm shift, right? This is where like, I don't know, like, uh, when, when we talk about people having their like personal AI assistance, right?

Audience: Not open claw, but like just generally speaking.

Ashish Rajan: Yeah.

Audience: Uh, kinda like starts to matter. So I think there needs to be a bigger paradigm shift. In terms of, uh, like how we approach asking those questions.

Ashish Rajan: Yeah. Yep. Awesome. Thank you for sharing that. 'cause that kinda leads to [00:43:00] the, what we were talking about just earlier, about vendors who are using AI as well.

Ashish Rajan: You doing GRC engineering?

Shivani Doke: Yeah.

Ashish Rajan: How, how are you seeing this kind of change and what you, I think you have some thoughts on the whole space. I was like, say, say that for this particular conversation. So, yeah.

Shivani Doke: So, you know, I think who owns AI risk really depends on the use case. So for example, I'm talking about a business unit.

Shivani Doke: They really want to onboard a vendor, which has a very AI forward capability. So if a business unit particularly needs it and requests for a vendor, then we go through the whole, you know, the third party vendor risk assessment, looking at the model card that the vendor is using. Probably looking at some other reports, you know, continuous scanning of vendors.

Shivani Doke: So in that case, uh, the business team requesting for the end of, for the vendor, they eventually end up owning that particular risk. But if there's something built in-house, if you're training a model. A foundational model through like open ai, whatever, then it depends. Then it's on the onus of the business, right?

Shivani Doke: Yeah. Then the IT team, the developer experience team who's, who's actually working on the model, [00:44:00] who's fine tuning the model, they sort of then own the AI risk. So really it depends on the context of the business, the way ai, you know, features, functions, applications are being onboarded to your company's, uh, landscape will define who is actually owning the risk.

Ashish Rajan: Would you say that A PDF policy is enough this time for GRC?

Shivani Doke: Not at all, and I think that's where the beef, you know, against, uh, the GRC folks really comes because we mostly focus on having all these policies. There's this annual policy refresh where we just make some edits in the Word document in the PDFs, and then it goes through reviews.

Shivani Doke: But we have to move away from that towards, you know, really embedding these security controls. Within our development life cycles.

Ashish Rajan: Yeah.

Shivani Doke: And

Ashish Rajan: did RC engineering, as you were

Shivani Doke: saying earlier Yeah. That that is one aspect of GRC engineering. Yeah. You're really embedding controls, um, all the way shifting left throughout the lifecycle.

Shivani Doke: Right. That's where you can probably, if your policy says, you know, no AI code, that's, uh, no, no code that has been developed [00:45:00] by an AI agent can be merged. So the two person control, you know, having some flag that will automate in an automatic fashion sort of block that policy, block that code from being merged.

Shivani Doke: That's one area where GRC engineers can really, you know, also it's

Ashish Rajan: fine. 'cause I guess traditionally GRC has been seen as a, and I joke what the PDF policy thing, but essentially it's always looked at a field where it's like, to your point, there's a compliance check every few months, years or whatever

Shivani Doke: point in time is the call.

Ashish Rajan: Yeah. I mean, but point whatever the point in time that people are comfortable with. But you're saying with the ai there is a lot more, I guess people are going towards GR engineering 'cause. The code being developed is more code.

Shivani Doke: Exactly. By ai

Ashish Rajan: it's

Shivani Doke: more real time. Right. We are now looking at real time runtime monitoring, um, runtime application, self protection.

Shivani Doke: Right? Yeah. So like the fields, GRC engineering also has to evolve. Like we have to constantly keep monitoring our attack surfaces, constantly keep scanning these tools, looking at supply chain vectors and yeah.

Ashish Rajan: I think we had something about this [00:46:00]

Shivani Doke: field

Ashish Rajan: compliance and a AI earlier as well from as well.

Ashish Rajan: You have some thoughts on the whole AI impact on compliance as well earlier?

Audience: I think yes. Uh, GRC Engineering is a new 2026 version of GRC.

Ashish Rajan: Yeah.

Audience: GRC job archetype. That's changing inherently. And with ai, it's gonna fuel the entire movement together. So we're gonna have a lot more people in GRC will be contributing upstream.

Ashish Rajan: Yeah.

Audience: Controls versus just being the checkbox.

Ashish Rajan: Oh, so when you say upstream, what's, what would be an example of it?

Audience: Let's say control call as the policy, right?

Ashish Rajan: Yeah.

Audience: Your partner policy is signed off by the CTO once a year.

Ashish Rajan: Yeah.

Audience: That's typically controlled policy base.

Ashish Rajan: Yep.

Audience: Is the partner policy enforced downstream within your SaaS applications?

Audience: Maybe not. Maybe SSO but that doesn't violate the policy. Doesn't like provide, so it just depends on,

Ashish Rajan: but is there an AI playing a role in there as well? Like as in,

Audience: so AI just help a lot of GRC people become not more smarter.

Ashish Rajan: Oh, right, okay. Yeah.

Audience: I have a good example of this.

Ashish Rajan: Yeah, go for it. [00:47:00] Okay, go for it.

Nick Reva: So we're building something called Security Knowledge graph.

Ashish Rajan: Yeah. Which

Nick Reva: is basic cartography open source source framework. And the idea is to take data sources like Wiz.

Nick Reva: Endpoint security tooling, aggregate them into a node graph.

Ashish Rajan: Yeah.

Nick Reva: Where you can build relations between different units and you can even take controls that you've designed and say, is this control operating based on real time runtime data? So you have like EDPF probes, like observing your pod security, right?

Ashish Rajan: Yeah. Yeah.

Nick Reva: With observing your Docker exposure.

Ashish Rajan: Yeah.

Nick Reva: you can actually do that at runtime to see if that control is implemented. And if it isn't, if it isn't working as designed, then you can fire a, a Slack notification or, or a Jira ticket to that owning team.

Ashish Rajan: Yeah.

Nick Reva: Based on the, uh, the ownership of that piece of infrastructure from, from data sources like API gateways or envoys or other kind of organizational mapping tools.

Ashish Rajan: Right.

Nick Reva: Like kind of seem to be tools, if you will. And this really works well. And this is in the vein of GRC engineers. Like literally our use case for

Audience: this thing that I just talked about is GRC engineers.

Ashish Rajan: I was gonna, I'm glad you didn't mention [00:48:00] MCP.

Audience: So I, the way I see differently, right.

Audience: Because this is more of the second job to do, to operate the control effectively. From a GRC engineer perspective, you also fix on automating audit process. So you do a SOC to like once in six months, you wanna do a SOC two every morning at 10:00 AM what you do.

Ashish Rajan: Mm.

Audience: You wanna check if the controls that Nick has built is not broken.

Ashish Rajan: Yeah.

Audience: Right.

Ashish Rajan: And do you still keep them after things have been changed? Maybe you don't use Yeah.

Audience: Find out the issues early on.

Ashish Rajan: Yeah.

Audience: And you find out, okay, what framework is this breaking?

Ashish Rajan: Yeah.

Audience: And you tie onto to the business risk.

Ashish Rajan: Mm-hmm.

Audience: Is the second job to order the control anyway. You automate it or you throw five headcounts at it.

Audience: But audits job is to make sure it is not transferred into audit risk.

Audience: Oh, much oblidged. I had a question on the other side of GRC on the, on the external side, if you will, in your, what's been your experience as it relates to the external stake, to the external influence on [00:49:00] AI specific topics related to GRC for example?

Audience: Uh, do you have to talk more to legal because of the new AI Act or California state Bill 9 42? Or, or to what extent do you see a difference between GRC external influence on ai mm-hmm. Versus external influence on other things. Cool.

Ashish Rajan: Or almost, what was it before ai? What is it after ai? Do you, yeah,

Audience: kind of,

Ashish Rajan: yeah, because I guess no one was talking to legal before that unless you had like a

Audience: what has changed in your view in relation to the external influence driven by AI implementation?

Shivani Doke: Um, I feel it's just become an expansion of what was already there. Okay. So if we were only focused on a couple of standards and compliances, now we have started to look at more something like the ISO 42001

Shivani Doke: If we were to look at AI supply chains, then if it's probably the executive order [00:50:00] 1 40 28. So if we need to do something beyond what we currently have to secure our AI infrastructure, it's looking at those controls and of course, um. Big aspect of it is third party vendors, right? Yeah. Earlier, not a lot of vendors had AI services.

Shivani Doke: Now every vendor has to have some AI capabilities. Yeah. So you are reviewing more, you're asking those questions, you're seeing their policies. So it's an extension of what was already there, almost an expanded attack surface.

Ashish Rajan: There was couple of other GRC people here. I'm curious if they have seen a change on that side maybe.

Audience: I think the, um, the primary difference now is more privacy oriented,

Ashish Rajan: right?

Audience: Like any vendor that tells me they got an AI functionality or AI capabilities.

Audience: I dig very deep into what data do you need for your tool to work for me to have the purpose that I'm paying for. That's where I start digging further and further. Because at the end of the day, every one of us, whether the GRC or [00:51:00] not, is responsible to manage the risk of the organization.

Ashish Rajan: Yep.

Audience: And I then I sit down with my legal team saying, these are the things my, this vendors telling me, my business owner desperate to get this tool.

Audience: I want this contract rewritten to have these provisions that can take, you know, a few days to a few months. But it depends on the vendor and how, how much they're willing to open up. I've actually had vendors lie to me

Ashish Rajan: about

Audience: what their AI does and doesn't do. The integrations that they've built in with other companies that their own vendors, that as part of their product offering that are using different kinds of ai, LLM.

Audience: So really just need to dig down and say, ask them the questions, which, how many enterprise, um, AI LMS are you using? Do, do you sign a contract with every one of them? Do, does your contracts stay that you do not use my customer's data if they use your product? That's right. You, you have to, I think it's all now it's as much of as, uh, as many acronyms as exist, but it's all about data security.

Audience: It [00:52:00] doesn't matter how we're managing our risk or how the compliance is being met, who's governing us.

Ashish Rajan: Yep.

Audience: As long as you are protecting your company's data and your customer's data, everything else will sort of fall in line.

Ashish Rajan: Yeah. Perfect. I think this one did you want to share? We can take the mic if you want.

Audience: I kind of had a follow up on that. And also for you in terms of like you say, data month, days to months for negotiating a contract that includes that for me. Like my engineering teams don't have days to month. They're like, this vendor's happening or it's not happening. But in the meantime, like for me, I'm not NGRC, I'm the person in charge of controlling whether our customer's data gets exposed, um, irresponsibly or we have data loss prevention that's out of contract.

Audience: So do you work with your other teams to ensure, like in the meantime. This contract may get negotiated in three months, but in the meantime, the tools going in and we need to control for whatever our risk are in the meantime.

Ashish Rajan: Mm. Kind

Audience: of an opening.

Ashish Rajan: Yeah. Do that again. [00:53:00] I mean, did you wanna share towards the short answer?

Ashish Rajan: Yeah.

Audience: Um, I do have teams that go out and buy on a personal credit card and expense that, uh, the first time that finance team tells me like, I got an unauthorized, or somebody put an expense report in. Yeah. Um, we basically sit down with the person, myself and my boss, and somebody from legal about why they broke policy.

Ashish Rajan: Alright.

Audience: Um, that's happening. That's the first thing that we would be as soon as we find out indirectly, if they go ahead and initiate a conversation with their higher ups and they're like, you gotta go talk to head of security, or head of marketing or head of sales, they can have that conversation. I tell 'em exactly what the risk is.

Audience: If my boss decides this, this is okay. I accept this risk. If the business owner says I'm gonna go tell the CEOI accept the risk. That's all on that. I write my risk report re. Of whatever I identified and I just put it in there. It's now part of the record. And if something happens, now we know exactly what has transpired from the moment they wanted to buy the tool to the moment that something's happened.

Ashish Rajan: Oh, there's some [00:54:00] thoughts here as well. Well, quite a few thoughts over here.

Nick Reva: Look I think this whole, uh, anecdote that was just shared by our gentleman right here, it narrates the importance of the speed of engineering.

Ashish Rajan: GC engineering or it

Nick Reva: doesn't matter, like GRC engineering.

Nick Reva: God bless you. I mean that, that, that's a new invention.

Ashish Rajan: She's doing a great job representing GRC Engineering. I'm,

Nick Reva: it's existed under three years, I think as

Ashish Rajan: Yeah. Yeah. It's very new

Ashish Rajan: yeah.

Ashish Rajan: Mind, I think, Mo, you had some thoughts earlier about this as well. Yes.

Audience: I've like bounced between those teams where like, I was on AppSec for a really long time and jumped into GRC for like as an engineer.

Audience: And right when we were thinking about, oh, is GRC engineering a thing? Like, I actually wrote the JD for a GRC engineer. Oh, it doesn't exist. But like the big thing about ai, it's all been about transparency, right? Yep. Figuring out what's happening across the board. A lot of times when we think about transparency with ai, it's about what are the models doing?

Audience: What's like actually happening? How's the processing happening for an organization? [00:55:00] It's at much higher level, right? Because now you're taking like, what the heck was fourth vendor risk? Yeah. Like a couple of years ago or fifth vendor risk, right? And like down, like now we have to understand like the downstream implications of like AI things in logs.

Audience: And it's like, okay, well, like where did any of this come from? GRC is kind of like the first, your new first line of insight on all these things because bring in new vendors and it's like, okay, well, like how do we understand this? And the reality is GRC teams have always been understaffed and they've always just been very small.

Audience: And I remember when I was first interviewing GRC folks for, uh, the GRC engineering role, right? All the questions were engineering questions. And I was like, nobody's gonna understand this. This is like, this is a field where it's like they've been trained on handbooks and policies and it's like rote understanding of like how compliance is impact or en enabled in an org.

Audience: Yeah. Or how this works or [00:56:00] what a checklist looks like. But we're beyond that. Right? If we're work, like you said, we're beyond check boxes at this point, it's more of like an AppSec control. That's what it feels like. Yeah.

Ashish Rajan: Yeah, yeah. Um,

Audience: if you are any slower than that. The business gets mad, Hey, why can't we do this thing?

Audience: Right. That's spot on. That's exactly right. Right. That's it. Yep. So transparency is the, in my opinion, the big thing that like GRC engineering brings. 'cause now it's like we have immediate insight into these decisions and all the AI that GRC is going to be using because it's not an if it's a when.

Ashish Rajan: Yeah.

Audience: And if you're not using it now, honestly, you're too late. You better buy a vendor and get ready to like copy them.

Ashish Rajan: Yeah.

Audience: You need to like pick up these capabilities you like, it's going to be like, oh, we've got a PDF like that we got from another company. It's processed. We understand. It's like a five minute review for like an AI system, right?

Ashish Rajan: Yep.

Audience: Um, it, it cannot be like a three day process. Like it's too long. I think like the most aggressive timeline I've heard is 24 [00:57:00] hours to make a decision.

Ashish Rajan: Wow. Okay. Right. That's pretty tight. That's

Audience: like an aggressive timeline.

Ashish Rajan: Yeah,

Audience: but it's not, um, not impossible.

Ashish Rajan: Or maybe it's not unreasonable in an AI world.

Audience: Exactly. So yeah, transparency is the big, the big let or big, uh, word or theme I see for GRC

Ashish Rajan: engineer, definitely headline for, especially for the AI space as well.

Audience: Yeah.

Ashish Rajan: Yeah, a hundred percent. I think Shivani do you wanna explain what third party, fourth party, fifth party. Six party, because most such a topic.

Ashish Rajan: How do, how do you describe it? Yeah,

Shivani Doke: how do

Ashish Rajan: I

Shivani Doke: describe it? It's basically like when you're onboarding a vendor, your vendor product, they're also, the particular vendor has other vendors, right? So basically when you onboard a third party vendor, you're also onboarding that third party vendor. Other dependencies, other vendors.

Shivani Doke: So basically that becomes a transitive dependency. So if something happens to my data that's, uh, been hosted on the third party's cloud and the third party's cloud security provider has a breach, then my data has been breached. So fourth party dependency, I get [00:58:00] exploited. So that's, uh, and then that's not just fourth party.

Shivani Doke: We could have end party, you know, that could, the transitive dependency could go on and on. So that's where you have some tools that do some third party end party monitoring. But it's, I don't think we are at a stage where, you know, it's state of art or you can really rely on the results that these tools give you.

Shivani Doke: So I think there's a lot of scope for us to, as an industry, to, you know, mature, keep working on, to keep working on, to keep mature.

Audience: If I might try to actually merge, I guess.

Audience: Three of the points

Ashish Rajan: Yeah.

Audience: That you made. Right? Because I feel like they're all relevant. So Yeah. So you just use an example of, hey, if my third party that has dependency on someone gets breached, like, or like if that party gets breached, basically my data gets exposed.

Ashish Rajan: Yeah. Yeah.

Audience: So, and I think more had a brilliant point about like how JRC enables transparency.

Ashish Rajan: Yeah.

Audience: Right? And a gentleman over there in the back, you mentioned the actually experience, you know, where like vendor would misrepresent Right. Some facts to you during vendor assessment. So I feel like maybe that goes back to the initial point that you made when we started talking about [00:59:00] GRC, about, you know, the current like security standards and certifications and whether they're relevant or not.

Ashish Rajan: Yeah. 'cause

Audience: I think all of those aspects, they talk about trust between organizations, right? So, hey, you want to trust your vendor and you want to make sure that they manage their vendors.

Ashish Rajan: Yeah.

Audience: You said, well my vendor reviews, they become more complex because now every vendor brings their own ai. So I wanna do a more thorough assessment.

Audience: Right. I'll ask, I don't know more questions. I'll try to understand more 'cause it's more complex dependence. And what, to your point of transparency, right? I mean like those, this is the reason why certification, they were created initially for right? In order for me to avoid asking a hundred of my vendors, you know, a hundred questions, right?

Audience: There's a centralized standard that kind of like takes all of those questions frames and nicely and if all of those vendors, they go through that and they get certified, I should be getting some sort of a relief that hey, they went through that. So that means they have that.

Ashish Rajan: Yeah.

Audience: So maybe going back to your initial point about like, hey, the current standards and certification do that.

Audience: [01:00:00] Satisfied. So maybe this is where the actual gap is that we feel like the current existing standards, and again like obviously there's like nuance like guys of 42 1 that try to manage this or like NCA risk management framework, like whether they will accomplish that or not. Unclear maybe at the moment.

Ashish Rajan: Okay.

Audience: But I think companies are trying, but maybe that's, that's what we really need.

Ashish Rajan: Fair. Anyone else feels they're,

Audience: they will never accomplish that and that's why

Ashish Rajan: Oh, sorry.

Shivani Doke: Exactly. Meant for an ideal state, right? Yeah.

Ashish Rajan: Okay. So I'll let you finish first and then you can

Shivani Doke: Got it. I was trying to say that these standards and guidelines, you know, they're defined for, they're made for an ideal world, which is not really what we live in.

Shivani Doke: Right. So I don't think it's right to just follow the standards. You have to tailor it, calibrate it to your business, the risks that your business has. And yeah, that's the beauty of it. That's why it's also, you know, not just a scientific thing, it's also art. That's where creativity comes in. So that's why I think I enjoy being insecurity, just get to be creative.

Ashish Rajan: The only question I have is. Do I still have to take screenshots?[01:01:00]

Ashish Rajan: Like, I mean, that's because that's like the bane of GRC, right? Because like Yeah,

Shivani Doke: exactly. For

Ashish Rajan: everything in AI world, does that go away like an ai AI engineering world? Does that go away? Like

Shivani Doke: Yeah, I, I imagine you creating a GRC agent and that agent taking the screenshot for you, uploading the screenshot in tools like so tools that, whatever, yeah, whatever.

Ashish Rajan: Some centralized governance

Shivani Doke: tool, some centralized governance tools. So yeah, your agent doing the work for you, you know,

Ashish Rajan: that's the

Shivani Doke: future. Maybe.

Ashish Rajan: Wait, so, so the conclusion from the previous session that Nick had was we are gonna go out of detection response, the order security and like a conclusion.

Ashish Rajan: This one as well is, isn't GRC agents

Ashish Rajan: having

Shivani Doke: agent Yeah. Do your screenshot evidence collection

Ashish Rajan: for you. So essentially we are all trying to just get ourselves out of our job, basically. That's what I, that's what I like.

Nick Reva: We're basically gonna be unemployed.

Ashish Rajan: Yeah. All in the future, in somewhere in the future, hopefully may work in better things, but I appreciate you coming over as well.

Ashish Rajan: You so much. Well, so much Thank you every, everyone for, uh, engaging into this conversation, sharing what you guys were doing as well. I could have just kept this conversation going. It is just that I'm looking at people behind us. The camera crew is almost like, [01:02:00] guys, it's like, I mean, we only have venue for such a limited time, so I would love for you guys to hang around, have some few, few conversations as well.

Ashish Rajan: But I'm hoping to have more of these and maybe next time Caleb could join us as well when he is feeling bit better. But he was definitely here in spirit. Uh, I appreciate everyone for Flew in from Canada, from LA, from Santa Clara, but I, I, uh, from the uk. From the uk Well, I mean, I, I, I had to come for you guys, but I, I appreciate all of you coming in.

Ashish Rajan: Thank you so much. I would love if you guys can give us a roundup applause for everyone. Thanks. I everyone thank you. Thank you so much. And for people at home, thank you so much for doing it again. Thank you. Thank you. Thanks so much. Thank

Audience: you

Ashish Rajan: for

Audience: doing this. I appreciate this around

Ashish Rajan: applause for her as well.

Nick Reva: Thank you.

Ashish Rajan: Thank you for doing this. Thank you for jumping in as well. I really

Shivani Doke: appreciate this. Yes, I love this. This was,

Ashish Rajan: thank you for watching all listening to that episode of AI Security Podcast. This was brought to you by Tech riot.io. If you want to hear or watch more episodes of AI security, check that out on ai security podcast.com.

Ashish Rajan: And in case you're interested in [01:03:00] learning more about cloud security, you should check out a sister podcast called Cloud Security Podcast, which is available on Cloud Security Podcast tv. Thank you for tuning in and I'll see you in the next episode. Peace.

‍