Partially Redacted: Data, AI, Security, and Privacy

Partially Redacted brings together leaders in engineering, data, AI, security, and privacy to share knowledge, best practices, and real world experiences. Each episode provides an in-depth conversation with an industry expert who dives into their background and experience. They’ll share practical advice and insights about the techniques, tools, and technologies that every company – and every technology professional – should know about. Learn from an amazing array of founders, engineers, architects, and leaders in the data and AI space. Subscribe to the podcast and join the community at https://skyflow.com/community to stay up to date on the latest trends in data and AI, and to learn what lies ahead.

Listen on:

  • Apple Podcasts
  • Podbean App
  • Spotify
  • Amazon Music
  • iHeartRadio
  • PlayerFM
  • Samsung
  • Podchaser

Episodes

Wednesday Jun 05, 2024

In this episode, Sean is joined by Eric Dodds, Head of Product Marketing at RudderStack, to dive into the world of data management, data pipelines, and common data mistakes. Eric shares his insights on when organizations should transition from basic tools like spreadsheets to a more sophisticated data stack, including data warehouses and modern tooling.
They discuss the challenges businesses face in data management, specifically about coming up with a common set of definitions that an organization is aligned around. They also discuss how to address these issues, and the importance of secure handling of customer data.
Eric also provides an overview of RudderStack, its open-source approach, and the value it brings to managing customer data. Eric shares a ton of practical advice on building and optimizing your data infrastructure.

Wednesday May 15, 2024

In this episode, Kirk Marple, CEO and Co-founder of Graphlit, joins the show. Sean and Kirk dive into the world of unstructured data management, discussing the evolution and current challenges in the field.
While structured data has been well-handled since the 1970s, 80-90% of the world’s data remains unstructured, with predictions of 175 billion terabytes by 2025. Despite this vast amount, companies struggle to utilize it effectively due to immature tools and processes. Graphlit was founded to address this gap, providing scalable, maintainable systems with enhanced observability to handle unstructured data efficiently.
Kirk discusses the challenges in data security and privacy when building RAG-based applications. He discusses some of their exploration into PII scrubbing and also controlled access to the vector embeddings based on the roles of a user.
Finally, looking forward, Kirk shares insights into the future of Graphlit and their continued focus on enhancing the accessibility and utility of unstructured data for businesses across various industries.

Wednesday May 08, 2024

In this episode, Jake Moshenko, CEO and co-founder of AuthZed, joins the show to explore the world of user permissions at scale. Inspired by Google's Zanzibar, AuthZed aims to tackle the challenges of authorization - a less common focus compared to authentication in the tech industry.
Jake discusses the initial simplicity and subsequent complications in role-based permission models, where businesses often struggle as they scale and need more nuanced access controls. He explains the Zanzibar paper from Google and the technical challenges with implementing the approach successfully. He explains how AuthZed facilitates a flexible and maintainable permission system and how companies get started.

Wednesday May 01, 2024

In this episode host Sean Falconer is joined by Aaron Painter, CEO of Nametag, to explore the evolving threat and potential of AI deepfakes. They discuss the increasing sophistication of deepfake technology, highlighted by the significant rise in incidents such as the Retool hack, and how these technologies can manipulate public perception and security. Aaron discusses the development of technologies to both create and detect deepfakes, discussing the arms race that pits innovation against security.
Aaron shares insights into how his company, Nametag, is at the forefront of combating deepfake fraud by protecting identity data and providing solutions for both companies and individuals to safeguard themselves. They conclude with thoughts on the future, discussing the ongoing technological advancements that are expected to play a crucial role in the fight against deepfakes, aiming to balance innovation with security in the digital landscape.

Wednesday Apr 24, 2024

In this episode we’re joined by Shubh Sinha, CEO and Co-founder of Integral, to discuss the protection and utilization of sensitive health data. Shubh shares insights from his varied career in sales, engineering, and product management, and dives into the challenges of maintaining privacy and security in healthcare. The conversation covers HIPAA regulations, the balance of securing data while keeping it accessible, and the role of generative AI in healthcare innovations. Tune in for a detailed look at how technology is shaping the future of patient treatment and data privacy.

Wednesday Apr 17, 2024

In this episode, we dive into the world of MLOps, the engine behind secure and reliable AI/ML deployments. MLOps focuses on the lifecycle of machine learning models, ensuring they are developed and deployed efficiently and responsibly.
With the explosion of ML applications, the demand for specialized tools has skyrocketed, highlighting the need for improved observability, auditing, and reproducibility. This shift necessitates an evolution in ML toolchains to address gaps in security, governance, and reliability.
Jozu is a platform founded to tackle these very challenges by enhancing the collaboration between AI/ML and application development teams. Jozu aims to provide a comprehensive suite of tools focusing on efficiency throughout the model development and deployment process.
This conversation discusses the importance of MLOps, the limitations of current tools, and how Jozu is paving the way for the future of secure and reliable ML deployments.
Resources:
Jozu
KitOps
 

Wednesday Mar 27, 2024

In this episode, we dive deep into the world of prompt injection attacks in Large Language Models (LLMs) with the Devansh, AI Solutions Lead at SVAM. We discuss the attacks, existing vulnerabilities, real-world examples, and the strategies attackers use. Our conversation sheds light on the thought process behind these attacks, their potential consequences, and methods to mitigate them.
Here's what we covered:
Understanding Prompt Injection Attacks: A primer on what these attacks are and why they pose a significant threat to the integrity of LLMs.
Vulnerability of LLMs: Insights into the inherent characteristics of LLMs that make them susceptible to prompt injection attacks.
Real-World Examples: Discussing actual cases of prompt injection attacks, including a notable incident involving DeepMind researchers and ChatGPT, highlighting the extraction of training data through a clever trick.
Attack Strategies: An exploration of common tactics used in prompt injection attacks, such as leaking system prompts, subverting the app's initial purpose, and leaking sensitive data.
Behind the Attacks: Delving into the minds of attackers, we discuss whether these attacks stem from a trial-and-error approach or a more systematic thought process, alongside the objectives driving these attacks.
Consequences of Successful Attacks: A discussion on the far-reaching implications of successful prompt injection attacks on the security and reliability of LLMs.
Aligned Models and Memorization: Clarification of what aligned models are, their purpose, why memorization in LLMs is measured, and its implications.
Challenges of Implementing Defense Mechanisms: A realistic look at the obstacles in fortifying LLMs against attacks without compromising their functionality or accessibility.
Security in Layers: Drawing parallels between traditional security measures in non-LLM applications and the potential for layered security in LLMs.
Advice for Developers: Practical tips for developers working on LLM-based applications to protect against prompt injection attacks.
Links:
Devansh on LinkedIn
AI Made Simple

Wednesday Mar 20, 2024

In this episode, Joice John, Senior Product Manager at Skyflow, joins the show to discuss the complexities of managing privacy and security with unstructured data. Joice explains what unstructured data is and its distinction from structured data, and then dives into the technologies that tackle these challenges.
Joice discusses the unique privacy concerns and significant security risks unstructured data poses, highlighting why they're especially tough to mitigate. Sean and Joice also discuss the support modern data lakes offer for secure unstructured data management, alongside Skyflow’s solutions for overcoming analytics challenges and protecting sensitive customer information.

Wednesday Mar 13, 2024

Daniel Wong, Head of Security and Compliance at Skyflow, is back for his third appearance. Daniel discusses his extensive career at the forefront of security engineering, having worked with industry behemoths like Oracle, Salesforce, and CrowdStrike.
He discusses the critical differences in security needs between large enterprises and smaller businesses, the evolution of security technologies, and the unique challenges of ensuring enterprise-grade compliance. Daniel shares his personal experiences and the innovative security features he helped pioneer, offering listeners an insider's view of what it takes to protect some of today's leading enterprises.
Links:
Common Data Security and Privacy Mistakes with Daniel Wong
Understanding SOC-2 Compliance and Achieving It with Skyflow's Daniel Wong

Wednesday Mar 06, 2024

This episode dives into how we can keep our texts and calls safe from scammers. Sean Falconer chats with Dave Erickson, the co-founder of Phound, which is redefining the way people connect and communicate. Dave shares why texts can easily get targeted by scams, how fraudsters hide their identity, and the tricks they use to trick people.
Learn about the simple steps you can take to protect yourself from these scams. Dave also talks about how Phound is working to make our phone numbers safer by creating a self-managed contact card. Users of Phound only receive phone calls and SMS from approved contacts and they’re in control over how long someone can contact them.
If you're worried about phone scams or interested in how technology is fighting back, this episode and the work Phound is doing should help.
Links:
Phound

Copyright 2022 All rights reserved.

Podcast Powered By Podbean

Version: 20240320