In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Johann Rehberger, security expert and Red Team director at Electronic Arts. Johann shares his career journey through roles at Microsoft, Uber, and EA, highlighting his expertise in red teaming and cybersecurity. Johann shares the inspiration behind his book on Red Team strategies and discusses his BlueHat 2024 talk on prompt injection vulnerabilities, a critical and evolving AI security challenge. Johann breaks down the distinction between prompt injection and jailbreaking, offering insights into the potential risks, including data exfiltration and system unavailability, and emphasizes the importance of securing Red Teams themselves.
In This Episode You Will Learn:
Why AI tools should have stricter default settings to control what kind of outputs they generate
The importance of reading technical documentation to understand how AI systems are built
Why developers should implement stronger filters for what tokens are allowed to be emitted by LLMs
Some Questions We Ask:
How are prompt injection and SQL injection similar, and how are they different?
What is AI spyware, and how does it exploit memory tools in ChatGPT?
Does AI jailbreaking access the LLM’s core system like iPhone jailbreaking does the OS?
Resources:
View Johann Rehberger on LinkedIn
View Wendy Zenone on LinkedIn
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Microsoft Threat Intelligence Podcast
Afternoon Cyber Tea with Ann Johnson
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
