Cloud 101CircleEventsBlog
Call for Presentations: Share your expertise at SECtember.ai 2024! Submit your proposals by June 28th.

Working Group

AI Technology and Risk

Explore the latest AI tech, predict risks, and ensure innovation meets security in the realm of AI.
View Current Projects
AI Technology and Risk
The AI Technology and Risk Committee is focused on staying abreast of the latest technological advancements in AI while simultaneously identifying, understanding, and forecasting associated risks, threats, and vulnerabilities. This technical committee aims to act as both a knowledge hub and a proactive risk management entity, bridging the gap between innovation and security in the realm of AI.

Working Group Leadership

Josh Buker
Josh Buker

Josh Buker

Research Analyst, CSA

Sean Heide
Sean Heide

Sean Heide

Technical Research Director, CSA

Working Group Co-Chairs

Satish Govindappa
Satish Govindappa

Satish Govindappa

Satish Govindappa, a seasoned cloud security and product architecture professional, has 24+ years of industry experience. His leadership as a Vice President and Chapter Leader of the Cloud Security Alliance (CSA) SFO Chapter showcases his commitment to advancing cybersecurity standards. With a master's degree in computer applications (MCA), an MS in Cybersecurity and Cyberlaw, and an MBA, Satish possesses a unique blend of technical and strate...

Read more

Mark Yanalitis Headshot Missing
Mark Yanalitis

Mark Yanalitis

Chris Kirschke
Chris Kirschke

Chris Kirschke

Cloud Portfolio Information Security Officer at Albertsons Companies

Security Leader with over 20+ years of experience across Financial Services, Streaming, Retail and IT Services with a heavy focus on Cloud, DevSecOps and Threat Modeling. Advises multiple security startups on Product Strategy, Alliances and Integrations. Sits on multiple Customer Advisory Boards helping to drive security product roadmaps, integrations and feature developments. Avid hockey player, backpacker and wine collector in his spare t...

Read more

Publications in ReviewOpen Until
Zero Trust Guidance for Critical InfrastructureJul 11, 2024
Authorization Best Practices for Systems using LLMsJul 12, 2024
Using AI for Offensive SecurityJul 12, 2024
View all
Who can join?

Anyone can join a working group, whether you have years of experience or want to just participate as a fly on the wall.

What is the time commitment?

The time commitment for this group varies depending on the project. You can spend a 15 minutes helping review a publication that's nearly finished or help author a publication from start to finish.

Virtual Meetings

Attend our next meeting. You can just listen in to decide if this group is a good for you or you can choose to actively participate. During these calls we discuss current projects, and well as share ideas for new projects. This is a good way to meet the other members of the group. You can view all research meetings here.

Jun

21

Fri, June 21, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jun

24

Mon, June 24, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jun

28

Fri, June 28, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

1

Mon, July 1, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

3

Wed, July 3, 8:00am - 9:00am PDT
AI Technology & Risk Working Group
See details
Biweekly AI Tech & Risk Working Group Meeting

https://cloudsecurityalliance.zoom.us/j/82692327755

Helpful links:

If you have any questions, please reach out via the CSA Public Slack.

Jul

4

Thu, July 4, 9:00am - 10:00am PDT
Hinton Crew Meeting (AI Tech & Risk)
See details
Hinton Crew - Paper 2

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Hinton Crew, please decline this invite.

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

5

Fri, July 5, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

8

Mon, July 8, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

12

Fri, July 12, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

15

Mon, July 15, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

17

Wed, July 17, 8:00am - 9:00am PDT
AI Technology & Risk Working Group
See details
Biweekly AI Tech & Risk Working Group Meeting

https://cloudsecurityalliance.zoom.us/j/82692327755

Helpful links:

If you have any questions, please reach out via the CSA Public Slack.

Jul

18

Thu, July 18, 9:00am - 10:00am PDT
Hinton Crew Meeting (AI Tech & Risk)
See details
Hinton Crew - Paper 2

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Hinton Crew, please decline this invite.

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

19

Fri, July 19, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

22

Mon, July 22, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

26

Fri, July 26, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

29

Mon, July 29, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Jul

31

Wed, July 31, 8:00am - 9:00am PDT
AI Technology & Risk Working Group
See details
Biweekly AI Tech & Risk Working Group Meeting

https://cloudsecurityalliance.zoom.us/j/82692327755

Helpful links:

If you have any questions, please reach out via the CSA Public Slack.

Aug

1

Thu, August 1, 9:00am - 10:00am PDT
Hinton Crew Meeting (AI Tech & Risk)
See details
Hinton Crew - Paper 2

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Hinton Crew, please decline this invite.

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

2

Fri, August 2, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

5

Mon, August 5, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

9

Fri, August 9, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

12

Mon, August 12, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

14

Wed, August 14, 8:00am - 9:00am PDT
AI Technology & Risk Working Group
See details
Biweekly AI Tech & Risk Working Group Meeting

https://cloudsecurityalliance.zoom.us/j/82692327755

Helpful links:

If you have any questions, please reach out via the CSA Public Slack.

Aug

15

Thu, August 15, 9:00am - 10:00am PDT
Hinton Crew Meeting (AI Tech & Risk)
See details
Hinton Crew - Paper 2

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Hinton Crew, please decline this invite.

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

16

Fri, August 16, 11:00am - 12:00pm PDT
Pearl Crew Meeting (AI Tech & Risk)
See details
LLM Authorization Model Best Practices and Design Patterns

Join Zoom Meeting: https://cloudsecurityalliance.zoom.us/j/89661170501?pwd=NOOiskirIrpgTGhswsBpsl38lLvahU.1

We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Pearl Crew, please decline this invite.
Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Aug

19

Mon, August 19, 9:00am - 10:00am PDT
Sevilla Crew Meeting (AI Tech & Risk)
See details
We are inviting the wider working group to all three crew meetings for better visibility and ease of calendar management. If you are not interested in participating in Sevilla Crew, please decline this invite.

Sevilla crew current draft document: Using AI for Risk Reduction through Offensive Security
CSA Public Slack: https://csaurl.org/csa-public-slack
Slack Channel: #ai-tech-risk-sevilla-crew

Crew meetings are for coordinating and connecting contributors, while writing is primarily done between calls.

Please reach out over Slack if you have any questions!

Open Peer Reviews

Peer reviews allow security professionals from around the world to provide feedback on CSA research before it is published.

Learn how to participate in a peer review here.

Zero Trust Guidance for Critical Infrastructure

Open Until: 07/11/2024

The goal of this paper is to educate the target audience on considerations and application of Zero Trust principles for Cri...

Authorization Best Practices for Systems using LLMs

Open Until: 07/12/2024

This document targets engineers, architects, and security professionals, providing an understanding of the specific risks a...

Using AI for Offensive Security

Open Until: 07/12/2024

The emergence of Artificial Intelligence (AI) technology, particularly Large Language Models (LLMs) and AI Agents, has trig...