AI-Data-Poisoning-KrishnaG-CEO

LLM04: Data and Model Poisoning – A C-Suite Imperative for AI Risk Mitigation

At its core, data poisoning involves the deliberate manipulation of datasets used during the pre-training, fine-tuning, or embedding stages of an LLM’s lifecycle. The objective is often to introduce backdoors, degrade model performance, or inject bias—toxic, unethical, or otherwise damaging behaviour—into outputs.

Security-Mis-Config-KrishnaG-CEO

Security Misconfiguration: A Comprehensive Guide for Software Architects

Security misconfiguration occurs when system security settings across application stacks—such as servers, databases, and networks—are inadequately implemented or left in their default states. These missteps expose critical vulnerabilities that attackers can exploit.

Path-Traversal-Attacks-KrishnaG-CEO

2024 CWE Top 25 Most Dangerous Software Weaknesses: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) CWE-22

Path traversal, also known as directory traversal, is a vulnerability that allows an attacker to access files and directories stored outside the intended directory. By exploiting improper validation of user-supplied input, attackers can manipulate file paths to access sensitive system files, configuration files, or any other data stored on the server.

SANS-CSRF-KrishnaG-CEO

2024 CWE Top 25 Most Dangerous Software Weaknesses: Cross-Site Request Forgery (CSRF) CWE-352

CSRF is a security vulnerability that tricks a victim into performing unintended actions on a web application where they are authenticated. By exploiting the trust that a website places in the user’s browser, attackers can force users to execute actions without their consent or knowledge.