Davide Annovazzi
EMEA Security Practice Lead
Google
Davide is the Security Practice Lead at Google, where he helps enterprises securely navigate their digital transformation. A recognized international speaker, he is a presenter at global security conferences including the RSA Conference in SFO.
Speaker sessions
Hardening the AI Supply Chain Against Inference Attacks
Enterprises are racing to deploy LLM-powered applications, often bolting on security with familiar tools like WAF, regex filters and instruction-based guardrails. While these defenses block unsophisticated attacks, they create a dangerous illusion of security. This briefing will demonstrate that even a "hardened" enterprise AI can be turned into a data exfiltration tool.We will deconstruct a live, multi-stage attack against a common enterprise scenario: an internal HR chatbot. Attendees will witness how to systematically bypass conventional defenses, from simple character-evasion tricks that fool regex, to sophisticated prompt engineering that turns the model's own system instructions against itself.The final and most critical stage of the attack will showcase a patient, inference-based exfiltration. We will prove that when sensitive data, such as a credit card number, is fragmented across multiple training documents, it can be methodically reconstructed and leaked by an attacker through iterative querying—bypassing even advanced NLP-based security controls. This talk exposes the AI's training data as the ultimate Trojan horse, demonstrating a critical supply chain vulnerability that most organizations are unprepared for. Attendees will leave with an actionable offensive understanding of LLM vulnerabilities and a defensive playbook that moves beyond application-level fixes to address the core issue: the importance of the training data itself.
- 15:20
- Wed
- 03 Dec
Stage:
Sponsored Briefings
Sessions Type:
Presentation