Transcript
Mike Matchett with Small World Big Data. We are here at RSAC 2025. We're with Mindgard right now, and we're going to talk a little bit about some of the ways you can use cybersecurity to, I don't know, attack yourself in a way just for the for the good of everybody. I've got a Fergal. Is that right? Yeah. Fergal Glynn. Hi, Mike. Hi. Uh, so let's just start a little bit with the Mindgard. Uh, tell us about the sort of the pen testing, red teaming approach that you guys are bringing to cybersecurity. Yeah, certainly. So we have an attack library that we have built to test AI applications, models and agents for safety concerns, security concerns and business concerns. So this is really, uh, coming against AI. This is a very AI. Exactly. It's AI specific. Um, our background is actually in academia. And so we spent ten years at the University of Lancaster in the UK researching this space of the security of AI. Uh, in 2022, we spun that research out and formed Mainguard. So I think looking across all the companies in the space. We have the most research put in to this very new, very unique, very fast changing area. Um, and so the attacks that we have built up, we have a considerable large amount of attacks, um, some proprietary to us. We also work closely with the open source community, um, to, to leverage and also give back to the work that they're doing. Um, and then, as I said, like the attacks, we focus on safety issues, which could be, uh, an AI application generating harmful content, security issues where it could be an attacker using, uh, looking to use the application to get access to additional data within the organization and also business concerns where, um, we attempt to get an AI application, maybe to talk about things that you don't want to talk about. For example, imagine you have a candle shop and you put a chatbot up on your e-commerce store. Well, you probably don't want that, uh, that application talking about your competitors candles. And so our attack library, um, will go and will check, um, models, agents and applications for those three different use cases. All right. I mean, 20, 2022 gives you like a three year head start on some other people who are just now thinking about AI and what can go wrong with it, and how to validate that their use of AI. So I imagine you've got a quite, a quite an advantage on that for just that library stuff. Yeah. Yeah, certainly. So. Um, we've got this great R&D background. And then also, um, we feel that just the usability of these types of solutions is very important. And then also the flexibility. So in terms of usability, one of the things that we've invested in on our product is looking to make it faster for a pentester to get up and running with their job. So we take what is taken in the past 2 or 3 days worth of work that a pentester does to just get started with their project, and we have automated that down now to a matter of minutes. And then in terms of the flexibility of what we do, like we're integrating with the tools like Burpsuite that Pentesters are already using. Uh, are you using AI at all in that way to help somebody get up to speed on testing AI? Um, so there is AI in the product, uh, not on getting up to speed, but there is AI in some of the attacks that we are running. Right. So we're going to see that in the future, I'm sure though is like these Red Queen things about AI helping tech AI. If there's one sort of thing you wanted to tell everyone here at the show, and there's like 25,000 people here, uh, about AI and securing AI, what would that be? Yeah. So AI is software. We all know that software has vulnerabilities. And so AI has vulnerabilities. And our mission is to help our customers and help the world to secure their AI. Yeah. So, uh, that's a very, uh, just totally on target, right? For what's going on in the world today. Uh, is AI everywhere, and people should be pushing that. Uh, so if someone wanted to learn more about mine, guard and scratch a little deeper into the libraries of things that you test for some of the things you can help validate and secure, uh, what would you point them out? Uh, mine guard I also go check out our GitHub and if you come to our website, go check out our documentation. All right. Thank you so much Fergal. Thank you Mike. All right take care folks.
