Apidays Helsinki 2024 - There’s no AI without API, but what does this mean for Security? by Timo Rüppell, FireTail.io

Transcript

1. There’s no AI without API, but what does this mean

   for security? Apidays Helsinki | Timo Rüppell
2. None

3. About Me. VP of Product at FireTail. A former researcher

   in theoretical high energy physics. Now focused on API security. Earlier • CTO @ Mapita • Founder @ Sideric • Lead Dev @ PiggyBaggy timo@firetail.io

4. Overview. What we’ll cover today. - The Rise of AI

   & API Proliferation: Why there is no AI without APIs. - Understanding the Security Risks: How the emergence of AI is changing the game when it comes to API security. - Best Practices for Securing API in an Age of AI: The core principles of an effective API security strategy given the emergence of AI. - The Bottom Line: A quick recap of today’s key takeaways. - Q&A: Time to answers any burning questions you may have. Effective API security is a must for organizations who want to harness the power of AI.

5. The Rise of AI & API Proliferation.

6. In November 2023, OpenAI announced a massive expansion of API

   calling capabilities available via ChatGPT

7. What Changed? AIs have been around for decades? The “assistant”

   has been around even longer (just ask Jeeves)? Inflection point in available computation resources, mathematical advances, and a direct-to-platform business model.
8. None

9. Not Just LLMs. Most news is about LLMs. And most

   (valid) criticism regarding capabilities is aimed at LLMs. But LLMs are “just” one niche. Specific types of models can be far more adept at interacting with APIs. - LAM: Translating human intentions into actions. Example: Rabbit AI and service integrations. Integrates AI with API communications. - LCBM: Optimizing LLM output to achieve a desired behaviour. Example: Lirio LBMs aim to make people healthier. OpenAI’s expansion on API calling capabilities announced in November.

10. Long term optimism. Commoditization of Large Models can be relatively

    fast. - Compute: Moore’s law is (still) in effect. - Maths: More efficient training methods. Example: Mamba a linear RNN is nLog(n) compared to Transformers n^2. Traits of commodities are interchangeability, availability.

11. Emerging LLM Tech Stack. There’s no AI without APIs Source:

    a16z Enterprise

12. Now (or very soon) everyone, everywhere, regardless of expertise will

    have the ability to prod and probe APIs across the globe, at pace and at scale. This will be a game changer for those charged with protecting APIs. In November 2023, OpenAI announced a massive expansion of API calling capabilities available via ChatGPT

13. Understanding the Security Risks.

14. AI & API Security. AI risks impacting APIs - Unsafe

    AIs: Intentionally or accidentally unsafe AIs finding vulnerabilities in application or business logic, authentication, authorization. - Bots and data spoofing: APIs processing human generated content need to make provisions for both large scale abuse and individual vetting.

15. AI & API Security. API risks impacting AIs. - Injection

    attacks: You need to carefully sanitize user provided content that is going to be handed of to an AI integration. - Resource consumption: You need to protect expensive endpoints from overuse and have robust usage metering. - Access control: You need to ensure that any data returned by an AI model is correctly authorized.

16. Best Practices for Securing APIs in an Age of AI.

17. 6 Pillars of API Security. Enforcement. Authentication, authorization, validation and

    sanitization directly in your code. Visibility. Get a complete view of your entire API landscape across your IT fleet. Assessment. APIs analyzed for configuration settings & security policy. API security posture management. Discovery. Finding APIs not running FireTail library via network traffic, code repos & cloud APIs Observability. Commercial version sends configuration and success / failure events to cloud backend. Audit. Full & centralized audit trail of all APIs with FireTail library. Search & alert capabilities.

18. Existing approaches just don’t cut it. API Call Log Visibility

19. Where to spend your time. Consumer Server Internet GW/Proxy WAF

    Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response Third party API

20. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. Third party API Where to spend your time.

21. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 2 Third party API Where to spend your time.

22. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 2 Third party API 4 6 6 4 6 4 Where to spend your time.

23. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 1 2 3 5 Third party API 4 6 6 4 6 4 Where to spend your time.

24. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting AuthN Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 1 2 3 5 7 10 Third party API 4 6 6 4 6 4 Where to spend your time. 7

25. 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource

    Consumption. 5. BOLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. 9. Improper Inventory Management. 10. Unsafe consumption of APIs. Consumer Server Internet GW/Proxy WAF Rate limiting Sanitize Validate AuthZ Fetch Data / Modify Data / Execute Function Request Response 1. BOLA. 2. Broken AuthN. 3. BOPLA. 4. Unrestricted Resource Consumption. 5. BFLA. 6. Unrestricted Process Access. 7. SSRF. 8. Misconfiguration. AuthN 1 2 3 5 7 10 Third party API 4 6 6 4 6 4 Where to spend your time. 10

26. The Bottom Line.

27. The scale of the risk and the frequency of attacks

    are growing due to AI. The nature of the threat is evolving but the same core risks persist.

28. Questions.

29. FireTail is headquartered in Northern Virginia, USA, with additional offices

    in Dublin, Ireland and Helsinki, Finland. FireTail is backed by leading cybersecurity investors Paladin Capital, Secure Octane, General Advance and Zscaler. For more information, please visit www.firetail.io.