

EP230 AI Red Teaming: Surprises, Strategies, and Lessons from Google
9 snips Jun 16, 2025
Daniel Fabian, Principal Digital Arsonist at Google, shares his insights from two years of AI red teaming. He reveals surprising findings about the unique security challenges AI systems pose compared to traditional software. Fabian discusses counterstrategies against prompt injection attacks and highlights the importance of threat modeling. He offers practical advice for organizations new to AI red teaming, emphasizing an adversarial mindset to identify vulnerabilities and the need for collaboration between security teams and developers. Embrace AI in red teaming for better defense!
AI Snips
Chapters
Transcript
Episode notes
AI Attacks Are Social Engineering
- AI systems operate probabilistically, unlike deterministic traditional software systems.
- Attacking AI is more like social engineering than technical exploits on deterministic systems.
Building Bridges in AI Security
- Google initially had many scattered teams working on AI security without coordination.
- They eventually built strong collaboration between foundational model teams and product teams integrating AI.
Real AI Risk in Product Integration
- The AI model itself mostly contains public information, offering little unique attack surface.
- Real risk arises when AI is integrated with sensitive data in products, exposing new security challenges.