{"id":298265,"date":"2024-05-14T01:50:40","date_gmt":"2024-05-14T08:50:40","guid":{"rendered":"https:\/\/www.saastr.com\/?p=298265"},"modified":"2024-05-15T09:09:16","modified_gmt":"2024-05-15T16:09:16","slug":"how-genai-is-powering-app-security-with-ciscos-cpo-of-panoptica-alex-jauch","status":"publish","type":"post","link":"https:\/\/www.saastr.com\/how-genai-is-powering-app-security-with-ciscos-cpo-of-panoptica-alex-jauch\/","title":{"rendered":"How GenAI is Powering App Security with Cisco\u2019s CPO of Panoptica Alex Jauch"},"content":{"rendered":"<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">At SaaStr\u2019s inaugural AI Day, the Senior Director of Product Management at Panoptica by Cisco, its incubation team, Alex Jauch, talks about how GenAI is powering app security, how Cisco is using it, and how you can use GenAI to protect other businesses.\u00a0<\/span><\/p>\n<p><iframe title=\"YouTube video player\" data-src=\"https:\/\/www.youtube.com\/embed\/AUS2GARM7mc?si=1ajf3TPxIAfhOKgF\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" class=\"lazyload\" data-load-mode=\"1\"><\/iframe><\/p>\n<h2><span style=\"font-weight: 400;\">Did You Say Hype Cycle?<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298266 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4844.jpeg?resize=600%2C329&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"329\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/329;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298266\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4844.jpeg?resize=600%2C329&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"329\" \/><\/noscript><br \/>\n<\/span><\/h2>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">A lot of hype cycles have come along where people say, \u201cThis is going to change the world, and everything will be different.\u201d Alex never really jumped on that bandwagon until now. GenAI does change everything.\u00a0<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">However, that doesn\u2019t protect us from the hype cycle. GenAI <\/span><b>is <\/b><span style=\"font-weight: 400;\">overhyped. People are saying hard-to-believe things that probably won\u2019t happen. So, two truths can, and do, exist.\u00a0<\/span><\/p>\n<ol style=\"font-weight: 400;\">\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">You can have crazy innovation happening.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Simultaneously, it can be overhyped.\u00a0<\/span><\/li>\n<\/ol>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">As a product manager, you bring features into the product and add value for customers. It can be challenging to have bubbly conversations about everything GenAI might do while also being hard-nosed about actually helping customers do their jobs better.\u00a0<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">One true thing, though, is that GenAI has become the fourth pillar for UX. When you think about GenAI, especially LLMs, you\u2019re always considering the way your UX is going to grow. The way your product will grow will be different because the platform allows you to do things you couldn\u2019t do before. <\/span><span style=\"font-weight: 400;\">These kinds of nonlinear use cases are possible today, where they weren\u2019t before.\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Make AI Intrinsic to the Way the Product Works<\/span><\/h2>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298267 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4845.jpeg?resize=600%2C328&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"328\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/328;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298267\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4845.jpeg?resize=600%2C328&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"328\" \/><\/noscript><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">GenAI is great at some things, things it can detect and work on, nonlinear problems that are traditionally very difficult for software to go after. Now, you can go after it. Alex\u2019s team has embedded this deeply in the UX of the product they\u2019re building called Panoptica, a Cloud-native security product.\u00a0<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Of course, they have an AI-based chatbot in the product. Everyone will have one because it\u2019s so obvious and easy to build. But chatbots won\u2019t be a huge differentiating feature because they are relatively easy to build.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298268 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4846.jpeg?resize=600%2C324&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"324\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/324;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298268\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4846.jpeg?resize=600%2C324&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"324\" \/><\/noscript><br \/>\n<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">The focus should always be on the customer. How is their life different when you bring these features into the product vs. how they are now? You\u2019ll discover that on your own. Here\u2019s what Cisco has found.\u00a0<\/span><\/p>\n<ol style=\"font-weight: 400;\">\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">It\u2019s really good at repetitive, derivative work. Look at every security violation you\u2019ve had in the last two years and summarize it. Yes, a human can do it, but an AI-based assistant will be way faster doing that kind of work.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">When you combine traditional ML activities like anomaly detection with newer things, like LLMs, you get this interactive interface where you can say, \u201cHey, can you summarize for me the anomalies we\u2019ve had in the last hour or minute?\u201d They become much easier to build.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">GenAI is really good at context. When you give the AI that context, you get the answer in a much cleaner way. As security professionals, what that allows you to do is explain the security problem to someone who may not be super familiar with it.\u00a0<\/span><\/li>\n<\/ol>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Security is one of those fields that can be very bitsy-bite-sy. There\u2019s a lot of detail. You\u2019ll have some random code number that says you have this attack vector take these steps. People can get very lost.\u00a0<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">And, of course, it\u2019s all about natural language. You don\u2019t want to put your customers in a situation where they have to spend three weeks learning a query language. That doesn\u2019t make sense. Ask me a question, and I\u2019ll answer it.\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">With Great Power Comes a Lot of Problems<\/span><\/h2>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298269 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4847.jpeg?resize=600%2C331&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"331\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/331;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298269\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4847.jpeg?resize=600%2C331&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"331\" \/><\/noscript><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">GenAI is both good and bad. It opens up a lot of possibilities, capabilities, speed, and velocity, but you also create problems. It\u2019s more difficult to test, and we\u2019re seeing this in the market right now. Companies are already having problems with GenAI features.<br \/>\n<img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298270 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4848.jpeg?resize=600%2C327&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"327\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/327;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298270\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4848.jpeg?resize=600%2C327&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"327\" \/><\/noscript><br \/>\n<\/span><\/p>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">At OWASP, they pointed out the top 10 problems to watch out for, specifically the top two.\u00a0<\/span><\/p>\n<ol style=\"font-weight: 400;\">\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Prompt injection<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Insecure output handling\u00a0<\/span><\/li>\n<\/ol>\n<p style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Those two seem to be happening in the market, and you want to be aware of and control them in your production environment.\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Key Takeaways<\/span><\/h2>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298271 lazyload\" data-src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4849.jpeg?resize=600%2C330&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"330\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" style=\"--smush-placeholder-width: 600px; --smush-placeholder-aspect-ratio: 600\/330;\" \/><noscript><img data-recalc-dims=\"1\" decoding=\"async\" class=\"alignnone size-medium wp-image-298271\" src=\"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4849.jpeg?resize=600%2C330&#038;quality=70&#038;ssl=1\" alt=\"\" width=\"600\" height=\"330\" \/><\/noscript><\/p>\n<ul style=\"font-weight: 400;\">\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">You still have to have a balance between speed and security. The world is speeding up, and GenAI is making it even faster.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Security is just another non-functional requirement. Just like performance and compliance, it should be part of every sprint.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Sites need to be secure. You don\u2019t have to spend massive amounts of money to get going. Aim for 10% or less of your Cloud bill on security and GenAI security tools.\u00a0<\/span><\/li>\n<\/ul>\n<p><iframe title=\"YouTube video player\" data-src=\"https:\/\/www.youtube.com\/embed\/AUS2GARM7mc?si=1ajf3TPxIAfhOKgF\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" class=\"lazyload\" data-load-mode=\"1\"><\/iframe><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco&#8217;s CPO of Panoptica, Alex Jauch, covers how GenAI is powering app security and how you can use GenAI to protect your SaaS business effectively.<\/p>\n","protected":false},"author":13,"featured_media":299320,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","om_disable_all_campaigns":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_wpscp_schedule_draft_date":"","_wpscp_schedule_republish_date":"","_wpscppro_advance_schedule":false,"_wpscppro_advance_schedule_date":"","_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_selected_social_profile":[]},"categories":[24898,31,29,3522,110],"tags":[24901,24909,14759,24910,3621,24908],"class_list":["post-298265","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai","category-blog-posts","category-early","category-leadership","category-other-topics","tag-ai","tag-cisco","tag-cloud","tag-llms","tag-saas","tag-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.saastr.com\/wp-content\/uploads\/2024\/04\/youtube-thumbnails-AI.png?fit=1000%2C563&quality=70&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p5oib2-1fAJ","jetpack_sharing_enabled":true,"fifu_image_url":"https:\/\/www.saastr.com\/wp-content\/uploads\/2024\/04\/IMG_4844-600x329.jpeg","_links":{"self":[{"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/posts\/298265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/comments?post=298265"}],"version-history":[{"count":0,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/posts\/298265\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/media\/299320"}],"wp:attachment":[{"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/media?parent=298265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/categories?post=298265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.saastr.com\/wp-json\/wp\/v2\/tags?post=298265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}