The "Shift Left" concept is not a new one, as it advocates for the early integration of security into the software development lifecycle. However, many organizations and practitioners tend to only shift application security "testing" to the left. It is imperative and even more relevant for GenAI applications that teams consider security as part of the overall experience and at every stage of the life cycle, not just during development life cycle but throughout the product life cycle.

It is not practical for a majority of teams and organizations to build, train and deploy their own LLMs to build GenAI applications. Many organizations, small and large, use “hosted” and “fully managed” LLMs and serverless solutions like OpenAI API, Azure OpenAI Services, AWS Bedrock or Google Vertex AI.

This field is fast evolving and not many teams fully grasp the security boundaries, shared responsibility implications of generative AI solutions built on top of these serverless services. And GenAI systems are not traditional deterministic solutions either, to test and certify deterministic behavior. At best, many teams are trying to map their experiences building and operating traditional software solutions to this new breed of generative AI applications.

In this talk, would like to share our journey and practical examples of building variety of chatbots (Q&A, Conversational, AI for BI and Chatbots with RAG) and Agents, including threat modeling for GenAI Applications particularly in the context of serverless applications like building using AWS Bedrock, how to build guardrails at design time, RBAC for RAG Knowledge bases and continuous monitoring and evaluation strategies beyond traditional vulnerability management.