{"data":{"id":"c5676eea-0888-4a3d-aea7-8d3fc6270b01","title":"Security Spotlight: AppSec to AI, a Security Engineer's Journey","summary":"This article compares traditional application security (AppSec) practices with AI security, noting that familiar principles like input validation and authentication apply to both, but AI systems introduce unique risks. New attack types specific to AI, such as prompt injection (tricking an AI by hiding instructions in its input), model poisoning (tampering with training data), and membership inference attacks (determining if specific data was in training), require security engineers to develop new defensive strategies beyond traditional code-level vulnerability management.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"https://protectai.com/blog/security-spotlight-appsec-to-ai","publishedAt":"2025-06-12T17:47:46.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection","model_poisoning","data_extraction","membership_inference","model_evasion","jailbreak"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["LLM","AI systems"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2025-06-12T17:47:46.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","safety"],"aiComponentTargeted":"model","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}