Database (in)security in the age of AI

As companies adopt LLM-powered assistants, copilots, and RAG systems to interact with enterprise data, databases are quickly becoming a new and critical attack surface. AI changes traditional security assumptions by introducing new trust boundaries between user prompts, model reasoning, tool execution, and the database itself.
In this session, we break down the real security risks that emerge when AI systems connect to production data, including:
• Prompt injection attacks (direct and indirect)
• Unsafe query generation via natural language (NL2SQL)
• Database performance degradation
• Data exfiltration through iterative queries and summarization
• Authorization failures leading to sensitive or cross-tenant data leakage
• Security logic being moved into applications leaves DBs unguarded
• RAG and vector database threats, including retrieval poisoning and unintended exposure of confidential information
We will also show real-world defenses that don’t work well, and ones that do.

- understanding of the dangers
- which defenses do not work
- which defenses do work