Derek Chamorro, Together AI
I will share a practical perspective on the newest ways to protect systems, such as filtering out harmful input, keeping system prompts separate, and using sandboxing to prevent prompt injection; training models to handle tricky situations, adding randomness for better results, and cleaning up generated outputs for model performance; and tracking data sources, spotting unusual activities, and using federated learning to prevent model poisoning. I’ll discuss how we integrate these controls into our SRE and incident response workflows and how layered, zero-trust architectures and continuous adversarial testing have become essential for maintaining both reliability and trust in AI-driven services.
Derek is the Head of Security at Together.ai and the former Head of Infrastructure Security at Cloudflare. He has over 20 years of experience in designing security frameworks at scale. His main focus is on research and development within the fields of encryption and infrastructure security. He earned a masters in cybersecurity from Purdue University and now owns more than 50 global patents related to cryptography, key management, and distributed ledger technology.
author = {Derek Chamorro},
title = {Securing {AI} at Scale: Practical Defenses against Prompt Injection, Adversarial Attacks, and Model Poisoning},
year = {2025},
address = {Dublin},
publisher = {USENIX Association},
month = oct
}
