As organizations rapidly deploy generative AI (GenAI) applications and LLM-powered chatbots, a critical security gap is emerging. Traditional web application firewalls (WAFs) — the backbone of application security for decades — are struggling to defend against sophisticated AI-specific attack vectors. In this episode, Rupesh Chokshi, SVP and GM of Akamai’s Application Security Portfolio, breaks down why prompt injection, data poisoning, and multilingual bypass techniques represent entirely new threat landscapes that current security infrastructure wasn’t designed to handle.

For security teams rushing to enable AI capabilities while maintaining robust protection, understanding these gaps isn’t optional — it’s mission-critical. Watch this clip to discover what’s at stake and how attackers are exploiting these vulnerabilities right now.

Key Takeaways:

• Prompt injection attacks use role-playing and reframed prompts to bypass AI guardrails, extracting sensitive information or injecting malicious content like phishing URLs that traditional WAFs cannot detect or prevent.

• Data poisoning allows attackers to inject malicious data into training sources, causing LLMs to serve fake websites or URLs in responses — a threat vector that operates entirely outside conventional web security monitoring.

• Multilingual prompt techniques combine queries across different languages to break through security controls, exploiting AI models’ cross-language capabilities in ways that signature-based WAF rules cannot anticipate or block.

“Attackers are now targeting a different landscape when it comes to GenAI applications—they’re going after the LLMs themselves and it’s different. The threat vectors have changed, and attackers are using new techniques and methods.” — Rupesh Chokshi, Akamai

Want the complete security strategy discussion? Watch the full conversation with Rupesh Chokshi covering AI security architecture, implementation best practices, and enterprise defense strategies.