Nishank Soni | Sr Staff Software Engineer
Zscaler
Nishank is a Senior Staff Software Engineer at Zscaler specializing in AI security, distributed systems, and large-scale cloud infrastructure. He contributes to Zscaler’s AI Data Security Posture Management (DSPM) platform, building systems that discover, classify, and govern sensitive data across SaaS, PaaS, cloud, on-prem, and LLM environments.
He architected an enterprise-scale AI Asset Management platform powering AI Red Teaming initiatives, enabling automated discovery and governance of LLMs, AI workflows, MCP servers, and guardrails across distributed environments. He also designed a unified AI Bill of Materials (AI-BOM) framework that centralizes inventory, risk scoring, vulnerability insights, and deployment approval workflows for thousands of AI assets.
Previously, Nishank built foundational infrastructure for distributed storage systems at Cohesity and has experience scaling high-performance systems across ad-tech and e-commerce domains.
He holds a Master’s degree in Computer Science from Santa Clara University and focuses on designing secure, scalable AI systems for enterprise adoption.
Appearances:
Future of Memory and Storage - Day 3 @ 08:35
AI Guard in Practice: Securing LLM Applications at Runtime in Enterprise Environments
Generative AI adoption is accelerating inside enterprises—but most organizations are securing infrastructure, not AI behavior.LLMs introduce a fundamentally new attack surface: prompt injection, jailbreak attempts, data exfiltration, malicious URL generation, code injection, toxicity, off-topic drift, and policy bypass. Traditional AppSec and network security controls were never designed to evaluate intent inside natural language interactions.
In this session, Nishank, Senior Staff Software Engineer at Zscaler, breaks down how runtime AI protection works in real-world enterprise environments. Drawing from experience building AI Guard and AI DSPM systems, he will explain how intent-based detectors enforce guardrails on both prompts and responses, how proxy vs sidecar (DaaS) architectures change your threat model, and how organizations operationalize AI governance at scale.The talk will cover:- The emerging AI attack surface in LLM-powered applications- How runtime guardrails prevent prompt injection and jailbreaks- Architecture trade-offs: Inline proxy vs API-based DaaS deployment- Designing scalable detection pipelines using model inference
Created by
Terrapinn is proud to be a member of isla.
Working together to build sustainable events