Summary
As more teams build with LLMs, a big challenge comes up: how do you give them just enough access to be useful without opening the door to unintended actions? LLMs don’t fit neatly into existing models like OAuth or simple roles. They act on behalf of users, interpret natural language, and pull in outside data and tools. This creates new failure modes that make over-permissioning and data leaks much more likely (more on this topic here). In this session, we’ll dig into why traditional approaches break down, where teams are running into trouble with issues like prompt injection, over-permissioned bots, and messy RAG setups, and discuss practical approaches for putting guardrails in place.
Speakers
Graham Neray is the Co-Founder and CEO of Oso. Prior to Oso, Graham held a variety of roles at MongoDB and helped scale the organization from $1m to $250m+ in revenue and 50 to 1,500+ FTEs.
on ELC Annual 2025