What’s the biggest blindspot in AI security today?
We unpacked that last week at Inflection AI’s panel on Security in an AI World, and the answer was clear: data authorization at AI runtime.
Honored to join leaders from Inflection AI, Wald.ai, and WisdomAI for a sharp, forward-looking conversation. Big thanks to Kapil Chhabra for moderating and to the Inflection team for hosting!
It’s 2025, and enterprise AI projects are under pressure to deliver ROI. That means moving beyond POCs using public or synthetic data—into production deployments powered by real business and operational data. And that’s exactly why runtime data authorization is emerging as the top challenge.
At Daxa, Inc, this has been our core focus: Ensuring AI models only access the right data (unstructured and structured), which users are truly authorized to see - based on fine-grained permissions pulled dynamically from enterprise systems like SharePoint, Slack, Salesforce, and more.
Here’s the catch with AI security today: "AI Firewalls" operate after the fact—trying to redact model responses without understanding what data went into the context window in the first place. It’s guesswork, not governance - a 2023 era workaround built to demo AI, not scale it with real operational data.
Worse, real-world permissions are often overprovisioned or missing entirely. That’s why we need reasoning-driven access control—which also considers user intent and data semantic context - to prevent oversharing of sensitive insights, even if someone technically had access.
It was refreshing to hear how Inflection.ai is prioritizing data authorization—embedding safeguards into fine-tuning of their pioneering Pi models, while Wisdom.ai is extending structured data controls all the way to row-level access.
Because in the era of AI copilots and agents, precision isn’t optional—access must be enforced at the level of every chunk, every row, and every intent. That’s how trust gets built—and AI earns its place in the enterprise.
