Home
Blogs
Bookmarks
Forums
Hackathons
Search

Author

Write
Drafts

New
Bug0 - The AI-native e2e QA regression testing Bug0 Browsers - Cloud Chromium on demand, per-minute, live preview Passmark - The open-source AI framework for regression testing Changelog Brand @hashnode on X Hashnode on LinkedIn Code of Conduct Support - hello+support@hashnode.com
Sign in
Terms Privacy Sitemap
© 2026 LinearBytes Inc.

Search Hashnode

Search posts, tags, users, and pages

Comment by Suny Choudhary on "Security Assessments: Evaluating Security Across People, Process, and Technology" | Hashnode

Discussion

Suny Choudhary

Building AI Security for LLMs | CEO @ LangProtect

Apr 29

Good framing. Security assessments only work when they look beyond tooling. A company can have strong products in place and still fail because access reviews are weak, processes are unclear, or people don’t know what “secure behavior” looks like in daily work. The people, process, technology split is still one of the most practical ways to find real gaps.

Manuela Schrittwieser

Full-Stack AI Dev 👩🏻‍💻 & Tech Writer

Apr 29

Precisely. The PPT (People, Process, Technology) framework remains the industry standard because it addresses the systemic dependencies that technical controls alone cannot solve. A secure-by-design infrastructure is often undermined by insecure-by-habit workflows.

That’s exactly where most programs break. Even when infra is secure by design, the actual risk shows up in everyday workflows. People bypass steps, share data differently, or use tools in ways policies never accounted for.

Feels like the gap now is less about defining controls and more about seeing how they behave in real usage.

Suny Choudhary

Building AI Security for LLMs | CEO @ LangProtect

Apr 29