Why Confidential AI Starts with Verifiable Infrastructure / Jason Rogers, Invary

Most teams treat confidential computing as a memory encryption story. Jason Rogers, CEO of Invary, makes the case that it's only half the story. Confidentiality protects your data from exposure. Verifiable infrastructure protects your trust in execution. Confidential AI needs both.

In this 15-minute talk, Jason walks through why launch-time attestation is not the same as runtime integrity, why a compromised runtime can poison model outputs even when memory stays encrypted, and why the entire AI infrastructure stack (DPUs, GPUs, guest VMs, orchestration, policy layer) needs to be continuously attested, not just verified at boot.

He also previews work Invary is doing with Mitre and FrontierX on a forthcoming layered attestation specification, with a reference implementation to follow.

What you'll take away:
*The difference between verified launch and verified runtime.
*Why attackers may not need your data, just your execution path.
*How to think about distributed trust across mixed cloud, edge, and accelerator environments.
*Practical guidance on attestation cadence based on workload mission.

About the speaker:
Jason Rogers is CEO of Invary, building runtime attestation and integrity solutions licensed from NSA research and deployed across federal and commercial environments.

Learn more:
Invary, https://invary.com
Hosted by Punch Tape, https://punch-tape.com

#ConfidentialAI #RuntimeAttestation #ConfidentialComputing #AISecurity #TEE #VerifiableInfrastructure #ZeroTrust #AIInfrastructure #MITRE #Cybersecurity #CloudSecurity #AIIntegrity #TrustedComputing

Видео Why Confidential AI Starts with Verifiable Infrastructure / Jason Rogers, Invary канала Punch Tape