Key results
The company
KPMG
kpmg.comGlobal professional services network for audit, tax, and advisory solutions.
Result highlights
- 8 of 10 OWASP LLM security risks addressed
The story
A "Big Four" financial audit and advisory firm with 40,000 employees operating across 95 locations in the United States, Israel, Mexico, and Latin America.
Daily employee usage of generative AI introduced critical risks, including prompt injections and data poisoning identified in the OWASP Top 10 vulnerabilities. The firm needed to safeguard model lifecycles and govern sensitive data across its complex multi-tenant environment.
The firm deployed Microsoft Defender for Cloud to monitor Azure OpenAI Service apps and detect threats like jailbreak attempts in real time. Microsoft Purview automatically scans and applies sensitivity labels to classify data, enforcing "secure by default" policies across the organization. Endpoint agents on developer laptops monitor prompts for risks, feeding signals to Microsoft Sentinel for automated remediation.
Quotes
“The KPMG complex, multi-firm structure presents unique challenges that demand innovative solutions. Collaborating with Microsoft, we've prototyped features to deploy generative AI solutions like Microsoft Security Copilot. This strategic alliance meets our specific needs and broadens security visibility beyond endpoint, cloud, and identity through extensive use of Microsoft Security solutions.”