Discover more from Deploy Securely
Get a 60-second summary on YouTube.
People throw around these terms when talking about AI:
Models
App(lication)s
Agents
But without a solid definition, things can get confusing. That’s especially true if you saw this graphic from Gartner analyst Avivah Litan:
Being quite complex, it covers more than I will in this article. But it does logically separate models, applications, and agents and their relevant security considerations.
I plan to dive deep into the latter part but first think it’s important to define the underlying concepts.
1. AI model
The building block of AI systems.
A model itself is just code and weights, making it effectively “inert” in the absence of anything else.
Well-known ones are:
GPT-2
LLama 3
Mixtral-8x7B
When in operation, its outputs are not solely rules-based. This separates it from just another code library.
But to actually get anything done, it must form part of an
2. AI application
This combines a model with the supporting infrastructure such as:
Databases
User interfaces
Application program interfaces (API)
to facilitate useful work.
Examples include:
ChatGPT
Midjourney
Customer-facing chatbots
You can identify AI applications because their final product is information consumed by a human. If, however, their ultimate output is an instruction to another system, you have an
3. AI agent
By providing data to other AI applications (or agents) as well as deterministic systems, AI agents operate semi-autonomously to achieve a given business objective.
An example is Godmode, which leverages the open source libraries AutoGPT
and babyagi
.
Along with the greatest productivity potential, these also represent the greatest security, compliance, and privacy risk.