TNS
SUBSCRIBE
Join our community of software engineering leaders and aspirational developers. Always stay in-the-know by getting the most important news and exclusive content delivered fresh to your inbox to learn more about at-scale software development.
REQUIRED
 
It seems that you've previously unsubscribed from our newsletter in the past. Click the button below to open the re-subscribe form in a new tab. When you're done, simply close that tab and continue with this form to complete your subscription.
Welcome and thank you for joining The New Stack community!
Please answer a few simple questions to help us deliver the news and resources you are interested in.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Great to meet you!
Tell us a bit about your job so we can cover the topics you find most relevant.
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
REQUIRED
Welcome!

We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.

What’s next?

Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.

Become a TNS follower on LinkedIn.

Check out the latest featured and trending stories while you wait for your first TNS newsletter.

PREV
of
NEXT
VOXPOP
As a JavaScript developer, what non-React tools do you use most often?
Angular
0%
Astro
0%
Svelte
0%
Vue.js
0%
Other
0%
I only use React
0%
I don't use JavaScript
0%
 
Open Source Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
Avoiding a Geopolitical Open Source Apocalypse
Oct 9th 2024 10:00am, by Randy Bias
OSI’s Definition of Open Source AI Raises Critical Legal Concerns for Developers and Businesses
Oct 7th 2024 10:20am, by Luca Antiga
How the Argo Project Is Avoiding WordPress-Type Problems
Oct 4th 2024 11:00am, by Dan Garfield
Are We Thinking About Supply Chain Security All Wrong?
Oct 3rd 2024 3:00pm, by Heather Joslyn
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by Sam Snyder
Tetrate, Bloomberg Collaborate on Envoy-Based AI Gateways
Oct 7th 2024 2:00pm, by Steven J. Vaughan-Nichols
Anyscale: New Optimized Runtime for Ray, Kubernetes Operator
Oct 7th 2024 1:00pm, by Chris J. Preimesberger
NGINX One Console: Not for Experts Only
Oct 4th 2024 12:39pm, by B. Cameron Gain
Why NoSQL Deployments Are Failing at Scale
Oct 4th 2024 10:00am, by Sunny Bains
Abstracting Cloud SDKs, Starting With the Runtime
Oct 1st 2024 8:42am, by Rak Siva
How Nvidia Scaled Its Cloud Services With KubeVirt
Oct 4th 2024 6:18am, by Jonathan Gershater
Is Kubernetes Green?
Oct 2nd 2024 8:24am, by Anne Currie
Abstracting Cloud SDKs, Starting With the Runtime
Oct 1st 2024 8:42am, by Rak Siva
Microsoft Open Sources OpenHCL, a Linux-Based 'Paravisor'
Sep 24th 2024 11:00am, by Steven J. Vaughan-Nichols
What Is Testcontainers, and Why Should You Care?
Sep 17th 2024 7:53am, by Kevin Wittek
Integration of AI With IoT Brings Agents to Physical World
Oct 8th 2024 7:46am, by Janakiram MSV
From VMs to AI: How Edge Computing Is Evolving
Sep 13th 2024 3:54am, by Ben Cohen
The New 2GB Raspberry Pi 5: Another Option for Linux Sysadmins
Sep 2nd 2024 9:00am, by Damon M. Garn
Golang Pub/Sub: Why It’s Better When Combined With GoFr
Aug 28th 2024 6:00am, by Robert Kimani
With eLxr, Wind River Brings Debian Linux to the Edge
Aug 12th 2024 1:30pm, by Joab Jackson
How To Secure Microservices in a Multicloud Architecture
Oct 7th 2024 12:30pm, by Manas Chowdhury
Binary Provenance, SBOMs and the Software Supply Chain for Humans
Oct 1st 2024 10:00am, by Mike Long
Platform Engineering Reshapes Software Dev at Bechtle
Sep 4th 2024 6:00am, by Todd R. Weiss
Shift Left on a Budget: Cost-Savvy Testing for Microservices
Aug 27th 2024 12:03pm, by Nočnica Mellifera
Remocal Development: The Future of Efficient Kubernetes Workflows
Aug 25th 2024 10:00am, by Anita Ihuman
Internet Architecture Board ISO Future Networking Tech
Sep 29th 2024 8:00am, by Joab Jackson
Git: Set Up a Local Repository Accessible by LAN
Sep 28th 2024 9:00am, by Jack Wallen
Linux: Create and Connect to an NFS Share
Sep 21st 2024 8:00am, by Jack Wallen
AlmaLinux: Deploy a DHCP Server for Your Internal Network
Sep 14th 2024 7:00am, by Jack Wallen
How Meta Is Reinforcing its Global Network for AI Traffic
Sep 12th 2024 11:45am, by Joab Jackson
Azure Durable Functions: FaaS for Complex Workflows
Aug 15th 2024 8:16am, by Lily Ma and David Justo
Momento: Caching at Scale and More, Without All the Hassle
Jul 22nd 2024 11:23am, by Susan Hall
WebAssembly and Kubernetes Go Better Together: Matt Butcher
May 22nd 2024 2:00pm, by Raghavan "Rags" Srinivas
How to Conquer Cold Starts for Better Performance
Apr 25th 2024 9:17am, by Henry Hamid Safi
Meet DBOS: A Database Alternative to Kubernetes 
Mar 12th 2024 4:00am, by Joab Jackson
Kubernetes Advances Cloud Native Data Protection: Share Feedback
Oct 9th 2024 7:00am, by Mark Lavi
Redis Users Want a Change
Oct 2nd 2024 9:00am, by Aleksandra Mitroshkina
Linux: Recover Files From a Machine That Won't Boot
Sep 29th 2024 6:00am, by Jack Wallen
Columnar Storage: A Developer’s Key to Real-Time Analytics
Sep 27th 2024 7:00am, by Steph Rogers
Bring Storage and Databases Under Kubernetes Control
Sep 23rd 2024 1:00pm, by Murli Thirumale
AI Large Language Models Frontend Development Software Development API Management Python JavaScript TypeScript WebAssembly Cloud Services Data Security
Checks by Google: AI-Powered Compliance for Apps and Code
Oct 9th 2024 11:00am, by
Integration of AI With IoT Brings Agents to Physical World
Oct 8th 2024 7:46am, by
OSI’s Definition of Open Source AI Raises Critical Legal Concerns for Developers and Businesses
Oct 7th 2024 10:20am, by
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Microsoft Sees Devs Embracing a ‘Paradigm Shift’ to GenAIOps
Oct 4th 2024 8:28am, by
AI Agents and Copilots: SAP Introduces Deeper Integrations
Oct 9th 2024 9:12am, by
PDFs Get an Easier Entry to GenAI via New RAG Architecture
Oct 8th 2024 6:27am, by
Mix Human Expertise With LLM Assistance for Easier Coding
Oct 7th 2024 8:00am, by
Microsoft Sees Devs Embracing a ‘Paradigm Shift’ to GenAIOps
Oct 4th 2024 8:28am, by
Build an AI-Powered Question-Answering Application
Oct 3rd 2024 2:00pm, by
JavaScript Due for New Time, Date and Set Features Next Year
Oct 9th 2024 8:19am, by
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Introduction to Laravel for Ruby on Rails or Django Fans
Oct 5th 2024 5:00am, by
Vite Creator Launches Company To Build JavaScript Toolchain
Oct 3rd 2024 11:00am, by
The Pros and Cons of Web Components, Via Lit and Shoelace
Sep 29th 2024 7:00am, by
Python 3.13: Blazing New Trails in Performance and Scale
Oct 7th 2024 11:21am, by and
Mix Human Expertise With LLM Assistance for Easier Coding
Oct 7th 2024 8:00am, by
Go Big or Go Home: What GitHub Learned Building Copilot
Oct 4th 2024 1:01pm, by
Microsoft Taking Up the Mantra of Platform Engineering
Oct 4th 2024 7:23am, by
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by
API Gateway Checklist: How Strong Is Your API's Front Door?
Oct 8th 2024 8:45am, by
AI for APIs: Techniques for AI-Assisted SDK Generation
Oct 6th 2024 5:00am, by
Zen and the Art (and Science) of API Development
Oct 3rd 2024 7:00am, by
How To Strengthen API Security With Zero Trust
Oct 2nd 2024 10:00am, by
OpenAI's Realtime API Takes a Bow
Oct 1st 2024 9:05pm, by
Python 3.13: Blazing New Trails in Performance and Scale
Oct 7th 2024 11:21am, by and
Handling Edge Cases and Exceptions in Python
Sep 28th 2024 5:00am, by
How To Get Started With Native Python
Sep 27th 2024 8:00am, by
Python Under the Hood
Sep 26th 2024 12:00pm, by
How to Use Comments in Your Python Code (And Why You Should)
Sep 15th 2024 2:08pm, by
JavaScript Due for New Time, Date and Set Features Next Year
Oct 9th 2024 8:19am, by
Mix Human Expertise With LLM Assistance for Easier Coding
Oct 7th 2024 8:00am, by
OpenAI Launches New ChatGPT Interface, Designed for Coding
Oct 5th 2024 7:00am, by
Vite Creator Launches Company To Build JavaScript Toolchain
Oct 3rd 2024 11:00am, by
Behind the Scenes at the JavaScript Registry
Oct 3rd 2024 6:00am, by
Why ChatGPT Shifted From Next.js To Remix: Some Theories
Sep 14th 2024 8:05am, by
Is React Now a Full Stack Framework? And Other Dev News
Aug 31st 2024 5:00am, by
Implementing IAM in NestJS: The Essential Guide
Aug 30th 2024 6:26am, by
TypeScript 5.5: Faster, Smarter and More Powerful
Jun 25th 2024 6:41am, by
UIX: A Full Stack Web Dev Framework Leveraging Deno
Jun 11th 2024 11:30am, by
Traefik 3.0 Works Better With WebAssembly and OpenTelemetry
Sep 17th 2024 1:30pm, by
Arcjet Launches: Wasm-Powered Security for Modern Developers
Sep 10th 2024 2:05pm, by
Golang for WebAssembly Can Now Work Like IT Should
Aug 9th 2024 9:00am, by
How To Run WebAssembly on Kubernetes
Jul 28th 2024 10:00am, by
Chicory: Write to WebAssembly, Overcome JVM Shortcomings 
Jul 19th 2024 12:33pm, by
3 Key Practices for Perfecting Cloud Native Architecture
Sep 24th 2024 10:00am, by
AWS Transfers OpenSearch to the Linux Foundation
Sep 17th 2024 12:33pm, by
Why Cloud Migrations Fail
Sep 13th 2024 11:05am, by
Did Broadcom’s VMware Hit Nutanix Where It Hurts?
Sep 2nd 2024 7:00am, by
Broadcom’s VMware Tanzu Platform 10 Becomes a PaaS
Aug 28th 2024 12:34pm, by
Kubernetes Advances Cloud Native Data Protection: Share Feedback
Oct 9th 2024 7:00am, by
How to Handle Bad Data in Event Streams
Oct 8th 2024 11:00am, by
Unlock GA4 Insights: BigQuery SQL Recipes for Key Metrics
Oct 8th 2024 10:00am, by
With WarpStream, Confluent Got a New Type of Kafka Platform
Oct 1st 2024 7:11am, by
OpenAI Structured Outputs: How-To Guide for Developers
Sep 27th 2024 9:00am, by
API Gateway Checklist: How Strong Is Your API's Front Door?
Oct 8th 2024 8:45am, by
How To Secure Microservices in a Multicloud Architecture
Oct 7th 2024 12:30pm, by
A Guide to Linux Access Control Lists
Oct 6th 2024 6:00am, by
SSHamble: Test Your Servers for Potential SSH Issues
Oct 4th 2024 9:00am, by
Implement Third-Party Authentication With Google in Next.js
Oct 4th 2024 9:00am, by
Platform Engineering Operations CI/CD Tech Careers Tech Culture DevOps Kubernetes Observability Service Mesh
Building an Internal Developer Platform: 4 Essential Pillars
Oct 7th 2024 6:21am, by Ritesh Patel
Microsoft Taking Up the Mantra of Platform Engineering
Oct 4th 2024 7:23am, by Todd R. Weiss
How to Build an Internal Developer Platform Like a Product
Sep 23rd 2024 10:57am, by Jennifer Riggins
Platform Engineering Reshapes Software Dev at Bechtle
Sep 4th 2024 6:00am, by Todd R. Weiss
Build Platform Engineering as a Product for Dev Adoption
Sep 2nd 2024 6:00am, by Todd R. Weiss
NGINX One Console: Not for Experts Only
Oct 4th 2024 12:39pm, by B. Cameron Gain
SSHamble: Test Your Servers for Potential SSH Issues
Oct 4th 2024 9:00am, by Jack Wallen
Key Trends Shaping the Observability Market
Oct 4th 2024 8:00am, by Krishna Yadappanavar
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Google Equips PostgreSQL, Valkey Services for Vector Processing
Oct 3rd 2024 5:00am, by Joab Jackson
How the Argo Project Is Avoiding WordPress-Type Problems
Oct 4th 2024 11:00am, by Dan Garfield
Implement Third-Party Authentication With Google in Next.js
Oct 4th 2024 9:00am, by Vinod Pal
End of the Road for JavaFX in JDK 8: Keeping Your Apps Alive
Oct 3rd 2024 1:00pm, by Frank Delporte
How Generative AI Is Revolutionizing Debugging
Sep 25th 2024 8:30am, by Eran Kinsbruner
Stop Blaming Regulation for Poor Software Delivery Performance
Sep 24th 2024 12:00pm, by Steve Fenton
It's Critical To Resolve the DevOps Tax on Central Teams
Oct 6th 2024 10:00am, by Travis McPeak
Developer Relations Relies on Authenticity and Trust
Oct 5th 2024 10:00am, by Sarah Guthals
Developer Relations Foundation Aims to Clarify Role
Oct 2nd 2024 12:00pm, by Loraine Lawson
What a CTO Learned at Nvidia About Managing Engineers
Sep 26th 2024 9:20am, by Heather Joslyn
Kelsey Hightower on What’s Next for Developers After GenAI
Sep 17th 2024 11:30am, by Joe Fay
Zorin OS: The Perfect Linux Distro for Migrating From Windows
Oct 5th 2024 8:00am, by Jack Wallen
Lost 1983 Programming Language Resurrected by Retro Compute YouTube Channel
Oct 5th 2024 6:00am, by David Cassel
Developer Relations Foundation Aims to Clarify Role
Oct 2nd 2024 12:00pm, by Loraine Lawson
Social Web Foundation Launched — How In Is W3C on Fediverse?
Sep 24th 2024 6:00am, by Richard MacManus
How To Find Success With Code Reviews
Sep 19th 2024 5:00am, by Loraine Lawson
Building an Internal Developer Platform: 4 Essential Pillars
Oct 7th 2024 6:21am, by Ritesh Patel
It's Critical To Resolve the DevOps Tax on Central Teams
Oct 6th 2024 10:00am, by Travis McPeak
Developer Relations Relies on Authenticity and Trust
Oct 5th 2024 10:00am, by Sarah Guthals
Open Source Supply Chains Can Fix Your Dependency Headaches
Oct 3rd 2024 10:00am, by Sam Snyder
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Kubernetes Advances Cloud Native Data Protection: Share Feedback
Oct 9th 2024 7:00am, by Mark Lavi
How Nvidia Scaled Its Cloud Services With KubeVirt
Oct 4th 2024 6:18am, by Jonathan Gershater
Is Kubernetes Green?
Oct 2nd 2024 8:24am, by Anne Currie
Enterprise Data Platforms on Kubernetes Challenge Status Quo
Oct 2nd 2024 7:06am, by Mark Cusack
Databases on Kubernetes: Why, When and What To Consider
Oct 1st 2024 6:16am, by Kathryn Hsu
Unlock GA4 Insights: BigQuery SQL Recipes for Key Metrics
Oct 8th 2024 10:00am, by Kevin Leary
Key Trends Shaping the Observability Market
Oct 4th 2024 8:00am, by Krishna Yadappanavar
The 4 Evolutions of Your Observability Journey
Oct 3rd 2024 9:00am, by Hazel Weakly
Why Grafana Offers $100,000 to Startups for Observability
Sep 28th 2024 4:00am, by B. Cameron Gain
The Path to Autonomous Observability
Sep 25th 2024 6:14am, by David Lotan Bolotnikoff
Tetrate, Bloomberg Collaborate on Envoy-Based AI Gateways
Oct 7th 2024 2:00pm, by Steven J. Vaughan-Nichols
Istio 1.23 Drops the Sidecar for a Simpler 'Ambient Mesh'
Aug 19th 2024 12:59pm, by Joab Jackson
Can Cilium Be a Control Plane Beyond Kubernetes?
Jul 28th 2024 6:00am, by Alex Williams
6 Tips to Integrate Container Orchestration and APM Tools
May 20th 2024 11:03am, by Chris Cooney
Enhancing Business Security and Compliance with Service Mesh
Apr 1st 2024 10:00am, by Ninad Desai
AI / Compliance / Developer tools / Software Testing

Checks by Google: AI-Powered Compliance for Apps and Code

Google's AI-powered compliance platform, Checks by Google, is now generally available. It checks what an app does against what it should do.
Oct 9th, 2024 11:00am by
Featued image for: Checks by Google: AI-Powered Compliance for Apps and Code
Photo by Tara Winstead via Pexels

Google is making its AI-powered compliance platform generally available as Checks by Google. It encompasses three new product offerings that will check apps, code and soon AI models for compliance issues, including personally identifiable information, government regulatory requirements, and whether a developer model will “talk out of turn” by providing controversial or inappropriate responses.

Checks by Google emerged from Google’s incubator and was used internally to test Google’s own large language models, said Fergus Hurley, the co-founder and general manager of Checks by Google.

“We’re providing insights and tools to these companies because most of them do not have insights and tools that they need,” he said. “Some of our customers include the top five social media apps, the top five games, the top five finance apps, and these companies are very well-resourced, but they just don’t have the level of insight that they need to get through their job. We bridge that gap [between] the development team and the compliance team.”

Checks by Google is integrated with Vertex, the Google Cloud offering for generative AI, but works with other major model providers as well. Vertex has more than 150 generative AI models available, including Anthropic’s Claude and Mistral.

App Compliance

Checks by Google has three offerings: App Compliance, which is available now, and Code Compliance and AI Safety, which are in a closed beta with a waitlist.

App Compliance checks an app or website or service to see if it’s complying with rules for collecting user data. For example, it can check for compliance against the GDPR in Europe, the CCPA in California and the LGPD in Brazil.

“We look at what the app is required to do based on the different regulations around the world,” Hurley said. “We cover these rules and if you have users in those regions, we turn on those checks.”

App Compliance can also run an analysis on a publicly used app to check against any organizational privacy policies. It relies on an LLM that’s fine-tuned for understanding privacy policies, comparing them to what the app or product is actually doing and performs both dynamic and static analysis, he said. For example, Checks runs the apps on actual physical devices and monitors the network traffic coming off the apps as well as the user experience.

“We’ve got a smart AI crawler looking at what the app is actually doing. It’s able to play games, it’s able to log into the app if the login credentials are provided to us, but it’s a smart AI crawler.”
— Fergus Hurley, co-founder and general manager, Checks by Google

“We have built our own fine-tuned model for understanding privacy policies, and that’s used across many teams at Google now as well,” he said. “We are able to identify issues that the product might have from a compliance perspective. We’ve got a smart AI crawler looking at what the app is actually doing. It’s able to play games, it’s able to log into the app if the login credentials are provided to us, but it’s a smart AI crawler.”

Hurley noted that co-founder Nia Cross Castelly is a lawyer, although Hurley cautioned that the AI is not providing legal advice.

“She was responsible for Google Play policies, which developers follow very closely to get access to billions of users,” he said. “So we do have a lawyer overseeing this stuff, but we are not providing legal guidance. That’s important.”

Instead, the AI is simply providing insights and tools that bridge the gap between the development team and the compliance team, he added.

Code Compliance

Code Compliance, which is in closed beta, allows developers to get ahead of regulatory issues before an app is published. It can be integrated into an IDE, Hurley said, so that developers receive alerts directly in the IDE about issues that are integrated into their build systems.

Code Compliance provides information about critical issues, which can include security issues, but it also might detect, for example, an outdated SDK.

“We also help people create, manage and maintain their safety labels on Google Play,” he said. “That’s the Holy Grail, being able to be that one place that people need to go to be able to get all their compliance insights.”

AI Safety

The third offering, which is being tested in a closed beta, is AI Safety.

Developers have three main problems they need to solve with AI and AI-driven apps, Hurley said. First, they need to be able to set up their policies, which he called the ‘align phase.’ During this phase, they determine what policies are relevant to them and their website or app.

Second, they need to evaluate to make sure that the policies are adhering to their actual initial model release and vice versa. Third, after launching the actual GenAI product, developers need to ensure it’s behaving correctly in the wild.

“We have built a product to help with each of those parts as part of this AI safety product, so really, it’s trying to build out the governance command center here,” he said. “In the first phase, the alignment, people want to be able to configure their policies, and right now, we support the core policies that really every generic product needs around violence, hate speech, and sensitive data — such as PII (personally identifiable information).”

The evaluation phase helps developers determine whether the policies adhere to their initial model release and vice versa, he said. This phase is where the product performs red teaming and adverbial testing using prompts developed in-house by Google, he said.

Shows the three questions in the Checks by Google framework: What is an app required to do; what an app says it's doing; and what an app is actually doing.

Screenshot of the Checks by Google framework

Red teaming is a security testing technique that involves simulating malicious attacks on a system or organization to identify vulnerabilities and assess resilience. The name comes from a controlled war game where a red team attempts to breach the security of a target, which a blue team defends. Adversarial testing is a type of software testing that involves intentionally trying to break an application or system by introducing unexpected or malicious inputs. It helps find weaknesses that could be exploited by malicious actors.

“One thing developers struggle with once they’ve built their model is coming up with these adversarial prompts, and that’s where us having this huge corpus of adversarial prompts is so valuable, and that’s where we’re leaning into a lot of the work being done by Gemini and Gemma and other Google teams as well,” he said, adding that it also incorporates the best practices developed by those teams. “We run those prompts against the developer model, and we make sure the responses that form that model are the ones that the developer would want.”

This step shouldn’t be underestimated. Not only can AI models produce statements that could be publicly embarrassing, but they can also provide incorrect information that costs companies money.

“People sometimes try and get the models to do things that they shouldn’t do,” he said. “One of the most public cases of this is where Air Canada had a case where their agent responded and said that the person could get a refund. What ended up happening is that Air Canada said, ‘No, you can’t get a refund based on these conditions.’”

That led to a court case and in the end, Air Canada did have to issue the refund, he said.

“It’s now sort of set the rules that companies are responsible for what their GenAI agents say and do, and they do have that responsibility,” he said. “Making sure that the agent is following the company’s policies is so critical, but that’s one of the most public examples of one of the things that will be prevented by the model being fine-tuned, based on the company’s policies, to only talk about what the company actually offers.”

“One things developers struggle with once they’ve built their model is coming up with these adversarial prompts, and that’s where us having this huge corpus of adversarial prompts is so valuable, and that’s where we’re leaning into a lot of the work being done by Gemini and Gemma and other Google teams as well.”
— Fergus Hurley

Third, once the GenAI product is released, developers need to be able to monitor whether it behaves correctly in the wild. For instance, there was a case of a general-purpose AI agent that a company launched to provide for a specific use case, but people learned they could “hack” it and gain free access to a model that’s actually very expensive to use.

“The most important part is just making sure that things don’t go off the rails and having those safeguards in place,” he said. “We have a guardrails product where it monitors the input prompt and the output prompt and detects issues, like an input prompt that should not reach the model would be when someone is trying to potentially jailbreak the model, and then on the output side of things, no PII should ever be exposed by a model, and there should be many safeguards in place to prevent that from happening.”

He pointed out that if developers do not want to perform the fine-tuning themselves, they can use guardrails to automatically create monitoring and safeguards.

“They are able to go in and select for the input guardrails, [e.g.] I want to turn on jailbreak prevention,” he said. “Let’s say they’ve configured these different ones with different sensitivity thresholds, then they can configure the output thresholds, and then they deploy that to production as part of their model.”

Guardrails act as a filter on the model rather than actually fine-tuning it directly. The filter does not significantly impact performance, he added.

Customizable by Industry, Focus

Checks by Google’s offerings can be customized by industry as well, he added. For instance, if an app is dealing with children’s data, there are very specific rules that app must follow.

“We work with some of the biggest game companies out there for kids,” he said. “You could imagine healthcare and finance or other major heavily regulated industries have their own very specific needs, and that’s where the goal, over time, is to build out this ecosystem of checks, where people are able to turn on the Checks that are most relevant to their business.”

Hurley said Checks by Google’s products cut across all types of developers; they see frontend developers, as well as backend and full stack developers, using the tools.

Right now, it’s free to get started, although some businesses are more complex and do need paid services to help them with compliance, he said.

TRENDING STORIES
Group Created with Sketch.
Loraine Lawson is a veteran technology reporter who has covered technology issues from data integration to security for 25 years. Before joining The New Stack, she served as the editor of the banking technology site Bank Automation News. She has...
Read more from Loraine Lawson
SHARE THIS STORY
TRENDING STORIES
TRENDING STORIES
TNS DAILY NEWSLETTER Receive a free roundup of the most recent TNS articles in your inbox each day.