Most PII leaks happen before your prompt ever hits the model — here's how to catch them at the pipeline level with deterministic ETLs and synthetic stand-ins.
The AI gold rush has created a massive blind spot: we are opening up our
databases without fixing our core access problems. Whether it’s an over-
permissioned LLM vacuuming up customer emails, or a developer casually
dumping a production table into a test environment, exposing sensitive data has
never been easier—or more permanent.
In this session, we’ll break down the anatomy of a modern data leak. We’ll look at
how sensitive information actually slips into AI context windows and human
hands, and how to mitigate the risk before it happens. We’ll walk through
practical architectural patterns—from automated masking and deterministic
ETLs to synthetic data generation—so you can safely build AI features without
exposing your users to models or unauthorized insiders.
Speaker
Daniyar Mussakulov
Engineering lead @3T Software Labs
Daniyar Mussakulov is an Engineering Lead at 3T Software Labs, the makers of Studio 3T—the industry-leading MongoDB IDE and data platform that enables data teams and AI agents to work together safely. With over a decade of experience building scalable software platforms and developing high-performing teams, Daniyar focuses on modernizing systems and pioneering practical, governed uses of AI.
At Studio 3T, he plays a key role in building infrastructure that keeps humans in control as AI enters the workflow. His work focuses on data pipeline engines and governance tools that mask sensitive information and enforce access, ensuring that organizations can harness the power of AI without exposing their PII to external language models.Known for leading with both technical depth and genuine empathy, Daniyar creates environments where engineers thrive and builds foundations that scale. When he isn't improving how engineering teams operate, he is exploring the cutting-edge intersection of data governance and AI security.
Catch Daniyar's session at QCon Boston to learn how to catch PII leaks at the pipeline level and safeguard your data assets from the unintended risks of AI integration!
Session Sponsored By
The governed data access platform for MongoDB — built for humans and AI agents alike .