Guarding LLM and NLP APIs: A Trailblazing Odyssey for Enhanced Security

Name: Guarding%20LLM%20and%20NLP%20APIs:%20A%20Trailblazing%20Odyssey%20for%20Enhanced%20Security
Uploaded: 2023-11-13

Posted Nov 13, 2023 | Views 641

# LLMs

# OWASP

# Cohere

speakers

Ads Dawson

Senior Security Engineer @ Cohere

A mainly self-taught, driven, and motivated proficient application, network infrastructure & cyber security professional holding over eleven years experience from start-up to large-size enterprises leading the incident response process and specializing in extensive LLM/AI Security, Web Application Security and DevSecOps protecting REST API endpoints, large-scale microservice architectures in hybrid cloud environments, application source code as well as EDR, threat hunting, reverse engineering, and forensics.

Ads have a passion for all things blue and red teams, be that offensive & API security, automation of detection & remediation (SOAR), or deep packet inspection for example.

Ads is also a networking veteran and love a good PCAP to delve into. One of my favorite things at Defcon is hunting for PWNs at the "Wall of Sheep" village and inspecting malicious payloads and binaries.

+ Read More

Demetrios Brinkmann

Chief Happiness Engineer @ MLOps Community

At the moment Demetrios is immersing himself in Machine Learning by interviewing experts from around the world in the weekly MLOps.community meetups. Demetrios is constantly learning and engaging in new activities to get uncomfortable and learn from his mistakes. He tries to bring creativity into every aspect of his life, whether that be analyzing the best paths forward, overcoming obstacles, or building lego houses with his daughter.

+ Read More

SUMMARY

Ads Dawson, a seasoned security engineer at Cohere, explores the challenges and solutions in securing large language models (LLMs) and natural language programming APIs. Drawing on his extensive experience, Ads discusses approaches to threat modeling LLM applications, preventing data breaches, defending against attacks, and bolstering the security of these critical technologies. The presentation also delves into the success of the "OWASP Top 10 for Large Language Model Applications" project, co-founded by Ads, which identifies key vulnerabilities in the industry. Notably, Ads owns three of the top 10 vulnerabilities, including Training Data Poisoning, Sensitive Information Disclosure, and Model Theft.

This OWASP Top 10 serves as a foundational resource for stakeholders in AI, offering guidance on using, developing, and securing LLM applications. Additionally, the session covers insider news from the AI Village's 'Hack the Future' | LLM Red Teaming event at Defcon31, providing insights into the inaugural Generative AI Red Teaming showdown and its significance in addressing security and privacy concerns amid the widespread adoption of AI.

+ Read More