LLM Security
TODO: "The comprehensive protection of Generative AI and LLM (Large Language Model) applications means Application Security squared." was under the title as a "Sub-heading" and an icon was visible on the right (oven with flame)….
The challenge
In applications with Generative AI, specifically in LLM (Large Language Model) applications, the classic web and app vulnerabilities are joined by a variety of other potential security problems: through the use of external or internal models, the use of plugins, agents, RAG connections, etc. In practice, the entire spectrum of cloud security is usually added.
We offer comprehensive support for the secure design, implementation, and operation of your AI.
LLM Security is different!
An illuminating example of the "different" nature of the requirements for the security of Generative AI is the way the pattern of injection vulnerabilities presents itself here. In the field of classical programming, injection can be reliably prevented by applying the appropriate countermeasure (for example, prepared statements against SQL injection). In the field of LLMs, we are currently faced with the fundamental impossibility of a similarly secure countermeasure. Simply because the user input - the prompt - must become part of the overall context so that the system can fulfill its purpose.
Security Assessments & Penetration Tests
We test the security of LLM applications based on OWASP LLM Top 10 and Mitre ATLAS
More (TODO: Link to corresponding subpage)
Workshop: Security for LLM Applications
This workshop provides the tools to anchor security in the design and construction of an AI system.
To the workshop (TODO: Link to corresponding subpage)
Training: OWASP Top 10 for LLM Applications
Everything designers, architects and software developers need to know to deploy secure AI systems from the ground up.
To the training (TODO: Link to corresponding subpage)
TODO: Here was a link to “The Big Application Security Pentest FAQ for Clients” and below it a block with “AP Tom”. Below that was a “Career” call with a picture, 2 blocks and a link “More”
mgm sp
DeepDive
A penetration test can be carried out with varying degrees of prior knowledge – from a completely blind flight to the complete disclosure of the system architecture. The choice between Blackbox, Greybox and Whitebox determines the depth, effort and significance of the test.
I am the reading text. I can be deselected below via the toggle. Lorem ipsum dolor sit amet sed Marcus is here today in the Colosseum. But where is Cornelia? She waits a long time. Finally she rejoices and laughs. There she is! There she sits!
Comparison 1
- topic 1
- topic 2
- topic 3
Comparison 2
- topic 1
- topic 2
- topic 3 dasdasdsa dsdsa