Rajeck Massa
Rajeck Massa is a Cyber Security scientist at TNO, where he contributes to applied research across system and software security, AI security, and advanced detection and innovation. He holds an MSc in Computer Science from Leiden University and joined TNO after completing an internship there. In his work, Rajeck is involved in research projects that study how complex technical systems can be abused under realistic adversarial conditions, ranging from low‑level software components to modern AI‑enabled applications. His interests include developing and validating practical security testing methodologies, particularly in areas where existing approaches fall short. Through his research, he aims to help bridge the gap between emerging technologies and actionable security practice.
Session
Many organizations are developing LLM‑based applications to improve productivity, supported by the growing number of platforms that simplify their creation. However, integrating LLMs into applications introduces new security risks, as adversaries can exploit models through natural‑language–based attacks such as prompt injections and jailbreaks. Successful attacks can lead to sensitive data leakage, reputational harm, or deeper compromise of internal digital environments.
These risks highlight the need for structured, repeatable, and context‑aware security testing for LLM‑enabled applications. Therefore, we would like to present ProViLE: a systematic approach and supporting open‑source tool for prompt‑based security testing of LLM‑enabled applications. ProViLE emphasizes that effective tests are highly dependent on the context of the application. The approach guides practitioners through four key steps: (1) defining potential attack objectives, (2) identifying relevant attack techniques, (3) formulating corresponding attack prompts, and (4) evaluating the LLM application’s responses to the attack prompts.
The ProViLE tool automates the final two steps by using LLMs to (3) generate attack prompts from objectives and techniques, and (4) evaluate whether a response constitutes a successful attack based on the objective and a scoring rubric. This enables scalable and consistent testing across diverse application contexts. The result is a structured overview of the security posture of an LLM‑based application across custom security considerations.
ProViLE aims to facilitate the penetration‑testing workflow for LLM applications, but can also be used by development teams to conduct initial baseline assessments before deployment. By open‑sourcing our work, we hope to support the broader development of secure LLM‑based systems.