BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//pretalx.com//orangecon-2026//speaker//MEYDL8 BEGIN:VEVENT UID:pretalx-orangecon-2026-XGZYKB@pretalx.com DTSTART:20260604T145000Z DTEND:20260604T152000Z DESCRIPTION:Many organizations are developing LLM‑based applications to i mprove productivity\, supported by the growing number of platforms that si mplify their creation. However\, integrating LLMs into applications introd uces new security risks\, as adversaries can exploit models through natura l‑language–based attacks such as prompt injections and jailbreaks. Suc cessful attacks can lead to sensitive data leakage\, reputational harm\, o r deeper compromise of internal digital environments. \n\nThese risks high light the need for structured\, repeatable\, and context‑aware security testing for LLM‑enabled applications. Therefore\, we would like to prese nt ProViLE: a systematic approach and supporting open‑source tool for pr ompt‑based security testing of LLM‑enabled applications. ProViLE empha sizes that effective tests are highly dependent on the context of the appl ication. The approach guides practitioners through four key steps: (1) def ining potential attack objectives\, (2) identifying relevant attack techni ques\, (3) formulating corresponding attack prompts\, and (4) evaluating t he LLM application’s responses to the attack prompts.\n\nThe ProViLE too l automates the final two steps by using LLMs to (3) generate attack promp ts from objectives and techniques\, and (4) evaluate whether a response co nstitutes a successful attack based on the objective and a scoring rubric. This enables scalable and consistent testing across diverse application c ontexts. The result is a structured overview of the security posture of an LLM‑based application across custom security considerations.\n\nProViLE aims to facilitate the penetration‑testing workflow for LLM application s\, but can also be used by development teams to conduct initial baseline assessments before deployment. By open‑sourcing our work\, we hope to su pport the broader development of secure LLM‑based systems. DTSTAMP:20260525T192652Z LOCATION:Track 2 SUMMARY:How to Prompt for Vulnerabilities in LLM-based applications with Ex tensions\, the ProViLE approach. - Rajeck Massa URL:https://pretalx.com/orangecon-2026/talk/XGZYKB/ END:VEVENT END:VCALENDAR