2024-10-27 –, CLASS #2
Language: English
Despite the significant increase in the number of Generative AI-powered applications being developed by companies and professionals globally, many organizations are unable to secure their deployed applications properly. One of the practical techniques to secure Gen AI systems along with self-hosted LLMs involves building a vulnerability scanner that checks for vulnerabilities such as prompt injection. In this session, we will discuss how to build a custom scanner to help teams identify security issues specific to their self-hosted LLMs.
Over the next few years, we’ll see more organizations building various AI-powered tools and systems. While most AI-powered tools can be built using 3rd-party services and APIs, we’ll see more companies using their own LLMs and hosting it in their own private network environments. For one thing, having a self-hosted LLM would guarantee greater control over data privacy and security. In addition to this, companies would gain the much needed flexibility when customizing their LLMs to specific business needs and constraints.
At this point, most professionals are not aware of the security threats and potential security vulnerabilities when building AI-powered applications utilizing self-hosted Large Language Models (LLMs). Similarly, security teams and professionals have not yet adjusted to the new wave of security attacks due to the pace of innovation in the AI space.
One of the more practical techniques to secure these AI-powered applications involves building and using a vulnerability scanner that checks for common vulnerabilities such as prompt injection. In this session, we will use Python to build a custom scanner to help teams identify and mitigate security issues specific to their self-hosted LLMs right away. Finally, we’ll also take a look at various strategies on how to mitigate the vulnerabilities found by our scanner.
Joshua Arvin Lat is the Chief Technology Officer (CTO) of NuWorks Interactive Labs, Inc. He previously served as the CTO of 3 Australian-owned companies and also served as the Director for Software Development and Engineering for multiple e-commerce startups in the past. Years ago, he and his team won 1st place in a global cybersecurity competition with their published research paper. He is also an AWS Machine Learning Hero and he has been sharing his knowledge in several international conferences to discuss practical strategies on machine learning, engineering, security, and management. He is also the author of the books "Machine Learning with Amazon SageMaker Cookbook", "Machine Learning Engineering on AWS", and "Building and Automating Penetration Testing Labs in the Cloud". Due to his proven track record in leading digital transformation within organizations, he has been recognized as one of the prestigious Orange Boomerang: Digital Leader of the Year 2023 award winners.
Sophie Soliven is the Director of Operations for Edamama. She has over 9 years of experience in e-commerce, fintech, and retail. Over the years, she has also been sharing her knowledge and experience in both the local and the international scene.