🔑 Key Topics Covered:
Overview of AI Application Components and Frameworks: We’ll examine the structure of AI applications and discuss current security frameworks, including Google’s Secure AI Framework (SAIF).

AI Attack Surface: Understand how new technologies change the attack surface for Generative AI applications. We will explore the types of attacks simulated by AI Red Teams, such as Prompt Attacks, Training Data Extraction, and Backdooring the model. We will also cover vulnerabilities from the OWASP Top 10 for LLMs, including Prompt Injection and Insecure Output Handling.

Defense in Depth for LLMs: Learn about implementing a multi-layered security approach for both INPUT and OUTPUT to safeguard your LLM applications.

Input Safeguards: Strategies will include Authentication (Auth), Web Application Firewalls (WAF), Basic Filtering, Data Loss Prevention (DLP), Category/Sentiment Analysis, Malware Checks, and LLM Validation. * Output Safeguards: Techniques like Grounding and using a Safety Filter to review content for harmful categories will be demonstrated. 

Security Patterns & Mitigation Demos: We will showcase practical examples of prompt design and attacks, followed by demonstrations of mitigation techniques. This includes using methods like the DARE prompt and Strict Input Validation with Random Token to prevent “prompt hijacking” and enforce mission compliance.By the end of the session, attendees will have a clearer understanding of the challenges their teams face when using conversational agents daily and how to secure (or “blind”) these agents to maximize the benefits of AI in the safest way possible.