A Practical Guide to Securing Your AI Application

Explore a comprehensive conference talk on securing AI applications in this 33-minute presentation from Conf42 LLMs 2024. Delve into the tipping point of generative AI, understand its foundation models, and learn why security should be integrated alongside AI development. Discover the concept of responsible AI and navigate through a generative AI security scoping matrix. Examine the project life cycle and data flows in generative AI applications, while considering the OWASP Top 10 for LLMs. Gain practical insights on controlling vulnerabilities, including strategies to combat prompt injection attacks, implement wrapper methods, and utilize the H3 (helpful, honest, harmless) approach. Learn techniques for limiting PII, creating guardrails, and evaluating AI systems with benchmarks. Explore observability practices and understand generative AI implementation across different layers. Conclude with valuable resources and a call to action for securing your AI applications effectively.

intro
preamble
the tipping point for generative ai
generative ai is powered by foundation models
security should run alongside generative ai
what is responsible ai?
generative ai security scoping matrix
generative ai project life cycle
data flows in generative ai application
owasp top 10 for llms
don't forget the fundamentals
what can you do?
controlling the vulnerabilities
prompt injection attacks
wrapper method - defining a ruleset
wrapper method - using delimiters
h3: helpful, honest, harmless
controlling vulnerabilities, toxicity moderator
limit pii for ai
multi-step self guarding
create guardrails for the e2e cycle
preload the least needed context
evaluation with genai
evaluate with benchmarks
reduve the affected resources
observability
generative ai on different layers
amazon bedrock
resources and call to action
thank you!