Securing LLM Applications: the devil is in the detail

Securing a modern LLM system (even if what’s under scrutiny is only an application involving LLM technology) must involve diving into the engineering and design of the specific LLM system itself. During this webinar, we will discuss an approach intended to make that kind of detailed work easier and more consistent by providing a baseline and a set of risks to consider.  Fortunately, modern threat modeling tools already have knowledge of these risks built in.

In our view, LLM systems engineers can (and should) devise and field a more secure LLM application by carefully considering ML-related risks while designing, implementing, and fielding their own specific systems. In security, the devil is in the details, and we attempt to provide as much detail as possible regarding LLM security risks and some basic controls.

• Are you a user of Large Language Models (LLMs)?
• Are you a CISO or an application security leader confronted with ML security and Adversarial AI?
• Do you or your teams utilize output from Machine Learning (ML)/Artificial Intelligence (AI) applications and systems?
• Are you looking for risk management and threat modeling guidance for AI/ML?
• Do you wonder how NIST, OWASP, and BIML stack up when it comes to ML risks?

If you said yes to any of the above, then this webinar is for you. Listen in as we discuss 81 specific risks identified in the 2024 LLM Risk Analysis Paper from Berryville Institute of Machine Learning (BIML). Gary McGraw, the “father of software security,” is Co-Founder and CEO of BIML and will go into detail of what the risks mean for you and your organization, why you need to take notice, and why the time to act is now.

Jacob Teale, Head of Security Research at IriusRisk, will contribute on why security teams need to ensure they are not just considering risks from LLMs, but incorporating it into their wider cybersecurity strategies for 2024 and beyond.

‍