Practical strategies to protect language models apps (or at least doing your best)
Thank you two for using your reach to educate about this super important topic!
In my experience getting devs hands-on with attacks ALA OWASP Juice is incredibly valuable as it helps them conceptualize how these attacks work.
Some resources for that:
- Gandalf CTF: https://gandalf.lakera.ai/
- Portswigger academy web LLM attacks: https://portswigger.net/web-security/llm-attacks
- TensorTrust AI attack+defense: https://tensortrust.ai/
Also worth checking out the OWASP top 10 for LLMs: https://owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-v1_1.pdf
Gandalf is such a fun way to get hands on experience with prompt attacks. Thanks for sharing.
Seems like you have insight into this. Come on for a follow up guest post if you're not too busy
Oh I'd love that, thank you! What's the best way to chat about this further?
All my social media is in the end. Pick whatever you like the most
Used Nemo Guardrails in a hackathon last year after it was released. Easy to implement and powerful! Interested in checking out these other approaches.
NeMo is great. The other ones are more straightforward so should be easier for you to implement.
Have you seen this https://github.com/ceterum1/llm-defender-subnet for Bittensor?
Thank you two for using your reach to educate about this super important topic!
In my experience getting devs hands-on with attacks ALA OWASP Juice is incredibly valuable as it helps them conceptualize how these attacks work.
Some resources for that:
- Gandalf CTF: https://gandalf.lakera.ai/
- Portswigger academy web LLM attacks: https://portswigger.net/web-security/llm-attacks
- TensorTrust AI attack+defense: https://tensortrust.ai/
Also worth checking out the OWASP top 10 for LLMs: https://owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-v1_1.pdf
Gandalf is such a fun way to get hands on experience with prompt attacks. Thanks for sharing.
Seems like you have insight into this. Come on for a follow up guest post if you're not too busy
Oh I'd love that, thank you! What's the best way to chat about this further?
All my social media is in the end. Pick whatever you like the most
Used Nemo Guardrails in a hackathon last year after it was released. Easy to implement and powerful! Interested in checking out these other approaches.
NeMo is great. The other ones are more straightforward so should be easier for you to implement.
Have you seen this https://github.com/ceterum1/llm-defender-subnet for Bittensor?