Overview
Explore the OWASP Top 10 security risks associated with Large Language Models (LLMs) in this comprehensive 39-minute DevSecCon talk. Delve into the rapidly evolving world of Generative AI and its potential impact on various industries. Learn about critical concepts such as prompt injection, data leakage, sandboxing, and insufficient AI alignment. Gain insights into best practices, real-life examples, and resources for managing LLM applications securely. Discover the challenges and opportunities presented by AI-generated content and compare AI capabilities with human resources. Equip yourself with essential knowledge for risk management and building robust security controls in the era of LLMs.
Syllabus
Introduction
What is an LLM
No one has all the answers
Oauth Top 10
Prompt Injection
Do Anything Mode
Bug Bounty Program
Data Leakage
Sandboxing
Running code
SSRF vulnerability
LLM generated content
Insufficient AI alignment
Data poisoning
Security challenges
Best practices
Real life examples
Resources
AI vs Human Resources
Taught by
DevSecCon