Prompt Injection: The Top LLM Security Threat for Enterprises
Related Episodes
AI Agent Security: Addressing the Lethal Trifecta with Conversational Red-Teaming
AI agents face a "lethal trifecta" vulnerability: untrusted input, sensitive data, and exfiltration. Discover how to test and secure them with AI-driven red-teaming.
View Episode Notes →
AI Guardrails Offer False Security -- Prioritize Classical Cybersecurity
Current AI guardrails offer a false sense of security; prioritize classical cybersecurity principles like proper permissioning for agentic AI systems to mitigate immediate risks.
View Episode Notes →
Modular Agentic Architectures for Effective LLM Application Development
Build LLM applications with modular, agentic architectures, not monolithic models, for planning, orchestration, and specialized tools. Validate rigorously with multi-layered defenses.
View Episode Notes →
AI Security Requires System-Level Defense and Radical Transparency
AI guardrails are security theater, sacrificing capability without enhancing safety. True AI security requires system-level defenses and radical transparency, not model lobotomization.
View Episode Notes →
Agentic AI Security Risks: Expanding Attack Surface and Unpredictable Behavior
Agentic AI's expanding attack surface and "jagged intelligence" create unprecedented security risks, demanding provable guarantees for trustworthy, critical decision-making.
View Episode Notes →
Cryptographic Exploits Reveal Inherent AI Filter Vulnerabilities
AI filters have structural vulnerabilities exploitable by cryptographic techniques, creating a trade-off between security and usability that means protections will always have holes.
View Episode Notes →Resources
Resources & Recommendations
Books
- "OWASP Top 10 for LLMs" - This resource was mentioned as covering the most important threat factors for generative AI applications, providing details on attacks, examples, and mitigation techniques.
Courses & Educational Resources
- Prompt Engineering Course (Google) - This course is recommended for developers to learn how to craft system prompts effectively to get the best outcomes from interactions with LLMs.
Organizations & Institutions
- OWASP (Open Web Application Security Project) - This organization provides a top 10 list of risks for LLMs, which was a central theme of the discussion.
- Pangea - Sourabh Satish is the CTO and co-founder of this company, which ran the $10,000 AI prompt injection challenge.
- Phantom Cyber - A company founded by Sourabh Satish, which was acquired by Splunk in 2018.
- Splunk - The company that acquired Phantom Cyber in 2018.
- Symantec - Sourabh Satish previously served as a distinguished engineer at this company.
- Anthropic - This company was mentioned in the context of popularizing the MCP protocol for agentic architectures.
Websites & Online Resources
- se-radio.net - The website for the Software Engineering Radio podcast.
- computer.org/software - The online presence for IEEE Software Magazine.
- seradio.slack.com - The Slack channel for Software Engineering Radio.
Other Resources
- Software Engineering Radio Episode 673 - Provides broader context related to the current discussion on prompt injection.
- Software Engineering Radio Episode 661 - Provides broader context related to the current discussion on prompt injection.
- Software Engineering Radio Episode 582 - Provides broader context related to the current discussion on prompt injection.