Session Spotlight

Pranav Shikarpur

Camp Counselor

Getting AI to Do the Unexpected

Event Logo

Wednesday, July 31, 2024 - 9:00 PM UTC, for 1 hour.

Regular, 60 minute presentation

Room: African 60

prompt engineering
llms
prompt hacking
pii leakage

In an era where AI features in apps are no longer a novelty but a necessity, developers are creatively embedding Large Language Models (LLMs) into applications ranging from “dad joke generators” to critical healthcare tools like “automated EHR systems”. But amidst this innovative surge, a crucial question often lingers: "What if a bad actor decides to toy with my LLM app, making it behave in ways it was never intended to?" In October 2023, the OWASP foundation released their top 10 vulnerabilities in LLM apps. In the report, the top 3 vulnerabilities were Prompt Injections, Insecure Output Handling, and PII data leakage. Thus, in this session, through live demos, attendees will learn about these prompt hacking vulnerabilities, mitigation strategies, and the importance of 'secure by design' practices in app development. The goal is to equip attendees with the knowledge to build secure LLM apps.

Prerequisites

Should have used an LLM like ChatGPT or Llama before, but this is not a requirement

Take Aways

  • Learn about prompt hacking strategies that are used to exploit LLM apps.
  • Learn about defensive prompting techniques to prevent these prompt hacking attacks.
  • Learn how to deal with PII, and insecure outputs going in and out of an LLM app.
favorited by:
Chris Weinert Robert Derman Ross Larson Josh Gretz Cody Sand Andy Bottom Justin Weyenberg Brett Allenstein Pranav Shikarpur Adam Kerr Jason Cairol Joel Keyser