September 2024
Intermediate to advanced
200 pages
6h 4m
English
Content preview from The Developer's Playbook for Large Language Model Security
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 10. Learning from Future History
The function of science fiction is not always to predict the future but sometimes to prevent it.
Frank Herbert, author of Dune
While AI isn’t a new field, it has recently advanced to the point where today’s innovations often collide with yesterday’s science fiction. In this book’s previous chapters, we’ve reviewed many real-world case studies of security vulnerabilities and incidents relating to LLMs. However, how can you stay ahead of the game when you’re working in a field that’s moving so fast? One way is to see what we can learn from scenarios that haven’t yet happened. And, hopefully, if we do our job, these scenarios may never happen.
In this chapter, we will evaluate two famous stories (both told in blockbuster science fiction movies) where LLM-like AIs have had their security flaws exploited by villains or heroes. The stories are fictional, but the vulnerability types are very real. We’ll summarize the stories and then review the events that led to the security crises. To help ground us, we’ll do this through the lens of the OWASP Top 10 for LLM Applications.
Reviewing the OWASP Top 10 for LLM Apps
In Chapter 2, we discussed creating the OWASP Top 10 for LLM Applications, but we didn’t get into the specifics of the list. In this chapter, we’ll use the taxonomy presented by the OWASP Top 10 for LLMs to dissect our two sci-fi examples. Before diving into those examples, let’s briefly review the OWASP list and tie it to the topics ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.