Large Language Models unlock new capabilities—and expose brand-new attack surfaces.
From prompt injection and data exfiltration to model denial-of-service and insecure plugin calls, adversaries are exploiting weaknesses traditional AppSec never anticipated.
The new OWASP LLM Top-10 provides a shared vocabulary for AI risks; this session turns that list into actionable engineering practice.
You’ll learn how to threat-model LLM endpoints, design guardrails that actually block malicious behavior, sandbox tools and plug-ins with least privilege, and align your mitigations to the NIST AI Risk Management Framework for audit-ready governance.
Problems Solved
Why Now
What You’ll Learn
Agenda
Opening: The New AI Attack Surface
How LLMs change the threat model. Examples of real-world attacks: prompt injections, indirect injections, model DoS, and exfiltration via vector stores.
Pattern 1: Threat Modeling LLM Endpoints Identify assets, trust boundaries, and high-risk flows. Apply STRIDE-inspired analysis to prompts, context windows, retrieval layers, and plugin calls.
Pattern 2: Designing Input/Output Guardrails Policy filtering, schema validation, and content moderation. Runtime vs compile-time guardrails—what actually works in production. Enforcing determinism and fail-safe defaults.
Pattern 3: Sandboxing and Least Privilege Plugins Secure function calling: scoped IAM, network egress rules, per-plugin secrets, and API key vaulting. Container isolation and ephemeral agent sandboxes.
Pattern 4: Data Protection and Tenancy in RAG Redacting sensitive data before embedding. Segregating tenant vectors and access policies. Auditing data lineage and evidence paths.
Pattern 5: Red Team & Evaluation Frameworks Running adversarial simulations aligned with OWASP LLM Top-10. Common exploits and how to detect them. Integrating automated red-team tests into CI/CD pipelines.
Pattern 6: Governance & Framework Mapping Mapping mitigations to NIST AI RMF (categories RA, MA, ME). Building dashboards and executive summaries for risk reporting.
Wrap-Up & Action Plan Summarize practical controls that can be implemented within 30 days. Introduce the Guardrail Policy Starter Kit + Red-Team Runbook templates. Live checklist review for readiness maturity.
Key Framework References
Takeaways