Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel Dominik Kundel PRO
January 23, 2024
Programming
300
0

Rogue Agents - Stop AI from misusing APIs

Avatar for Dominik Kundel

Dominik Kundel PRO

January 23, 2024

More Decks by Dominik Kundel

See All by Dominik Kundel
AWS re:Invent '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
110
AI for Marketers Sept '24 - How AI Agents will change your
Avatar for Dominik Kundel dkundel
PRO
0
320
AGI Builders July '24 - Rogue Agents - Stop AI from misusing APIs
Avatar for Dominik Kundel dkundel
PRO
0
260
AI Engineer World's Fair '24 - Cooking with Fire without
Avatar for Dominik Kundel dkundel
PRO
0
250
SIGNAL 2021 - Live Developer Mode
Avatar for Dominik Kundel dkundel
PRO
0
210
OpenJS World - What the AST?
Avatar for Dominik Kundel dkundel
PRO
0
520
WFHConf - Move to TypeScript at your own Pace
Avatar for Dominik Kundel dkundel
PRO
0
370
SFNode '20 - How to move your project to TypeScript
Avatar for Dominik Kundel dkundel
PRO
0
360
Node+JS Interactive '19 - When Porgs Scream at Webpack and Other Stories
Avatar for Dominik Kundel dkundel
PRO
0
380

Other Decks in Programming

See All in Programming
PHPで使える日時の表現と、その知り方 #frontend_phpcon_do
Avatar for hideki kinjyo o0h
PRO
0
130
柔軟なPDFレイアウトエディタを支える型システム設計 — Discriminated UnionとConditional Typeの実践
Avatar for minako-ph minako__ph
4
1.2k
net-httpのHTTP/2対応について
Avatar for NARUSE, Yui naruse
0
380
Migrations : C'est une question d'hygiène !
Avatar for Vincent Amstoutz vinceamstoutz
0
2.5k
Why Laravel apps break—Mastering the fundamentals to keep them maintainable
Avatar for 武田 憲太郎 kentaroutakeda
1
320
Lemonade + Foundry Toolkit でお手軽アプリ開発
Avatar for 瀬尾佳隆 seosoft
1
250
AI時代の仕事技芸論 — ソフトウェア開発で「遊ぶように働く」職人的熟達のすすめ
Avatar for Yoshihito Kuranuki / 倉貫義人 kuranuki
1
540
Claspは野良GASの夢をみるか
Avatar for てらうちたかし takter00
0
140
These Five Tricks Can Make Your Apps Greener, Cheaper, & Nicer
Avatar for Holly Cummins hollycummins
0
250
AIエージェントと協働するCLI開発 — BunとOpenClawで学んだこと
Avatar for よしこ yoshikouki
1
230
ECR拡張スキャンでSBOMを収集して サプライチェーン攻撃の影響調査を 爆速で終わらせてみた
Avatar for アキキー | Akihisa Ikeda akihisaikeda
2
210
RTSPクライアントを自作してみた話
Avatar for simotin13 simotin13
0
390

Featured

See All Featured
The #1 spot is gone: here's how to win anyway
Avatar for Tamara Novitovic tamaranovitovic
2
1.1k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
Avatar for UX Y'all uxyall
0
1.5k
We Analyzed 250 Million AI Search Results: Here's What I Found
Avatar for Josh Blyskal joshbly
1
1.3k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
34
2.8k
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
370
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
67k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
Avatar for Ines Montani inesmontani
PRO
0
390
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
70
39k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
Lightning talk: Run Django tests with GitHub Actions
Avatar for Sarah Abderemane sabderemane
0
190
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
65
55k
The AI Search Optimization Roadmap by Aleyda Solis
Avatar for Aleyda Solis aleyda
1
5.8k

Transcript

  1. Rogue Agents Stop AI from misusing APIs TechTalks SF -

    Jan ‘24 Dominik Kundel d-k.im/rogue-agents Dominik Kundel | @dkundel

  2. Dominik Kundel | @dkundel

  3. console.log(` Hi! I’m Dominik Kundel `); dkundel.com @dkundel [email protected] github/dkundel

    Product Lead @ Twilio && JavaScript Hacker Dominik Kundel | @dkundel

  4. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  5. How can we have AI safely interact with APIs? Dominik

    Kundel | @dkundel

  6. How can we have AI interact with APIs? Dominik Kundel

    | @dkundel

  7. Dominik Kundel | @dkundel How to connect AI to APIs

    Platforms Frameworks Native LLM Functions 🦜🔗

  8. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  9. Dominik Kundel | @dkundel Platforms Frameworks Native LLM Functions 🦜🔗

    Source: LangChain Documentation

  10. What’s the problem? Dominik Kundel | @dkundel

  11. Dominik Kundel | @dkundel

  12. Dominik Kundel | @dkundel

  13. Unpredictable Dominik Kundel | @dkundel

  14. Dominik Kundel | @dkundel Easily Impressionable

  15. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  16. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  17. Dominik Kundel | @dkundel Source: Simon Willison - Prompt Injections:

    what’s the worst that can happen?

  18. Dominik Kundel | @dkundel Rules are “suggestions”

  19. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  20. Dominik Kundel | @dkundel Source: Simon Willison - Prompt injections

    explained

  21. Dominik Kundel | @dkundel The problems with LLMs Unpredictable Easily

    Impressionable Rules “suggestions”

  22. Dominik Kundel | @dkundel

  23. How do we “LLM-proof” our APIs? Dominik Kundel | @dkundel

  24. Dominik Kundel | @dkundel

  25. Dominik Kundel | @dkundel

  26. Dominik Kundel | @dkundel

  27. Dominik Kundel | @dkundel

  28. Dominik Kundel | @dkundel LLM

  29. Dominik Kundel | @dkundel

  30. Dominik Kundel | @dkundel

  31. Dominik Kundel | @dkundel

  32. Dominik Kundel | @dkundel

  33. Dominik Kundel | @dkundel LLM

  34. What security measures? Dominik Kundel | @dkundel

  35. Dominik Kundel | @dkundel Security Measures

  36. Dominik Kundel | @dkundel Security Measures Data Validation

  37. Dominik Kundel | @dkundel Security Measures Data Validation Rate Limiting

  38. Dominik Kundel | @dkundel Security Measures Data Validation Authentication Rate

    Limiting

  39. Dominik Kundel | @dkundel Security Measures

  40. Dominik Kundel | @dkundel Security Measures Authorization

  41. Dominik Kundel | @dkundel Security Measures Authorization Least Privilege

  42. Dominik Kundel | @dkundel Security Measures Authorization Eliminate con fi

    dential & unnecessary data Least Privilege

  43. Dominik Kundel | @dkundel Do threat modeling!

  44. Dominik Kundel | @dkundel Takeaways?

  45. Treat AI-exposed APIs as public Dominik Kundel | @dkundel Takeaways?

  46. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways?

  47. Treat AI-exposed APIs as public Security mechanisms outside AI world

    Dominik Kundel | @dkundel Takeaways? Toddler-proof your home API!

  48. console.log(` 💖 Thank You! 🎉 `); dkundel.com @dkundel [email protected] github/dkundel

    d-k.im/rogue-agents Dominik Kundel | @dkundel | #workfromhomeconf |