AI Security & Governance Certification

Course content
Create Account

Log in / Create account to save progress and earn badges

Module 0
Introduction to AI Governance Certification
1 Topic
Overview: Introduction to AI Governance Certification
Module 1
Introduction to AI and Generative AI
7 Topics | 1 Quiz
Overview: Introduction to AI and Generative AI
Discriminative AI and Generative AI
Significance of Artificial Intelligence
Generative AI and Its Value
Technology Underlying the Generative AI
Generative AI’s Need for Data
Significant Risks Associated with the AI
Quiz
Module 2
Introduction to AI Governance
5 Topics | 1 Quiz
Overview: Introduction to AI Governance
What Is AI Governance?
AI TRiSM
Challenges Posed by Unregulated or Uncontrolled AI
5-Step Path to AI Governance
Quiz
Module 3
AI Model Discovery
5 Topics | 1 Quiz
Overview AI Model Discovery
AI Models in Public Clouds, SaaS Applications, and Private Environments
Model Cards
Cataloging AI Models for Full Visibility
Trends in AI Model Discovery
Quiz
Module 4
AI Risk Assessment
13 Topics | 1 Quiz
Overview: AI Risk Assessment
Framing AI Risks
NIST AI RMF
EU AI Act
Defining AI Trustworthiness
Risk Management and the Lifecycle of AI
The Components of AI Risk Management Frameworks
AI Impact Assessments (AIIA)
AI Risk Assessment
AI Risk Assessment vs. AI Risk Management
AI Vendor Assessments
AI Readiness Assessments
Comparing Various Types of Assessments
Quiz
Module 5
Understanding Data and AI Relationships
3 Topics | 1 Quiz
Overview: Understanding Data and AI Relationships
What is Data + AI Mapping?
Unpacking Data and Processes Tied to AI
Quiz
Module 6
Controlling Data Inputs and Outputs
6 Topics | 1 Quiz
Overview: Controlling Data Inputs and Outputs
Safe Data Ingestion with Adherence to Entitlements
Attacks against Generative AI Systems – OWASP Top 10 for LLMs
Attacks Against Generative AI Systems – NIST Trustworthy & Responsible AI
Technical Measures to Mitigate Security Risks
Security Controls and LLM Firewalls
Quiz
Module 7
AI Regulatory Compliance
7 Topics | 1 Quiz
Overview: AI Regulatory Compliance
AI Regulatory Landscape
The Regulatory Response to AI
Application of Existing Laws
AI Regulatory Compliance: Key Obligations
AI Compliance Management
Significance of AI Regulatory Compliance
Quiz
Module 8
AI Governance Program & Management
5 Topics | 1 Quiz
Overview: AI Governance Program & Management
AI Governance Program and Management
Successful Implementation of the AI Governance Program
Building Blocks of an AI Governance Program
Translating AI Governance into Business Success
Quiz
Module 9
Recap: AI Governance Certification
1 Topic
AI Governance Certification Summary
Module 10
Certification Exam
1 Quiz
AI Governance Certification Exam
AI Security & Governance Certification
View course details →

Security Controls and LLM Firewalls

Mark Complete Enroll now to save progress and earn badges. Click to continue.
AI Security & Governance Certification Controlling Data Inputs and Outputs Security Controls and LLM Firewalls

Security Controls and LLM Firewalls

To enhance the security of AI interactions, the implementation of LLM (Large Language Models) firewalls has become crucial. These firewalls serve as sophisticated security measures, designed to filter out harmful prompts, data retrievals, and responses. They act as a protective barrier for AI systems, safeguarding against external attacks, malicious internal use, and misconfigurations. LLM firewalls should have built-in policies that cover sensitive data, tone, topic, phishing, and attacks, ensuring comprehensive security and compliance. Additionally, they should allow for the creation of new policies and implement actions such as redaction, message blocking, and session termination, all built on a proven policy framework. Let us delve into the specifics of different types of LLM firewalls, each catering to a unique aspect of AI security.

The Retrieval Firewall is specifically engineered to monitor and control the data retrieved during Retrieval Augmented Generation (RAG) processes. This type of firewall plays a critical role in sensitive information management: It focuses on redacting any sensitive data encountered during the retrieval process, while simultaneously logging the event for further investigation. This ensures that personal or confidential information is not inadvertently exposed. In terms of topic compliance, it ensures that the data retrieved is relevant and adheres to the specified topic criteria, aligning with the chatbot’s intended use or the conversation’s context. Regarding indirect prompt injection, this aspect of the firewall is dedicated to examining the retrieved data for any attempts at data poisoning or efforts to compromise the LLM through sophisticated prompt injections or jailbreaking techniques.

Prompt Firewall

The Prompt Firewall scrutinizes user prompts directed at an LLM, along with any associated data, to preemptively identify and mitigate potential malicious use:

  • Sensitive Information: By redacting sensitive information from prompts, it prevents the LLM from searching for or retrieving protected data, thereby enhancing privacy and security.
  • Phishing Prevention: It blocks attempts to retrieve personal, authentication, or financial information, thereby thwarting phishing efforts directly at the prompt level.
  • Jailbreak / Prompt Injection: This feature actively prevents attempts to circumvent the LLM’s built-in protections through common jailbreaking or prompt injection tactics.
  • Additional Protections: It also addresses anomalies in access patterns, knowledge scraping, toxic behavior, engagement with prohibited topics, and unauthorized source code submission.

Response Firewall

The Response Firewall is tasked with examining and regulating the responses generated by LLMs to ensure they align with user expectations and maintain a high standard of security:

  • Sensitive Information: Any sensitive information produced in the model’s response is immediately redacted, protecting users from unintended data exposure.
  • Toxicity and Sentiment Control: Responses containing toxic content or negative sentiment are blocked, fostering a positive and respectful interaction environment.
  • Content Filtering: Beyond the immediate concerns, it also filters out responses that may be irrelevant, engage with prohibited topics, or contain unauthorized source code.
  • Streaming Operation: It analyzes the responses in real-time, ensuring that they are not only prompt but also accurately reflect the user’s query or command.

Through these specialized firewalls, AI systems are equipped with robust mechanisms to preemptively identify and neutralize potential security threats, ensuring that interactions remain secure, relevant, and aligned with ethical standards and regulatory requirements. Ultimately, the goal is not to limit AI progress but to channel it wisely. LLM firewalls help strike that balance. They enable cutting-edge systems that enrich our lives while restricting harmful or biased content that should not be amplified.

Previous Topic
Back to Lesson
Attempt Quiz

Company

Resources

Terms

Get in touch

[email protected]
Securiti, Inc.
300 Santana Row
Suite 450
San Jose, CA 95128

Copyright © 2024 SECURITI.ai

Sitemap - XML Sitemap