Applied GAI in Security

Sign in Subscribe

Brandon Dixon

Brandon Dixon

Brandon is a cybersecurity expert currently leading Security Copilot at Microsoft. He is known for creating PassiveTotal, Blockade.io, NinjaJobs, PDF X-Ray, and other opensource tools

Agents, clarified.

Agents, clarified.

In recent months, I've observed "agents" and "agentic" terms supplanting generic concepts like "language models" and "generative AI". Overall, this is a net-positive for the industry as it acknowledges that single-turn, stateless language models alone are not enough to solve

Last Week in GAI Security Research - 11/11/24

Last Week in GAI Security Research - 11/11/24

Highlights from Last Week * 💉SQL Injection Jailbreak: a structural disaster of large language models * ❇ Fixing Security Vulnerabilities with AI in OSS-Fuzz * 🏭 LLMs for Domain Generation Algorithm Detection * 🧫 AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? * 🎭 Targeted Manipulation and Deception Emerge when Optimizing LLMs for User Feedback

Last Week in GAI Security Research - 11/04/24

Last Week in GAI Security Research - 11/04/24

Highlights from Last Week * 🤖 Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks * 🔊 Audio Is the Achilles' Heel: Red Teaming Audio Large Multimodal Models * 🌱 Sorting Out the Bad Seeds: Automatic Classification of Cryptocurrency Abuse Reports * 🦟 Fine-Tuning LLMs for Code Mutation: A New Era of Cyber Threats

Scaling Yourself with the AI Digest

Scaling Yourself with the AI Digest

Every week for the past 7 months, I've found myself executing a python script I call "deepthought" to summarize research papers that talk about applying generative AI to security problems. This process is what powers the "Last Week in GAI" digests I send out

Last Week in GAI Security Research - 10/28/24

Last Week in GAI Security Research - 10/28/24

Highlights from Last Week * 🛡 Countering Autonomous Cyber Threats * 🚪 Breaking ReAct Agents: Foot-in-the-Door Attack Will Get You In * 📱 MobileSafetyBench: Evaluating Safety of Autonomous Agents in Mobile Device Control * 🧾 ProveRAG: Provenance-Driven Vulnerability Analysis with Automated Retrieval-Augmented LLMs * 🦾 Towards Automated Penetration Testing: Introducing LLM Benchmark, Analysis, and Improvements Partner Content Pillar Security is

Last Week in GAI Security Research - 10/21/24

Last Week in GAI Security Research - 10/21/24

Highlights from Last Week * 🤔 Cognitive Overload Attack:Prompt Injection for Long Context * 💂‍♂ On Calibration of LLM-based Guard Models for Reliable Content Moderation * 🕷 When LLMs Go Online: The Emerging Threat of Web-Enabled LLMs * 🧌 Can LLMs be Scammed? A Baseline Measurement Study * 🌱 Evaluating Software Development Agents: Patch Patterns, Code Quality, and Issue

Hire an AI Strategist in Security

Hire an AI Strategist in Security

The current AI boom is unlike any other, moving at an unprecedented pace. It has been nearly two years since the launch of ChatGPT, and new advancements, features, and research papers continue to emerge almost daily. Many people I speak with—individuals and organizations—often feel overwhelmed by the amount