Applied GAI in Security

Sign in Subscribe

Brandon Dixon

Brandon Dixon

Brandon is a cybersecurity expert currently leading Security Copilot at Microsoft. He is known for creating PassiveTotal, Blockade.io, NinjaJobs, PDF X-Ray, and other opensource tools

Last Week in GAI Security Research - 12/16/24

Last Week in GAI Security Research - 12/16/24

Highlights from Last Week * 🙅 Trust No AI: Prompt Injection Along The CIA Security Triad * 🔁 Enhancing Adversarial Resistance in LLMs with Recursion * 🕰 Adversarial Vulnerabilities in Large Language Models for Time Series Forecasting * 🐇 MAGIC: Mastering Physical Adversarial Generation in Context through Collaborative LLM Agents * 🎭 From Allies to Adversaries: Manipulating LLM Tool-Calling through

Last Week in GAI Security Research - 12/09/24

Last Week in GAI Security Research - 12/09/24

Highlights from Last Week * 🚸 Trust & Safety of LLMs and LLMs in Trust & Safety * 🤓 Hacking CTFs with Plain Agents * 👻 Unleashing GHOST: An LLM-Powered Framework for Automated Hardware Trojan Design * 📇 OCR Hinders RAG: Evaluating the Cascading Impact of OCR on Retrieval-Augmented Generation * 📊 AI Benchmarks and Datasets for LLM Evaluation Partner

Agentic Security Marketmap

Agentic Security Marketmap

Since April, I've been tracking the security startup space, specifically as it relates to agents and agentic workflows. Back then, there were a handful of security companies leaning into the concept of agents and demonstrating real progress. In just over 6 months, I've seen sizable increase

Last Week in GAI Security Research - 12/02/24

Last Week in GAI Security Research - 12/02/24

Highlights from Last Week * 📚 EnStack: An Ensemble Stacking Framework of Large Language Models for Enhanced Vulnerability Detection in Source Code * 👤 Sensitive Content Classification in Social Media: A Holistic Resource and Evaluation * ☣️ Knowledge Database or Poison Base? Detecting RAG Poisoning Attack through LLM Activations * 🏛 Fine-Tuning LLMs with Noisy Data for Political

Last Week in GAI Security Research - 11/25/24

Last Week in GAI Security Research - 11/25/24

Highlights from Last Week * 🦹‍♂ RAG-Thief: Scalable Extraction of Private Data from Retrieval-Augmented Generation Applications with Agent-based Attacks * 🐠 Adapting to Cyber Threats: A Phishing Evolution Network (PEN) Framework for Phishing Generation and Analyzing Evolution Patterns using Large Language Models * 🧵 A Flexible Large Language Models Guardrail Development Methodology Applied to Off-Topic Prompt

Last Week in GAI Security Research - 11/18/24

Last Week in GAI Security Research - 11/18/24

Highlights from Last Week * 👹 Unmasking the Shadows: Pinpoint the Implementations of Anti-Dynamic Analysis Techniques in Malware Using LLM * 🐑 LLM App Squatting and Cloning * ✅ Trustful LLMs: Customizing and Grounding Text Generation with Knowledge Bases and Dual Decoders * 💔 RedCode: Risky Code Execution and Generation Benchmark for Code Agents * 🎓 MultiKG: Multi-Source Threat Intelligence

Agents, clarified.

Agents, clarified.

In recent months, I've observed "agents" and "agentic" terms supplanting generic concepts like "language models" and "generative AI". Overall, this is a net-positive for the industry as it acknowledges that single-turn, stateless language models alone are not enough to solve