Applied GAI in Security

Sign in Subscribe

Brandon Dixon

Brandon Dixon

Brandon is a cybersecurity expert currently leading Security Copilot at Microsoft. He is known for creating PassiveTotal, Blockade.io, NinjaJobs, PDF X-Ray, and other opensource tools

Last Week in GAI Security Research - 11/25/24

Last Week in GAI Security Research - 11/25/24

Highlights from Last Week * 🦹‍♂ RAG-Thief: Scalable Extraction of Private Data from Retrieval-Augmented Generation Applications with Agent-based Attacks * 🐠 Adapting to Cyber Threats: A Phishing Evolution Network (PEN) Framework for Phishing Generation and Analyzing Evolution Patterns using Large Language Models * 🧵 A Flexible Large Language Models Guardrail Development Methodology Applied to Off-Topic Prompt

Last Week in GAI Security Research - 11/18/24

Last Week in GAI Security Research - 11/18/24

Highlights from Last Week * 👹 Unmasking the Shadows: Pinpoint the Implementations of Anti-Dynamic Analysis Techniques in Malware Using LLM * 🐑 LLM App Squatting and Cloning * ✅ Trustful LLMs: Customizing and Grounding Text Generation with Knowledge Bases and Dual Decoders * 💔 RedCode: Risky Code Execution and Generation Benchmark for Code Agents * 🎓 MultiKG: Multi-Source Threat Intelligence

Agents, clarified.

Agents, clarified.

In recent months, I've observed "agents" and "agentic" terms supplanting generic concepts like "language models" and "generative AI". Overall, this is a net-positive for the industry as it acknowledges that single-turn, stateless language models alone are not enough to solve

Last Week in GAI Security Research - 11/11/24

Last Week in GAI Security Research - 11/11/24

Highlights from Last Week * 💉SQL Injection Jailbreak: a structural disaster of large language models * ❇ Fixing Security Vulnerabilities with AI in OSS-Fuzz * 🏭 LLMs for Domain Generation Algorithm Detection * 🧫 AutoPT: How Far Are We from the End2End Automated Web Penetration Testing? * 🎭 Targeted Manipulation and Deception Emerge when Optimizing LLMs for User Feedback

Last Week in GAI Security Research - 11/04/24

Last Week in GAI Security Research - 11/04/24

Highlights from Last Week * 🤖 Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks * 🔊 Audio Is the Achilles' Heel: Red Teaming Audio Large Multimodal Models * 🌱 Sorting Out the Bad Seeds: Automatic Classification of Cryptocurrency Abuse Reports * 🦟 Fine-Tuning LLMs for Code Mutation: A New Era of Cyber Threats

Scaling Yourself with the AI Digest

Scaling Yourself with the AI Digest

Every week for the past 7 months, I've found myself executing a python script I call "deepthought" to summarize research papers that talk about applying generative AI to security problems. This process is what powers the "Last Week in GAI" digests I send out

Last Week in GAI Security Research - 10/28/24

Last Week in GAI Security Research - 10/28/24

Highlights from Last Week * 🛡 Countering Autonomous Cyber Threats * 🚪 Breaking ReAct Agents: Foot-in-the-Door Attack Will Get You In * 📱 MobileSafetyBench: Evaluating Safety of Autonomous Agents in Mobile Device Control * 🧾 ProveRAG: Provenance-Driven Vulnerability Analysis with Automated Retrieval-Augmented LLMs * 🦾 Towards Automated Penetration Testing: Introducing LLM Benchmark, Analysis, and Improvements Partner Content Pillar Security is