The rapid increase in usage of large language models (LLMs) in the last years makes it necessary to address the specific security risks of LLMs. In this presentation, we will examine typical vulnerabilities in LLMs from a practical perspective. Starting with a systematic overview, we will use a specific demo app to illustrate the various attack scenarios. Vulnerabilities like prompt injection, data poisoning and system prompt leakage will be explained and demonstrated as well as attacks on RAG and agent implementations. In addition to a basic introduction and a presentation of specific vulnerabilities, the talk also presents suitable countermeasures and general best practices for the use of LLMs in productive applications.

What to expect? Attending this talk, you learn which vulnerabilities need to be considered when using and integrating LLMs. You will see how specific attacks work and what risks are associated with them. You will also learn which countermeasures are suitable and how these can be implemented technically.