HTTP Parameter Pollution
Updated
ā¢1 min read
Are you safeguardingš your web app against HTTP Parameter Pollution (HPP)? Discover the silent dangerā ļø in today's comic.
Command Palette
Search for a command to run...
More from this blog
Indirect Prompt Injection
Are you building your next LLM integration? Please consider this: Integrations for data retrievals can introduce vulnerabilities in your LLM, allowing attackers to inject malicious prompts. This type of vulnerability is known as Indirect Prompt Injec...
Jun 5, 20241 min read92
Terraform Security
Terraform is a go-to for infrastructure as code (IaC), letting developers easily set up and manage infrastructure. But, as with any tool, it brings security challenges. Here are five key tips to keep your Terraform setups safe and solid š
May 29, 20241 min read38
Prompt Injection Defence Tools
Guard your LLM against prompt injection with these powerful tools: - https://github.com/protectai/llm-guard - https://github.com/protectai/rebuff - https://github.com/NVIDIA/NeMo-Guardrails - https://github.com/amoffat/HeimdaLLM - https://github.com/...
May 22, 20241 min read108
ML Model Deployment Lifecycle Threats
What could go wrong during the ML model deployment lifecycle (Part 2)? Continuing the example threat model from last time. It is based on the talk "Kubernetes MLSec: Securing AI in Space" by Francesco Beltramini and James Callaghan of ControlPlane. L...
May 15, 20241 min read13
ML Model Development Lifecycle Threats
What could go wrong during the ML model development lifecycle? Here is an example threat model based on the talk "Kubernetes MLSec: Securing AI in Space" by Francesco Beltramini and James Callaghan of ControlPlane. Link: [https://www.youtube.com/watc...
May 8, 20241 min read52
