Introduction to the AI Security Series
It’s the hottest piece of tech since the release of GPT-3: AI. It’s a topic that’s so hard to avoid these days that it became quite annoying for many. Still it’s very real and many companies introduce more and more products and features that leverage AI. Therefore it’s important to also talk about AI security. With this post I would like to introduce a new series on this blog about exactly this: AI Security. This series is all about the risks that are introduces by generative AI and agentic AI.
The series will be divided into 5 part that will cover the following topics:
1. Safety alignment bypasses
This post will mainly focus on prompt injections and jailbreaks. These are the most common attacks against AI systems and also quite easy to understand and not super technical. Therefore it’s a good starting point for this new series.
2. Access controls
AI systems often times use external data coming from websites, APIs or RAgs for better context. Ensuring users can only access the data they’re supposed to access is as important as in regular IT systems, but more difficult to implement. This post will focus and where and how access controls should be implemented in AI systems.
3. Supply Chain Risks
Most AI systems are more complex than they seem to be. Even if theres just a simple chat interface that’s visible to the user, there might be a complex architecture behind it. Different LLMs, Agents, Databases, Tools, finetuned models and third party libraries and software. All these individual parts introduce security risks into the AI system. This part of the series will try to uncover all supply chain risks that can be easily overseen.
4. Agentic AI
Agents are the champions league in the world of AI. Complex architectures with advanced capabilities, but also LLMs acting on their own and making decisions independently. The error potential for agentic systems is big. This post will also cover common protocols like A2A and MCP that are often times used in agentic systems.
Conclusion
This series will cover the most important elements of security for generative AI. You can easily navigate between the different part of the series using the menus at the top and bottom. There’s no fixed schedule when the posts will be released. I’ll try to post a new part every one or two weeks.
