当前位置:首页 > 报告详情

当护栏不足以应对安全威胁时:利用架构控制重塑智能体人工智能安全.pdf

上传人: 竿*** 编号:981911 2025-11-29 49页 1.53MB

1、#BHUSA BlackHatEventsWhen Guardrails Arent EnoughWhen Guardrails Arent EnoughReinventing Agentic AI Security With Architectural ControlsDavid Richards Brauchler III#BHUSA BlackHatEventsA Story:Consider An Alternate History The year is 1991,HTTP 0.9 released All web traffic accesses static pages Prim

2、ary risk:Modified site content In response,we invent the WAF As the web develops,WAF is our first(and often only)line of defenseWAF#BHUSA BlackHatEventsAnd Yet Vulnerabilities PersistedWAF#BHUSA BlackHatEventsWeve Approached AI The Same WayGuardrails#BHUSA BlackHatEventsAllow Me To Prove That To You

3、#BHUSA BlackHatEventsRemote Code ExecutionAccessing internal cloud environment#BHUSA BlackHatEventsAdmin,Root,And Default Passwords Exposed Via RAGAlmost every word in this list is too sensitive to reveal on stage.#BHUSA BlackHatEventsControlAdmin Sessions#BHUSA BlackHatEventsDavid Brauchler IIINCC

4、Group Technical Director,AI/ML Security Practice Lead Appsec Specialist,Penetration Tester Barbecue Enthusiast Armchair Theologian Obsessed Technologist Retro Gamer,Serial Arcade Hopper#BHUSA BlackHatEventsAgendaRoot Cause AnalysisWhere does risk originate in AI systems?Threat ModelingHow do we eval

5、uate the security of AI environments?Key AI RisksWhere do AI technologies contribute to attack surface?Key Mitigation StrategiesHow do we integrate zero-trust with AI?Lessons LearnedHow do we implement these techniques into real applications?#BHUSA BlackHatEventsGuardrails Are Not Security Boundarie

6、s!Reputational risk is not your greatest risk Asset Confidentiality,Integrity,and Availability reign supremeGuardrails are statistical measures that do not offer“hard”security guarantees Guardrails are defense-in-depth measures,not first-order security controls Every guardrail can and will be bypass

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: 1. **AI安全挑战**:尽管WAF等传统安全措施存在,但AI系统仍面临远程代码执行、内部云环境访问等风险。 2. **信任中心范式**:AI系统的风险源于输入数据的信任级别,LLMs(大型语言模型)继承了输入数据的信任度。 3. **关键策略**: - **动态能力转移**:根据输入调整权限。 - **信任绑定**:将用户授权控制绑定到模型工具调用。 - **信任隔离**:将信任操作路由到高权限LLM,不信任操作路由到低权限LLM。 4. **威胁建模**:通过跟踪信任流和评估模型作为威胁行为者的可能性来评估风险。 5. **成熟组织的方法**:实施数据源和数据汇矩阵,以及模型作为威胁行为者的评估。
打破传统防线?" 信任如何被滥用?" 如何构建信任边界?"
客服
商务合作
小程序
服务号
折叠