Skip to main content
ISC2 Security Congress 2024 Main banner
 
Icon Legend
Additional Fee Required
Additional Fee Required
Pre-Registration Required
Pre-Registration Required
Online & Virtual
Online & Virtual
Onsite Only
Onsite Only
Earn CPE Credits
Earn CPE Credits
Livestreamed Session
Livestreamed Session
Included in Guest Pass
Included in Guest Pass
Invite Only
Invite Only
Session Recorded
Session Recorded
Student Experience
Student Experience
Back

On-Site and Virtual

Software Security

Mitigating Security Risks in RAG-Enhanced LLM Deployments

Monday, October 14, 2024
10:20am – 11:20am PT
Location: Roman II
CPE Credits 1
Earn CPE Credits Session Recorded Livestreamed Session Online & Virtual
Retrieval-Augmented Generation (RAG) has emerged as a powerful technique in the realm of large language models (LLMs), enabling sophisticated AI applications. While RAG enhances model capabilities by integrating external knowledge retrieval, its adoption introduces significant security challenges. Mitigating these risks demands a comprehensive approach, including secure software development, robust infrastructure, responsible ML practices, and ongoing monitoring. Transparency is crucial to manage user expectations regarding RAG's capabilities and constraints. This presentation investigates the architecture of RAG, identifies inherent security risks across its stages, and proposes effective strategies to mitigate these risks in the development of RAG-based LLM applications.

Learning Objectives:

  • Gain insights into the foundational architecture of Retrieval-Augmented Generation and its integration with Large Language Models.
  • Recognize common security vulnerabilities in RAG-based LLM applications, including data integrity threats and potential exposure to adversarial attacks.
  • Learn practical techniques and best practices to implement robust security measures throughout the lifecycle of RAG-LLM development, safeguarding against security risks effectively.