Part 1: Foundations of LLM Security

Book Overview & Buying
Table Of Contents

AI-Native LLM Security

By : Vaibhav Malik, Ken Huang, Ads Dawson

Buy this Book

AI-Native LLM Security

By: Vaibhav Malik, Ken Huang, Ads Dawson

Buy this Book

Overview of this book

Adversarial AI attacks present a unique set of security challenges, exploiting the very foundation of how AI learns. This book explores these threats in depth, equipping cybersecurity professionals with the tools needed to secure generative AI and LLM applications. Rather than skimming the surface of emerging risks, it focuses on practical strategies, industry standards, and recent research to build a robust defense framework. Structured around actionable insights, the chapters introduce a secure-by-design methodology, integrating threat modeling and MLSecOps practices to fortify AI systems. You’ll discover how to leverage established taxonomies from OWASP, NIST, and MITRE to identify and mitigate vulnerabilities. Through real-world examples, the book highlights best practices for incorporating security controls into AI development life cycles, covering key areas such as CI/CD, MLOps, and open-access LLMs. Built on the expertise of its co-authors—pioneers in the OWASP Top 10 for LLM applications—this guide also addresses the ethical implications of AI security, contributing to the broader conversation on trustworthy AI. By the end of this book, you’ll be able to develop, deploy, and secure AI technologies with confidence and clarity. *Email sign-up and proof of purchase required

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Free Benefits with Your Book

Free Chapter

Part 1: Foundations of LLM Security

Chapter 1: Fundamentals and Introduction to Large Language Models

The evolution and impact of AI – from foundations to LLMs

LLMs – an overview

Advanced techniques and enhancements in LLMs

Summary

Further reading

Chapter 2: Securing Large Language Models

AI-native LLM security – safeguarding the future of AI

The unique challenges of securing LLMs

LLMs – state-of-the-art applications and emerging trends

Real-world applications and case studies

Recent developments and emerging trends

Summary

Further reading

Chapter 3: The Dual Nature of LLM Risks: Inherent Vulnerabilities and Malicious Actors

Inherent vulnerabilities: model opacity, bias, and unpredictability

Malicious threats: data poisoning, model stealing, and output manipulation

Real-world examples: healthcare bias and social media moderation

Critical principles for securing LLMs

Summary

Further reading

Chapter 4: Mapping Trust Boundaries in LLM Architectures

Understanding trust boundaries in LLM architectures

Data-related attack surfaces in LLM architectures

Model-related attack surfaces in LLM architectures: an in-depth analysis

Deployment-related attack surfaces in LLM architectures

Supply chain risks in LLM architectures: navigating the complexities of third-party dependencies

Summary

Further reading

Chapter 5: Aligning LLM Security with Organizational Objectives and Regulatory Landscapes

Integrating LLM security into enterprise risk management

Navigating legal and regulatory landscapes for LLM deployment

Ethical considerations and responsible AI principles for LLMs

Stakeholder engagement and cross-functional collaboration

Measuring and communicating LLM security performance

Summary

Further reading

Part 2: The OWASP Top 10 for LLM Applications

Chapter 6: Identifying and Prioritizing LLM Security Risks with OWASP

Overview of the OWASP Top 10 methodology

Adapting OWASP for LLM applications: key considerations

Criteria for inclusion in the LLM Top 10

Using the LLM Top 10 for risk assessment and prioritization

Integrating the LLM Top 10 into organizational risk management

Summary

Chapter 7: Diving Deep: Profiles of the Top 10 LLM Security Risks

Injection flaws: prompt injection, data poisoning, and model manipulation

Broken authentication and session management in LLM systems

Sensitive data exposure – training data leakage and model inversion

Broken access control and unauthorized model access

Security misconfigurations in LLM deployment environments

Summary

Chapter 8: Mitigating LLM Risks: Strategies and Techniques for Each OWASP Category

Introducing LLM applications into common system architecture and defense-in-depth approaches

Preventing injection flaws: input validation, sanitization, and robust parsing

Implementing strong authentication and session management for LLM systems

Protecting sensitive data: encryption, access controls, and data minimization

Enforcing granular access control for LLM models and endpoints

Hardening LLM deployment environments: configuration management and continuous monitoring

Managing risks of Overreliance (LLM09) on LLM applications

Summary

Chapter 9: Adapting the OWASP Top 10 to Diverse Deployment Scenarios

Identifying risk profiles for different LLM application types

Adapting the Top 10 to chatbots and conversational AI systems

Applying the Top 10 to content generation and creative AI applications

Scaling the Top 10 for enterprise-wide LLM deployment and governance

Summary

Part 3: Building Secure LLM Systems

Chapter 10: Designing LLM Systems for Security: Architecture, Controls, and Best Practices

Principles of secure LLM system architecture

LLM-specific security considerations

Reference architecture components

Designing for isolation and least privilege

Securing data flows and communication channels

Implementing robust access controls and authentication mechanisms

Integrating security monitoring and response capabilities

Summary

Further reading

Chapter 11: Integrating Security into the LLM Development Life Cycle: From Data Curation to Deployment

Secure data collection, curation, and preprocessing

Protecting model integrity during training and validation

Conducting rigorous security testing and evaluation

Secure deployment and runtime protection measures

Continuous monitoring, auditing, and incident response

Summary

Further reading

Chapter 12: Operational Resilience: Monitoring, Incident Response, and Continuous Improvement

Designing comprehensive monitoring and alerting strategies

Detecting anomalies and potential security incidents in LLM systems

Developing and executing effective incident response plans

Conducting post-incident reviews and root cause analysis

Driving continuous improvement of LLM security posture

Summary

Further reading

Chapter 13: The Future of LLM Security: Emerging Threats, Promising Defenses, and the Path Forward

Emerging threats: the next generation of LLM security challenges

Promising defensive innovations: research frontiers and cutting-edge techniques

Additional frontier research topics in LLM security

The evolving regulatory landscape: navigating changing compliance requirements

The importance of collaboration: engaging with the LLM security community

Summary

Index

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Appendices: Latest OWASP Top 10 for LLM and OWASP AIVSS Agentic AI Core Risks

Appendix A: OWASP Top 10 for LLM Applications - 2025 Update

Evolution timeline

Version comparison and mapping

Detailed analysis of changes

Architecture evolution impact

Emerging patterns and trends

Implementation recommendations

Future considerations

Deep dive into the 2025 newcomers

Conclusion

Appendix B: OWASP AIVSS Core Agentic AI Security Risks

The what and why of the OWASP AIVSS project

High-level overview of the OWASP AIVSS core agentic AI risks

Deep dive into OWASP AIVSS’s core agentic AI risks items

Conclusion

Appendix C: Unlock Your Exclusive Benefits

Unlock this Book’s Free Benefits in 3 Easy Steps

AI-Native LLM Security

By : Vaibhav Malik, Ken Huang, Ads Dawson

AI-Native LLM Security

By: Vaibhav Malik, Ken Huang, Ads Dawson

Overview of this book

Confirmation

Buy this book with your credits?

Submit Your Feedback

Create a Free Account To Continue Reading

Sign in to activate your 7-day free access