Workshop: Threat modeling LLMs and their Integrations
While on-premises LLM deployments are often touted as one-stop solutions to privacy and security concerns surrounding GenAI integration into workflows, there is more to the security of such solutions than just the conversation interface access location. LLMs and their integration into existing solutions pose numerous security risks, and the goal of this workshop is to help the participants to better understand and mitigate them. The workshop covers an introduction to the architecture of LLM solutions, basics of threat modeling according to the STRIDE model, and an introduction to a systematic threat modeling on LLM-integrating solutions. The workshop provides specific examples of a threat path being exploited in real life for a GLC-top5, going beyond OWASP-top-10, and offering the participants several scenarios to threat model by themselves.
