VulnCon Logo

About The Speaker

Pallavi Deshmukh
Cloud Security Manager @ Coupa Software
cat ~/talk-title
The Art of Threat Modeling for LLM Applications
cat ~/talk-category
Technical Speaker
cat ~/talk-abstract

Large Language Models (LLMs) have undoubtedly taken the news by storm, as everyone from cybersecurity professionals are interested in exploring the power of this magic. As this technology becomes an integral part of our daily lives, it's imperative for us to implement robust security measures in the face of rapid deployment. This challenge has prompted us to think deeply about threat modeling these types of LLMs

Threat Modeling talks about modeling a system from a security perspective, identifying applicable threats based on this model, and determining responses to these threats. Ideally this is performed early in the SDLC, such as during the design phase. We call it as Depth-first approach instead of a breadth-first approach.

We’re going to talk about and answer on below parameters,

  • What are we working on?
  • What can go wrong?
  • What are we going to do about it?
  • Did we do a good enough job?

Will discuss about possible threats w.r.t. LLMs and AI apps globally and how those attacks are becoming more risks to organizations. We’re going to talk about various methods and techniques to conduct threat modeling for LLM apps.

Will talk about sample LLM DFD and architecture along with the demo on how to conduct threat modeling for the same. Will define trust boundaries and model standard LLM against possible threats.

cat ~/speaker-bio

I am a Cloud Security Manager with over 14 years of experience. I lead cloud security teams and am enthusiastic about penetration testing. I am passionate about promoting application security and have a strong background in security research across various domains. My dedication to cybersecurity, coupled with my pioneering contributions as a woman in application security, ensures lively discussions at the conference.