Vigil: Open-source LLM security scanner

0 0
Read Time:1 Minute, 48 Second

Vigil, an open-source security scanner, identifies prompt injections, jailbreak attempts, and potential threats to Large Language Models (LLMs). Prompt injection occurs when attackers manipulate LLMs through carefully crafted inputs, causing the models to unintentionally execute the attacker’s specified actions.

“I’ve been really excited about the possibilities of LLMs, but have also noticed the need for better security practices around the applications built around them and the data we give the applications access to. This project gave me a great chance to build something at the intersection of AI and cybersecurity. Hopefully it is providing other security researchers and developers a start in experimenting with existing LLM input and output safety measures, and even creating their own. More “whats possible” than anything I’d expect to be used directly in production,” Adam M. Swanda, the creator of Vigil, told Help Net Security.

Key Features of Vigil LLM Security Scanner:

  1. Modular and Extensible Design: Vigil boasts a flexible design that allows for easy expansion and customization.
  2. Diverse Detection Methods: The system supports YARA (heuristics), vector DB similarity, a transformer model, and prompt-response similarity.
  3. Simple Integration of Custom Scanners: Users can effortlessly incorporate custom scanners with minimal code requirements.
  4. Flexible Deployment Options: Vigil can be deployed as a self-hosted solution or seamlessly integrated with OpenAI.
  5. Pre-loaded Embedding Datasets and YARA Signatures: The scanner comes with pre-embedded datasets and YARA signatures for enhanced functionality.
  6. Auto-Update for Vector DB: The Vector DB can automatically update itself by detecting prompts when a specified threshold of scanners is met.
  7. Highly Configurable: Vigil offers extensive configurability, allowing users to enable/disable scanners, modify thresholds, and use different embedding models.
  8. Ease of Extensibility: Users can easily extend Vigil’s capabilities by adding custom scanners, introducing new YARA signatures, or updating the vector DB.

Access Vigil by downloading it from GitHub, where the repository offers essential detection signatures and datasets for initiating self-hosting.

Swanda is committed to ongoing development of Vigil, focusing on an application geared towards evaluating Vigil and its diverse scanners against custom datasets. This application scrutinizes metrics like false positives while also investigating techniques for detecting prompt injections based on images

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Leave a Reply

Your email address will not be published. Required fields are marked *