At Lakera, we supercharge AI developers by enabling them to swiftly identify and eliminate their AI applications’ security threats so that they can focus on building the most exciting applications securely.
Businesses around the world are integrating LLMs into their applications at lightning speeds. At the same time, LLM applications bring completely new types of security risks that organizations need to address.
This is why we’re super excited to introduce Lakera Guard – a developer-first API to bring enterprise-grade security to your LLM applications. It is lightning-fast and can be integrated within minutes. We’ve designed it so that developers love working with it!
Over the last few weeks, we’ve given exclusive pre-launch access to a few corporations, cybersecurity teams, and LLM developers and have been happy to receive fantastic feedback:
Today, we are excited to announce that we’ll bring Lakera Guard to more AI teams over the next few weeks.
How do organizations benefit from Lakera Guard?
Lakera Guard provides out-of-the-box protection against the most common LLM security risks that AI teams face when integrating LLMs into their applications. Lakera Guard covers:
- Prompt injection: Practical defenses against direct and indirect prompt injection attacks that can cause unintended downstream actions.
- Leakage of sensitive information: Mitigation of security risks when LLMs are connected to PII or corporate data that shouldn’t be revealed to the world.
- Hallucinations: Detection of model output that is misaligned with the input context or the expected behavior.
- Content moderation: Ensuring that your LLM operates in line with ethical guidelines, company policies, etc.
AI teams that build with Lakera Guard benefit from our continuously evolving security intelligence that empowers developers with industry-leading vulnerability insights. Our security intelligence combines insights from public sources, data from the LLM developer community, the Lakera Red Team, and the latest LLM security research and techniques. Our proprietary vulnerability database contains tens of millions of attack data points and is growing by roughly 100k entries per day.
We are on a mission to secure every single LLM application in the world – through an easy-to-integrate API for developers. This is why we’ve built Lakera Guard.
How does Lakera Guard work?
Lakera Guard is built by developers for developers and designed to seamlessly integrate with your existing application stack in minutes. Whether you use ChatGPT, host your own LLaMA model or any other LLM, Lakera Guard integrates easily with just a few lines of code.
But how does it work? Lakera Guard acts as a protective shield between your application and your LLM. Just like a traditional network firewall, any message going in or out of your LLM must pass through the firewall. We can look at an example to illustrate this.
Let's imagine you are building a Q&A system using a large database of your internal documents. This allows anyone internally to ask something like "When did we first sell a product in Europe?" and get a customized answer based on your knowledge base.
The catch is that one of your documents contains a reverse prompt injection: a malicious agent has managed to insert a prompt injection into the document that is designed to surface a phishing link to the unsuspecting user. If the user asks a question and the document is used for an answer, the user could become a victim of the attack. This workflow looks as follows in code (for a more in-depth example, take a look at our documentation):
user_question = "When did we first sell a product in Europe?"
# Retrieve the relevant context e.g., from a vector DB.
context = ...
# Call your LLM
response = call_your_llm(user_question, context)
# Interact with the user
print(f"Your response: {response}") # Visit malicious-link.com
This is also a wonderful example of why LLM security is so challenging. You can see that the attack surface has multiple entry points. There are several messages going in and out of the LLM: the document context containing the reverse injection used to answer the user question, the user_question itself, and the LLM response. Lakera Guard checks the integrity of all of them to secure your application.
Developers are fully in control of what they want to pass through Lakera Guard and how the resulting assessment should impact the application flow. For example, you can check the context going into the LLM as follows to see if it was flagged by the Lakera Guard. You can then safely stop the flow to protect your user from the attack.
# This is all you need to call Lakera Guard
response = requests.post(
"https://api.lakera.ai/v1/guard",
json={"input": context}
)
if response.json()["results"][0]["flagged"]:
# Here, Lakera Guard identifies a prompt injection attack in the context.
print("I cannot process this input document, it has been flagged by Lakera Guard.")
return
That's it! In this case, Lakera Guard checks the document and finds that it contains a prompt injection. The developer can then use this information to revert to a safe behavior, such as informing the user that the question cannot be answered. The user and your organization are kept safe!
Beyond this example, Lakera Guard provides bleeding edge protection against the known vulnerabilities of LLMs, from prompt injections to hallucinations and data leakage. The response from the Lakera Guard is a JSON containing detailed findings that you can use to fully secure the flow of your applications. More information about our API can be found in our documentation.
How can I get started?
You can learn more about the product and get started at https://lakera.ai/llms.
Lakera Guard is currently in private beta and, due to high demand, spaces are strictly limited.
We allocate access to Lakera Guard on a first-come, first-served basis. Sign up today so that you can start securing your LLMs as quickly as possible. We’ll get back to you as soon as we can.
Learn how to protect against the most common LLM vulnerabilities
Download this guide to delve into the most common LLM security risks and ways to mitigate them.
Don’t miss the updates!
Subscribe to our newsletter to get the recent updates on Lakera product and other news in the AI LLM world. Be sure you’re on track!
You might be interested
Lakera releases one-line Voxel51 integration to bring full-scale model validation to FiftyOne users.
The Voxel51 integration is here! Check out how to add full-scale model validation to yourworkflow with a single line of code.
How to Protect your Langchain Applications with Lakera Guard
In this tutorial, we'll show you how to integrate Lakera Guard into your LangChain applications to protect them from the most common AI security risks, including prompt injections, toxic content, data loss, and more!
Activate
untouchable mode.
untouchable mode.
Get started for free.
Lakera Guard protects your LLM applications from cybersecurity risks with a single line of code. Get started in minutes. Become stronger every day.
Join our Slack Community.
Several people are typing about AI/ML security. Come join us and 1000+ others in a chat that’s thoroughly SFW.
