Back

Introducing Lakera Guard – Bringing Enterprise-Grade Security to LLMs with One Line of Code

Introducing Lakera Guard: Bringing enterprise-grade security to LLMs with one line of code.

David Haber
December 21, 2023
August 10, 2023
Learn how to protect against the most common LLM vulnerabilities

Download this guide to delve into the most common LLM security risks and ways to mitigate them.

In-context learning

As users increasingly rely on Large Language Models (LLMs) to accomplish their daily tasks, their concerns about the potential leakage of private data by these models have surged.

[Provide the input text here]

[Provide the input text here]

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Lorem ipsum dolor sit amet, Q: I had 10 cookies. I ate 2 of them, and then I gave 5 of them to my friend. My grandma gave me another 2boxes of cookies, with 2 cookies inside each box. How many cookies do I have now?

Title italic

A: At the beginning there was 10 cookies, then 2 of them were eaten, so 8 cookies were left. Then 5 cookieswere given toa friend, so 3 cookies were left. 3 cookies + 2 boxes of 2 cookies (4 cookies) = 7 cookies. Youhave 7 cookies.

English to French Translation:

Q: A bartender had 20 pints. One customer has broken one pint, another has broken 5 pints. A bartender boughtthree boxes, 4 pints in each. How many pints does bartender have now?

Lorem ipsum dolor sit amet, line first
line second
line third

Lorem ipsum dolor sit amet, Q: I had 10 cookies. I ate 2 of them, and then I gave 5 of them to my friend. My grandma gave me another 2boxes of cookies, with 2 cookies inside each box. How many cookies do I have now?

Title italic Title italicTitle italicTitle italicTitle italicTitle italicTitle italic

A: At the beginning there was 10 cookies, then 2 of them were eaten, so 8 cookies were left. Then 5 cookieswere given toa friend, so 3 cookies were left. 3 cookies + 2 boxes of 2 cookies (4 cookies) = 7 cookies. Youhave 7 cookies.

English to French Translation:

Q: A bartender had 20 pints. One customer has broken one pint, another has broken 5 pints. A bartender boughtthree boxes, 4 pints in each. How many pints does bartender have now?

Hide table of contents
Show table of contents

At Lakera, we supercharge AI developers by enabling them to swiftly identify and eliminate their AI applications’ security threats so that they can focus on building the most exciting applications securely.

Businesses around the world are integrating LLMs into their applications at lightning speeds. At the same time, LLM applications bring completely new types of security risks that organizations need to address.

This is why we’re super excited to introduce Lakera Guard – a developer-first API to bring enterprise-grade security to your LLM applications. It is lightning-fast and can be integrated within minutes. We’ve designed it so that developers love working with it!

Over the last few weeks, we’ve given exclusive pre-launch access to a few corporations, cybersecurity teams, and LLM developers and have been happy to receive fantastic feedback:

Today, we are excited to announce that we’ll bring Lakera Guard to more AI teams over the next few weeks.

How do organizations benefit from Lakera Guard?

Lakera Guard provides out-of-the-box protection against the most common LLM security risks that AI teams face when integrating LLMs into their applications. Lakera Guard covers:

  • Prompt injection: Practical defenses against direct and indirect prompt injection attacks that can cause unintended downstream actions.
  • Leakage of sensitive information: Mitigation of security risks when LLMs are connected to PII or corporate data that shouldn’t be revealed to the world.
  • Hallucinations: Detection of model output that is misaligned with the input context or the expected behavior.
  • Content moderation: Ensuring that your LLM operates in line with ethical guidelines, company policies, etc.

AI teams that build with Lakera Guard benefit from our continuously evolving security intelligence that empowers developers with industry-leading vulnerability insights. Our security intelligence combines insights from public sources, data from the LLM developer community, the Lakera Red Team, and the latest LLM security research and techniques. Our proprietary vulnerability database contains tens of millions of attack data points and is growing by roughly 100k entries per day.

We are on a mission to secure every single LLM application in the world – through an easy-to-integrate API for developers. This is why we’ve built Lakera Guard.

**🛡️ Discover how Lakera’s Red Teaming solutions can safeguard your AI applications with automated security assessments, as well as identifying and addressing vulnerabilities effectively.**

How does Lakera Guard work?

Lakera Guard is built by developers for developers and designed to seamlessly integrate with your existing application stack in minutes. Whether you use ChatGPT, host your own LLaMA model or any other LLM, Lakera Guard integrates easily with just a few lines of code.

But how does it work? Lakera Guard acts as a protective shield between your application and your LLM. Just like a traditional network firewall, any message going in or out of your LLM must pass through the firewall. We can look at an example to illustrate this.

Let's imagine you are building a Q&A system using a large database of your internal documents. This allows anyone internally to ask something like "When did we first sell a product in Europe?" and get a customized answer based on your knowledge base.

The catch is that one of your documents contains a reverse prompt injection: a malicious agent has managed to insert a prompt injection into the document that is designed to surface a phishing link to the unsuspecting user. If the user asks a question and the document is used for an answer, the user could become a victim of the attack. This workflow looks as follows in code (for a more in-depth example, take a look at our documentation):


user_question = "When did we first sell a product in Europe?"# Retrieve the relevant context e.g., from a vector DB.context = ...# Call your LLMresponse = call_your_llm(user_question, context)# Interact with the user print(f"Your response: {response}") # Visit malicious-link.com

This is also a wonderful example of why LLM security is so challenging. You can see that the attack surface has multiple entry points. There are several messages going in and out of the LLM: the document context containing the reverse injection used to answer the user question, the user_question itself, and the LLM response. Lakera Guard checks the integrity of all of them to secure your application.

Developers are fully in control of what they want to pass through Lakera Guard and how the resulting assessment should impact the application flow. For example, you can check the context going into the LLM as follows to see if it was flagged by the Lakera Guard. You can then safely stop the flow to protect your user from the attack.


# This is all you need to call Lakera Guardresponse = requests.post(   "https://api.lakera.ai/v1/guard",       json={"input": context})if response.json()["results"][0]["flagged"]:   # Here, Lakera Guard identifies a prompt injection attack in the context.   print("I cannot process this input document, it has been flagged by Lakera Guard.")   return


That's it! In this case, Lakera Guard checks the document and finds that it contains a prompt injection. The developer can then use this information to revert to a safe behavior, such as informing the user that the question cannot be answered. The user and your organization are kept safe!


Beyond this example, Lakera Guard provides bleeding edge protection against the known vulnerabilities of LLMs, from prompt injections to hallucinations and data leakage. The response from the Lakera Guard is a JSON containing detailed findings that you can use to fully secure the flow of your applications. More information about our API can be found in our documentation.

How can I get started?

You can learn more about the product and get started with Lakera Guard here.

Lakera Guard is currently in private beta and, due to high demand, spaces are strictly limited.

We allocate access to Lakera Guard on a first-come, first-served basis. Sign up today so that you can start securing your LLMs as quickly as possible. We’ll get back to you as soon as we can.

Lakera LLM Security Playbook
Learn how to protect against the most common LLM vulnerabilities

Download this guide to delve into the most common LLM security risks and ways to mitigate them.

David Haber
Read LLM Security Playbook

Learn about the most common LLM threats and how to prevent them.

Download
You might be interested
4
min read
Product Updates

Introducing Lakera Chrome Extension - Privacy Guard for Your Conversations with ChatGPT

Lakera introduces Lakera PII Extension—a user-friendly Chrome plugin that allows you to input prompts to ChatGPT securely.
Lakera Team
December 1, 2023
min read
Product Updates

Lakera releases robustness testing suite for digital pathology

Lakera now offers you the opportunity to easily test whether your algorithms are robust to histological artifacts and variations. It lets you stress test your computer vision models to gain confidence in their robustness properties prior to clinical validation and deployment.
Lakera Team
December 1, 2023
Activate
untouchable mode.
Get started for free.

Lakera Guard protects your LLM applications from cybersecurity risks with a single line of code. Get started in minutes. Become stronger every day.

Join our Slack Community.

Several people are typing about AI/ML security. 
Come join us and 1000+ others in a chat that’s thoroughly SFW.