Security News > 2023 > June > Popular generative AI projects pose serious security threat
Many popular generative AI projects are an increased security threat and open-source projects that utilize insecure generative AI and LLMs also have poor security posture, resulting in an environment with substantial risk for organizations, according to Rezilion.
"On top of their inherent security issues, individuals and organizations provide these AI models with excessive access and authorization without proper security guardrails. Through our research, we aimed to convey that the open-source projects that utilize insecure generative AI and LLMs have poor security posture as well. These factors result in an environment with significant risk for organizations."
Rezilion's research team investigated the security posture of the 50 most popular generative AI projects on GitHub.
The research utilizes the Open Source Security Foundation Scorecard to objectively evaluate the LLM open-source ecosystem and highlight the lack of maturity, gaps in basic security best practices, and potential security risks in many LLM-based projects.
The following best practices and guidance is recommended for the secure deployment and operation of generative AI systems: educate teams on the risks associated with adopting any new technologies; evaluate and monitor security risks related to LLMs and open-source ecosystems; implement robust security practices, conduct thorough risk assessments, and foster a culture of security awareness.
While there are significant security challenges concerning the adoption of generative AI models and their ecosystem, AI technologies are exciting, powerful, and here to stay.
News URL
https://www.helpnetsecurity.com/2023/06/29/generative-ai-security-risk/
Related news
- Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof? (source)
- Businesses turn to private AI for enhanced security and data management (source)
- Obsidian Security Warns of Rising SaaS Threats to Enterprises (source)
- CIOs want a platform that combines AI, networking, and security (source)
- Generative AI in Security: Risks and Mitigation Strategies (source)
- Unlocking the value of AI-powered identity security (source)
- Can Security Experts Leverage Generative AI Without Prompt Engineering Skills? (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Best AI Security Tools: Top Solutions, Features & Comparisons (source)
- How agentic AI handles the speed and volume of modern threats (source)