# llm-security
標記為「llm-security」的 5 篇文章
LLM 應用之縱深防禦
AI 應用之分層防禦策略,涵蓋網路、應用、模型與輸出層,各層的貢獻,以及為何單層防禦必然失敗。
提示詞注入與越獄
提示詞注入的完整入門——大型語言模型應用程式中最根本的漏洞類別——以及它與越獄技術的關係。
Building a Production Input Sanitizer
Step-by-step walkthrough for building a production-grade input sanitizer that cleans, normalizes, and validates user prompts before they reach an LLM, covering encoding normalization, injection pattern stripping, length enforcement, and integration testing.
Threat 模型ing for LLM-Powered Applications
Step-by-step walkthrough for conducting threat modeling sessions specifically tailored to LLM-powered applications, covering data flow analysis, trust boundary identification, AI-specific threat enumeration, risk assessment, and mitigation planning.
Using Burp Suite for LLM API Endpoint Testing
導覽 for using Burp Suite to intercept, analyze, and attack LLM API endpoints, covering proxy configuration, request manipulation, automated scanning for injection flaws, and custom extensions for AI-specific testing.