Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots
Black Hat Asia 2025 · Day 1 · Briefings
Alan Scott's Black Hat Asia talk, "Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots," shifts the focus from demonstrating novel exploits to equipping security professionals with the knowledge and tools to investigate and respond to incidents involving generative AI chatbots. As these AI-powered assistants become ubiquitous, serving as internal IT helpdesks, 24/7 customer support, and even data analysis tools, the potential for brand damage, data leaks, and even remote code execution (RCE) grows exponentially. Scott, a Senior Staff Engineer at Airbnb with a background in enterprise security, threat detection, and incident response, emphasizes that the question is no longer *if* an incident will occur, but *when*, and whether organizations are prepared to handle it.
AI review
This isn't another talk showing off a prompt injection bypass; it's a no-nonsense, deeply practical guide to building an actual incident response capability for generative AI. Scott lays out the critical architectural understanding, logging requirements, and layered defensive strategies—from the "LLM as a Judge" to robust system prompts—that are essential for any organization deploying these models. He cuts through the hype with concrete scenarios that illustrate how to hunt, contain, and remediate real LLM security incidents, making this a vital resource for anyone serious about securing…