Author: rodrigtech
-
PyRIT for LLM Security
Microsoft launched PyRit (Python Risk Identification Tool) back in 2024 this serves as a open source framework to identify risk with Generative AI systems using the framework to test with multiple methods of attacks. Given the expansion of methods for Jailbreaking systems this allows for the dynamic adaption of attacks to quickly automate processes of…
-
Garak Red Teaming LLMs
As Generative AI is playing a role in multiple organizations so is the popularity of tools for identifying risks and vulnerabilities. In this blog I’m exploring Garak a LLM vulnerability scanner developed by NVIDIA and is a OSS project to help strengthen LLM Security. When the term “Red Team” appears in the approach of simulation…
-
Bill of Materials CKS Refresher
A Software Bill of Materials (SBOM) is like the ingredients list on your food package—it reveals what components, libraries, and dependencies go into building the final software. Just as checking food labels helps you understand nutritional content and potential allergens, an SBOM provides transparency into third-party components, helping identify vulnerabilities early in the software supply…
-
Prompt Flow Running Exa AI
Promptflow is an open-source development tool created by Microsoft to streamline the end-to-end development lifecycle of LLM-based AI applications. When building agentic workflows, having a good foundation of the workflow you’ll want something that is modular, reusable and provides visibility. To effectively utilize this tool, it’s important to understand its key concepts, which can be…
-
Simulating Kubernetes Attacks with Detection of Falco + Tetragon
Microsoft recently released an open-source repository designed to simulate attacks on Kubernetes clusters, showcasing the detection capabilities of Defender for Cloud sensors. However, this tool can also be extended to work with other Intrusion Detection Systems (IDS) for monitoring Kubernetes environments. As with any detection solution, it is crucial to rigorously test various attack scenarios…
-
2025 Predictions
Its that time again where the year ends and we begin the next year with the time frame being one more day left in 2024 it felt like it was time to release some predictions for 2025 and beyond. This list will be short but concise grounded in context and a healthy dose of foresight…
-
ABAC In Kubernetes
Attribute-based access control (ABAC) is a powerful feature in Kubernetes that allows administrators to define fine-grained permissions for users and groups. Unlike traditional role-based access control (RBAC), ABAC enables a more granular approach to specify what actions can and cannot be performed. However, implementing ABAC can become complex as modifications increase over time. This blog…
-
Azure AI Foundry
Introduction This week at Microsoft Ignite, Azure AI Foundry was unveiled as the rebranded successor to “Azure AI Studio.” This marks a significant step toward unifying AI development tools under one cohesive platform. Azure AI Foundry provides a streamlined toolchain and an SDK designed for efficient consumption of AI models, supporting both OpenAI and Mistral…
-
LlamaIndex Simplifying Data Retrieval
Introduction Most often using forms of LLM’s with a front-end UI has constraints for memory primarily because this is using the ChatCompletionsClient to initiate the conversation. This is stateless in nature meaning it is only limited to that session and the LLM’s knowledge for what is represented back to the end user, over time this…
-
Phi-3.5 Mixture of Experts
Introduction Microsoft has open-sourced its Phi-3.5 Mixture of Experts model recently on the Azure AI Studio catalog provided as a (Model-as-a-Service) that you can run on Azure or you can also use Huggingface to utilize this model. The first question depending how much you’re following along with the constant upstream releases of models is the…