<ciso brief/>
Category Banner

All news in category "AI and Security Pulse"

< all categories >

Tue, July 29, 2025

Defending Against Indirect Prompt Injection in LLMs

#AI Data Leakage #AI Security #Data Exfil via Tools #Microsoft #Prompt Injection #Safety Guardrails #System Prompt Exposure

🔒 Microsoft outlines a layered defense-in-depth strategy to protect systems using LLMs from indirect prompt injection attacks. The approach pairs preventative controls such as hardened system prompts and Spotlighting (delimiting, datamarking, encoding) to isolate untrusted inputs with detection via Microsoft Prompt Shields, surfaced through Azure AI Content Safety and integrated with Defender for Cloud. Impact mitigation uses deterministic controls — fine-grained permissions, Microsoft Purview sensitivity labels, DLP policies, explicit user consent workflows, and blocking known exfiltration techniques — while ongoing research (TaskTracker, LLMail-Inject, FIDES) advances new design patterns and assurances.

read more →

Tue, July 15, 2025

A Summer of Security: Empowering Defenders with AI

#Agentic AI #AI Security #AI SOC Assistant #AI Supply Chain #Conference #Disclosure #Google DeepMind #Safety Guardrails #Zero-Day

🛡️ Google outlines summer cybersecurity advances that combine agentic AI, platform improvements, and public-private partnerships to strengthen defenders. Big Sleep—an agent from DeepMind and Project Zero—has discovered multiple real-world vulnerabilities, most recently an SQLite flaw (CVE-2025-6965) informed by Google Threat Intelligence, helping prevent imminent exploitation. The company emphasizes safe deployment, human oversight, and standard disclosure while extending tools like Timesketch (now augmented with Sec‑Gemini agents) and showcasing internal systems such as FACADE at Black Hat and DEF CON collaborations.

read more →