We follow an industry-standard methodology primarily based on the OWASP Top 10 for Large Language Model Applications and we covers all known LLM application vulnerabilities.
Our methodology involves the following 3 key penetration testing stages:
To begin, pen-testers primarily conduct reconnaissance activities, including understanding workflows and the model’s logic, to map out the attack surface of the language model.
This helps identify key points of interaction and potential areas where vulnerabilities may exist, such as prompt processing, context handling, and response generation.
During this phase, pen-testers manually explore the defined scope while also leveraging automated tools to ensure thorough coverage. The testing process involves dynamic analysis of the language model’s behavior and evaluation of its input-output handling.
Testers focus on the security of communication channels and data exchanges between the LLM and external systems, as well as how the model manages context and prompts. Additionally, pen-testers attempt to manipulate or reverse-engineer the model’s outputs to uncover potential vulnerabilities, such as prompt injection attacks or information leakage.
The pen-testers will apply a specialized methodology for evaluating any API or backend connections the LLM interacts with during its operation.
Pentesters report and triage all vulnerabilities during the assessment itself. We provide details on all of the findings discovered by our pen-testers through the preferred communication channel such as Slack. Clients have full visibility over discoveries in real time.
In the findings and final report, pen-testers provide detailed remediation steps and advice on further improvements of the security posture.
The client can perform remediation efforts on critical discoveries during and after the testing timeframe and pen-testers can test the updated components and re-test the discovered issues to confirm that there is no residual risk for the client from a security perspective.
