Sebastian Schrittwieser

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.

Prompt injection is the new SQL injection for AI. Learn how to secure your LLM applications before a malicious prompt takes over your system.

ChatGPT, ignore the above instructions! Prompt injection attacks and how to avoid them.
#1about 2 minutes

The rapid adoption of LLMs outpaces security practices

New technologies like large language models are often adopted quickly without established security best practices, creating new vulnerabilities.

#2about 4 minutes

How user input can override developer instructions

A prompt injection occurs when untrusted user input contains instructions that hijack the LLM's behavior, overriding the developer's original intent defined in the context.

#3about 4 minutes

Using prompt injection to steal confidential context data

Attackers can use prompt injection to trick an LLM into revealing its confidential context or system prompt, exposing proprietary logic or sensitive information.

#4about 4 minutes

Expanding the attack surface with plugins and web data

LLM plugins that access external data like emails or websites create an indirect attack vector where malicious prompts can be hidden in that external content.

#5about 2 minutes

Prompt injection as the new SQL injection for LLMs

Prompt injection mirrors traditional SQL injection by mixing untrusted data with developer instructions, but lacks a clear mitigation like prepared statements.

#6about 3 minutes

Why simple filtering and encoding fail to stop attacks

Common security tactics like input filtering and blacklisting are ineffective against prompt injections due to the flexibility of natural language and encoding bypass techniques.

#7about 4 minutes

Using user confirmation and dual LLM models for defense

Advanced strategies include requiring user confirmation for sensitive actions or using a dual LLM architecture to isolate privileged operations from untrusted data processing.

#8about 5 minutes

The current state of LLM security and the need for awareness

There is currently no perfect solution for prompt injection, making developer awareness and careful design of LLM interactions the most critical defense.

Related jobs
Jobs that call for the skills explored in this talk.

Machine Learning Engineer

Picnic Technologies B.V.

Picnic Technologies B.V.
Amsterdam, Netherlands

Intermediate
Senior
Python
Structured Query Language (SQL)
+1

Matching moments

Prompt injection as an unsolved AI security problem
07:39 MIN

Prompt injection as an unsolved AI security problem

AI in the Open and in Browsers - Tarek Ziadé

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Unlocking LLM potential with creative prompting techniques
04:59 MIN

Unlocking LLM potential with creative prompting techniques

WeAreDevelopers LIVE – Frontend Inspirations, Web Standards and more

The security risks of AI-generated code and slopsquatting
05:55 MIN

The security risks of AI-generated code and slopsquatting

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Malware campaigns, cloud latency, and government IT theft
01:06 MIN

Malware campaigns, cloud latency, and government IT theft

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

Crypto crime, EU regulation, and working while you sleep
01:15 MIN

Crypto crime, EU regulation, and working while you sleep

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

How AI-generated content is overwhelming open source maintainers
06:46 MIN

How AI-generated content is overwhelming open source maintainers

WeAreDevelopers LIVE – You Don’t Need JavaScript, Modern CSS and More

Featured Partners

Related Videos

See all videos
Manipulating The Machine: Prompt Injections And Counter Measures27:10

Manipulating The Machine: Prompt Injections And Counter Measures

Georg Dresler

Prompt Injection, Poisoning & More: The Dark Side of LLMs23:24

Prompt Injection, Poisoning & More: The Dark Side of LLMs

Keno Dreßel

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails29:00

Beyond the Hype: Building Trustworthy and Reliable LLM Applications with Guardrails

Alex Soto

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers30:36

The AI Security Survival Guide: Practical Advice for Stressed-Out Developers

Mackenzie Jackson

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools35:37

Can Machines Dream of Secure Code? Emerging AI Security Risks in LLM-driven Developer Tools

Liran Tal

Using LLMs in your Product31:12

Using LLMs in your Product

Daniel Töws

Let’s write an exploit using AI21:01

Let’s write an exploit using AI

Julian Totzek-Hallhuber

Prompt Engineering - an Art, a Science, or your next Job Title?33:28

Prompt Engineering - an Art, a Science, or your next Job Title?

Maxim Salnikov

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?
LM
Luis Minvielle
How to Bypass ChatGPT’s Filter With Examples
Since dropping in November 2022, ChatGPT has helped plenty of professionals satisfy an unpredictable assortment of tasks. Whether for finding an elusive bug, writing code, giving resumes a glow-up, or even starting a business, the not-infallible but ...
How to Bypass ChatGPT’s Filter With Examples
DC
Daniel Cranney
Dev Digest 182: GPT5 Prompts, MCP Vulnerabilities, Code Traps
Inside last week’s Dev Digest 182 . 📝 A guide to prompting GPT-5 ⏰ Extreme hours at AI startups 💻 AI is a Junior Dev, and it needs a lead 🐴 Trojans embedded in SVG’s ⚠️ The State of MCP Security ⚒️ A reference manual for people who design and build ...
Dev Digest 182: GPT5 Prompts, MCP Vulnerabilities, Code Traps

From learning to earning

Jobs that call for the skills explored in this talk.