Philippines NTC is an attached agency of the Department of Information and Communication Technology, responsible for the supervision, adjudication and control over all telecommunications services throughout the country.
The Ministry of Information Technology and Communication (MITC) is a central specialized public administration body which elaborates and ensures the development of the Informational Society Statute (telecommunication, post, TV and broadcasts).
WiKi Security Corporation, which participated in TAS(Transform Africa Summit) 2018, the largest ICT event in Africa, as an exhibitor, introduced information security consulting, security products and Training Center for cyber security.In particular, we participated in an official event to deliver certificates on behalf of ISO council as a result of ISO / IEC 27001 consulting service
The CyberTech Africa Conference is an important cybersecurity and information technology event held annually in Africa. It brings together cybersecurity experts, IT and security solution providers, government officials and policymakers, business leaders and corporate representatives, and academic researchers from across Africa to discuss the latest technologies, trends, and challenges. WikiSecurity Co. Ltd. has maintained continuous
Specific inquiry details. I was introduced to AutoML, which is said to make it easy to build machine learning models even without deep expert knowledge of machine learning, as long as you have a strong understanding of the business domain.Among the AutoML tools, I chose PyCaret because it is considered stable and integrates well with
Specific inquiry details. I work in the information security team at my company and am in charge of security reviews.Our company is planning to build a generative AI (GenAI) system.Since building a GenAI system differs from building a conventional information system, I’m wondering how to approach it.Also, please tell me what risks generative AI poses.
OWASP Top 10 for LLM Application LLM01. Prompt InjectionMalicious users may manipulate the LLM (GenAI) to redefine system prompts or induce unintended actions through external inputs, leading to data leakage or social engineering attacks. LLM02. Insecure Output HandlingIf the outputs generated by the LLM (GenAI) are not properly validated, vulnerabilities such as XSS, CSRF, or
Overview of RAG RAG (Retrieval-Augmented Generation) has become an essential component, alongside PEFT, in the development of GenAI (Large Language Model) systems. It is a technology designed to overcome the inherent limitations of standard LLM architectures. RAG enhances a model’s ability to provide accurate and contextually relevant answers by retrieving and referencing external documents during
Recently, many domestic financial companies have been building GenAI (Generative AI, LLM) systems. However, discussions on LLM security vulnerabilities have been limited to the risk of personal information leakage, while various information security considerations defined in the OWASP Top 10 for LLM Applications have not been taken into account. 1. Vulnerability Test This vulnerability maps
Prompt Injection, one of the key vulnerabilities in GenAI (LLM) systems, appears as the first item in the OWASP Top 10 for LLM Applications due to the wide range of existing attack techniques. At the same time, modern LLM-based services inevitably rely on multiple types of prompts to deliver accurate instructions and consistent system behavior.