Microsoft has introduced a new security tool aimed at keeping generative AI tools safe and secure to use.
PyRIT, short for Python Risk Identification Toolkit for Generative AI, will help developers respond to the growing threats facing businesses of all sizes from criminals looking to take advantage of new tactics.
As most of you already know, cybercriminals are using generative AI tools like ChatGPT to quickly create code for malware, generate (and fix) phishing emails, and more.
Manual labor still needed
The developers responded by changing the way the tool responds to different prompts and somewhat limiting its capabilities, and Microsoft has now decided to go a step further.
Over the past year, the company assembled “several high-value generative AI systems” before they hit the market, and during that time, it began creating unique scripts. “As we combine different varieties of generative AI systems and look for different risks, we add features that we find useful,” Microsoft explained. “Today, PyRIT is a trusted tool in the Microsoft AI Red Team's arsenal.”
The Redmond software giant also emphasizes that PyRIT in no way replaces manual red teaming of generative AI systems. Instead, the company hopes that other red teams can use the tool to eliminate tedious tasks and speed things up.
“PyRIT sheds light on hot spots where risk could lie, which the security professional can explore incisively,” Microsoft explains. “The security professional is always in control of the strategy and execution of the AI red team operation, and PyRIT provides the automation code to take the initial data set of harmful indications provided by the security professional and then uses the LLM endpoint to generate more harmful indications. .”
The tool is also adaptable, Microsoft highlights, as it is capable of changing its tactics depending on the generative AI system's response to previous queries. It then generates the next input and continues the cycle until the red team members are satisfied with the results.
