From the course: CompTIA SecAI+ (CY0-001) Cert Prep
Join today to access over 25,500 courses taught by industry experts.
Manipulating application integrations
From the course: CompTIA SecAI+ (CY0-001) Cert Prep
Manipulating application integrations
modern AI systems rarely operate alone. Teams embed them into larger workflows and connect them to platforms through plugins, extensions, agents, or APIs. These integrations add powerful functionality. A chatbot might access a ticketing system, a Cloud storage service, or internal databases. That flexibility creates value, but it also introduces risk. Attackers target these integrations to take advantage of how the AI interacts with connected internal and external systems. There doesn't have to be a flaw in the application itself to allow this. Instead, attackers can manipulate the behavior of the model, the application, or the downstream business logic. The AI might issue a command or retrieve and modify information, and the surrounding application trusts that that action makes sense and meets security requirements. Let's talk about some of things that an attacker might be able to accomplish by exploiting integrations. An attacker can trigger unintended actions. In this example, the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
(Locked)
Manipulating application integrations4m 8s
-
(Locked)
AI supply chain attacks2m 4s
-
(Locked)
Insecure plug-in design2m 9s
-
(Locked)
Insecure output handling1m 23s
-
(Locked)
Output integrity attacks2m 8s
-
(Locked)
Model denial of service1m 31s
-
(Locked)
Excessive agency1m 33s
-
(Locked)
Overreliance1m 34s
-
(Locked)
AI hallucinations1m 4s
-
(Locked)
-
-
-
-
-
-
-
-
-
-
-
-
-
-