eBPF at Prompt Security: The first no-code security offering for LLM-based applications

March 28, 2024

Generative AI (GenAI) applications are growing and evolving at an unprecedented pace, becoming increasingly complex and more and more often integrated into critical systems. Traditional measures to ensure the security and safety of these applications often fall short. 

We recently started exploring eBPF, a revolutionary technology that brings a new paradigm for application security as it offers unprecedented visibility and control at the kernel level. 

We decided to explore this avenue because:

  1. It does not require changing the source code of the app
  2. It gives unprecedented visibility by having the ability to see all interactions of the GenAI app (to the LLM, vector DB, tools like DBs and APIs)
  3. It’s less intrusive so the downtime risk is much lower

In this piece, we will explore how we leverage eBPF at Prompt Security to enhance the security of GenAI applications, with a particular focus on its ability to trace the entire model stack, including interactions with third-party models and vector databases, and provide real-time prevention of security threats. 

But first, what’s eBPF anyway?

eBPF has rapidly become the industry standard for efficient and dynamic system tracing, networking and security, making it an ideal technology for enhancing the security of Generative AI (GenAI) applications. 

For instance, Datadog leverages eBPF for networking and security in their SaaS products, enhancing their ability to monitor and secure cloud-native applications. Similarly, Aqua Security utilizes eBPF for runtime detection and forensics, helping to safeguard containerized environments against threats. Wiz, another prominent player, employs eBPF to provide real-time threat detection and monitoring within cloud workloads, showcasing its effectiveness in cloud security​.

These use cases demonstrate how eBPF's event-driven, low-overhead approach to tracing and monitoring aligns perfectly with the needs of GenAI applications. By enabling detailed tracing of the entire model stack, including interactions with third-party models and communication with vector databases, eBPF ensures that GenAI developers and security professionals can achieve unparalleled visibility and control over their applications. This not only aids in optimizing performance and ensuring compliance but also enables real-time prevention and response to security threats, thereby ensuring the integrity and reliability of GenAI applications in a constantly evolving cybersecurity landscape.

Tracing Third-Party Model Usage

GenAI applications often integrate multiple third-party models such as OpenAI’s GPTs, Azure OpenAI, Anthropic’s Claude, Google’s Gemini, and others. At Prompt Security we use eBPF to trace the interactions between your application and these external models. By instrumenting eBPF at the network layer, we monitor and log the API calls made to these services, capturing crucial information such as request and response data, latency, and error rates. This allows you to:

  • Identify Dependencies: Understand which third-party models your application is relying on and how they are being used, and achieve unparalleled visibility and control over your applications.
  • Monitor Performance: Track the performance of external model calls to identify bottlenecks or inefficiencies.
  • Ensure Compliance: Ensure that data shared with third-party models adheres to privacy and security regulations.

Tracing Communication with Vector Databases

Vector databases are commonly used in GenAI applications for storing and querying high-dimensional vectors. We utilize eBPF to trace the communication between your application and the vector database, providing insights into query patterns, response times, and potential issues. This can help you:

  • Optimize Queries: Analyze query patterns to optimize indexing and retrieval strategies.
  • Monitor Database Performance: Identify slow queries or database bottlenecks affecting application performance.
  • Enhance Security: Detect unusual query patterns or unauthorized access attempts to the vector database.

Real-Time Prevention and Response

One of the key advantages of eBPF is its ability to provide real-time prevention and response mechanisms. By analyzing the traced data in real time, we can help:

  • Detect Anomalies: Identify deviations from normal behavior, such as unexpected spikes in API calls to third-party models or unusual query patterns to the vector database.
  • Prevent Attacks: Implement security policies that can block or alert on suspicious activities, such as excessive data exfiltration to external models or unauthorized access attempts to the vector database.
  • Respond to Incidents: Automate response actions, such as isolating affected components or triggering alerts to security teams.

Prompt Security's utilization of eBPF technology marks a significant advancement in securing GenAI applications and making them more resilient. By providing comprehensive tracing capabilities and real-time response mechanisms, Prompt Security empowers organizations to proactively address security challenges and protect their GenAI investments. 

Want to learn more about this new approach? Talk to us.

Share this post