While on-premises LLM deployments are often touted as one-stop solutions to privacy and security concerns surrounding GenAI integration into workflows, there are more to the security of such solution than just the conversation interface access location. LLMs and their integration into existing solution pose numerous security risks, and the goal of this workshop is to help the participants to better understand and mitigate them. The workshop covers an introduction to the architecture of LLM solutions, basics of threat modeling according to the STRIDE model, and an introduction to a systematic threat modeling on LLM-integrating solutions. The workshop provides specific examples of threat path being exploited in real life for a GLC-top5, going beyond OWASP-top-10, and offering the participants several scenarios to threat model by themselves.
