LLM security may need more than standard API protection
An internal LLM tool had been running for about four months with the usual API security setup, including WAF, , and OAuth. A red team bypassed it in under 30 minutes by using to change how the behaved.
The WAF allowed the request because it was d, well-formed JSON, and valid by normal API rules. Traditional API security works best when inputs are structured and predictable, but LLMs accept everyday language, so a harmful instruction can look like a normal message.
An adds checks that look at what the input is trying to do, detect during a multi-step run, and scan the LLM’s output before users see it. Output scanning can also help catch cases where RAG context leaks into a response.
Key points
- A standard WAF can miss dangerous instructions if the request looks valid.
- LLM inputs cannot be protected only by checking a fixed request shape.
- can try to override or change the .
- An can inspect intent, mid-run behavior, and final output.
- RAG-based agents need output checks to reduce the risk of leaking private context.