Securing GenAI HR-Policy Bot: OWASP Controls & Best Practices

This session provides a comprehensive overview of the GenAI security framework, highlighting risks in HR-Policy bots and objectives of security measures. It delves into implementing key security controls, including OWASP Top 10 relevance, OAuth & JWT for authentication, and input sanitization. Additionally, technical integration and planning aspects are covered, addressing NeMo Guardrails for LLMs, encryption of sensitive data, and XSS prevention strategies in Streamlit. The goal is to ensure...