IronCore Labs Home
Patrick Walsh

10 Essential Security Steps Before Launching Your AI Feature

AI features are taking over the software industry with almost any product you use today getting “enhanced” with AI features. Unfortunately, security practices have seriously lagged adoption of these new AI features. Organizations need to be vigilant about security risks before deploying AI-driven features even if in-house expertise is low. Here are 10 steps to ensure your AI feature is secure before launch.

1. Understand the Attack Surface of AI

Unlike traditional applications, AI systems have unique vulnerabilities. Threat actors exploit prompt injections, model manipulation, indirect poisoning attacks, and inversion attacks that can compromise data integrity and security. A robust AI security strategy begins with mapping out your attack surface and identifying potential weak points.

2. Implement a Prompt Firewall

Large Language Model (LLM)-powered assistants are prone to prompt injection attacks, where adversaries manipulate responses through malicious inputs. Using a prompt firewall helps detect and block these attacks before they reach your LLM, though it shouldn’t be expected to block all attacks.

3. Encrypt AI-Generated Data, Including Vectors

Many AI systems use vector embeddings to store data needed to answer questions on private information, usually through RAG workflows. But these embeddings can be reversed using inversion attacks, dangerous because they represent shadow copies of all of an organization’s other data. Encrypting vectors before storing them in a vector database prevents unauthorized access and leakage of sensitive data.

4. Secure Logs and AI Pipelines

AI features often generate shadow data—logs containing user queries, responses, and private documents embedded into prompts. Ensure logging is disabled in production unless necessary and use secure storage for logs with access controls in place. Note: it isn’t just the LLM server that is at risk here, but also the prompt firewall and other tools, like AI quality monitoring tools, as well.

5. Conduct Red Team Testing on AI Models

Just as ethical hackers test traditional applications, red teaming AI models is essential. Test your AI system against adversarial attacks, prompt injections, model leaks, and data poisoning before deployment.

6. Implement AI Governance and Compliance Measures

AI regulations are evolving globally, with frameworks like the EU AI Act defining risk levels for AI applications. Establish AI governance policies that classify your AI feature based on risk level and ensure compliance with data protection laws.

7. Monitor for AI Model Hallucinations and Toxicity

LLMs can invent responses, which can offend or mislead customers, demonstrate bias, and even give dangerous instructions. Deploy AI monitoring tools that track model behavior, detect hallucinations, and prevent toxic responses before they reach end users while acknowledging that no such solution will be 100% effective and weighing the risks.

8. Enforce Strict Permissions on Agentic Operations

If your AI feature uses an LLM to generate database queries, API calls, or code and that code is then executed, the risk of bad things happening via prompt injection and other attacks grows enormously. Ensure that any queries or code generated by an LLM are executed in a context that is read-only, that has access restricted as much as possible, that guards against infinite loops or other denial-of-service conditions, and that couldn’t result in harm if an LLM was tricked or otherwise “hallucinated” bad code.

9. Set Security Requirements for Dev Teams

Development teams are moving quickly to build and ship features, but small changes—such as updates to models, prompts, or mined private data repositories—can significantly impact security and quality. Additional processes must be in place to ensure thorough testing of new models, monitor prompt quality and responses, and detect potential leaks of PII and other sensitive data.

10. Demand AI Security from Vendors Using AI

The above is guidance for you rolling out your own software using AI, but your organization and your software also uses Other People’s Software and their stuff may be using AI, too. Make sure your software vendors with AI features are also following the guidelines above and make sure to run them through our fifteen questions to make sure they’re taking security as seriously as you do.

Choosing vendors who prioritize AI security is critical to reducing risks.

Final Thoughts

AI security is still in its infancy, but taking proactive steps now will prevent costly data breaches, compliance failures, and reputational damage. By following these 10 essential security measures, your organization can launch AI-powered features with confidence while minimizing risks.

We discuss all of these things in more detail in our white paper, which has illustrations of attacks, types of defenses, and recommended solutions for AI security. The most recent OWASP LLM Top 10 v2 is also out and a good starting point for understanding the top threats to AI systems.

The ultimate guide to AI security

Infographics and guidance on handling key AI security risks and understanding vulnerabilities. 61% of companies use AI, but few secure it. This white paper covers the key AI risks being overlooked from LLMs to RAG.

Get it now

More great reads

AI Security Risks Are Real -- Here's 12 Questions to Ask Your Software Vendor

Before trusting vendor's new AI feature, ask these 12 critical security questions to protect your data, prevent breaches, and ensure compliance.

OWASP's Updated Top 10 LLM Includes Vector and Embedding Weaknesses

OWASP released their second version of the Top 10 for LLM Applications, and it now includes vector and embedding weaknesses among other major new issues that go beyond the LLM model itself

Privacy Guide to Apple Intelligence with ChatGPT

Apple has done a lot to preserve privacy when you use their AI, but all of their privacy promises evaporate when you use Apple's ChatGPT integration.

Private Communications for Email and Text Messages

A checklist of things to do to better protect the privacy of your emails and text messages as a guard against hackers, surveillance capitalism, and overreaching and authoritarian governments.