Redhat Panda

The LLM Pen Testing Solution is a security testing tool designed to identify and address potential security risks in web applications.

Comment 1

Inspiration

In a study on 1,237 Chrome extensions, each with a minimum of 1,000 downloads. The findings revealed that nearly half of these extensions request permissions that could potentially risk exposing users' personally identifiable information (PII), spread adware and malware, or even track all user activities online, including accessing passwords and financial data. We decided to tackle the problem of potential security risks through network analysis.

What Redhat Panda Does

Redhat Panda provides a security testing tool known as the LLM Pen Testing Solution. This tool is designed to identify and address potential security risks in web applications, thereby enhancing the overall security of your application.

Key features of the tool include:

  • API Security: The tool can detect exposed API routes and keys.
  • Data Protection: It identifies instances of Personally Identifiable Information (PII).
  • Additional Features: The tool offers more features to ensure comprehensive security.

The tool is designed to be affordable and easily integrated into your deployment pipeline, providing comprehensive security checks for all projects.

How Redhat Panda Was Built

Redhat Panda is built using a variety of technologies:

  • Frontend: Streamlit Python
  • Backend: Serverless FastAPI hosted through Modal, Playwright for headless web traffic, and Redis: KV for synchronizing published events in a distributed system.
  • Infrastructure: Modal for autoscaling serverless cloud compute, Upstash Redis for serverless redis instance.
  • LLMs: Anthropic’s Claude 3 Haiku through AWS for in-depth network analysis, OpenAI’s gpt-4o for user audit summarization.

Challenges Faced

We faced challenges in achieving synchronization across distributed events. These issues were eventually resolved by employing Redis and introducing a refreshed validation mechanism to ensure that routes that have already been examined are not revisited.

Accomplishments

Redhat Panda has developed an innovative security testing tool, the LLM Pen Testing Solution, designed to identify and address potential security risks in web applications. The team is proud of the tool's ability to detect exposed API routes and keys, identify instances of Personally Identifiable Information (PII), and offer additional security features. They have also made the tool affordable and easily integrated into deployment pipelines, ensuring comprehensive security checks for all projects.

What's Next for Redhat Panda

We plan to continue to enhance their LLM Pen Testing Solution, possibly by adding more features, improving existing ones, and expanding our service to a deployable pipeline.

Built With

Share this project:

Updates