Microsoft Unveils AI Defenses for Prompt Injection Attacks

Microsoft unveiled a multi-layered security framework to address rising threats from indirect prompt injection attacks on generative AI systems. In a detailed strategy, Microsoft unveils AI defenses that combine hardened prompts, detection tools, and mitigation layers to safeguard large language model (LLM) applications in enterprise settings. These attacks, which embed malicious instructions within external data, pose a growing risk to AI implementations.

The company’s approach includes a proprietary technique called Spotlighting, which helps LLMs identify and separate malicious content from legitimate input. Microsoft unveils AI defenses further by integrating Prompt Shields, a classifier-based detector that supports multiple languages and connects with Defender for Cloud. This gives security teams centralized visibility via the Defender XDR portal.

To reduce impact, Microsoft applies deterministic blocks against known exfiltration methods and enforces strict data governance through Microsoft 365 Copilot. Human-in-the-loop safeguards also ensure user consent for sensitive actions.

Read the full article at

Microsoft Details Defence Techniques Against Indirect Prompt Injection Attacks