Augustus \u2013 Open-source LLM Vulnerability Scanner With 210+ Attacks Across 28 LLM Providers
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Augustus is a new open-source vulnerability scanner designed to secure Large Language Models (LLMs) against an evolving landscape of adversarial threats.<\/p>\n
Built by Praetorian, Augustus aims to bridge the gap between academic research tools and production-grade security testing, offering a single-binary solution that can launch over 210 distinct adversarial attacks against 28 LLM providers.<\/p>\n
As enterprises race to integrate Generative AI into their products, security teams have struggled with tooling that is often research-oriented, slow, or difficult to integrate into continuous integration\/continuous deployment (CI\/CD) pipelines<\/a>.<\/p>\n Existing tools like NVIDIA\u2019s Augustus addresses these operational bottlenecks by being compiled as a single, portable Go binary<\/a>. This architecture eliminates the \u201cdependency hell\u201d often associated with Python-based security tools, removing the need for virtual environments, pip installs, or specific interpreter versions.<\/p>\n The tool leverages Go\u2019s native concurrency primitives (goroutines) to perform massively parallel scanning, making it significantly faster and more resource-efficient than its predecessors.<\/p>\n \u201cWe needed something built for the way our operators work: a fast, portable binary that fits into existing penetration testing workflows,\u201d stated Praetorian in their release announcement<\/a>.<\/p>\n At its core, Augustus is an attack engine that automates the \u201cred teaming\u201d of AI models. It ships with a library of 210+ vulnerability probes across 47 attack categories, including:<\/p>\n A standout feature of Augustus is its \u201cBuff\u201d system, which allows security testers to apply transformations to any probe dynamically. Testers can chain multiple \u201cbuffs,\u201d such as paraphrasing a prompt, translating it into a low-resource language (e.g., Zulu or Scots Gaelic), or encoding it in poetic formats, to test whether a model\u2019s safety guardrails hold up against obfuscated inputs.<\/p>\n This capability is critical for uncovering \u201cfragile\u201d safety filters that may block a standard attack but fail to recognize the same attack when slightly altered.<\/p>\n Designed for the modern security stack, Augustus supports 28 LLM providers out of the box, including major platforms such as OpenAI, Anthropic, Azure, AWS Bedrock, and Google Vertex AI, as well as local inference engines such as Ollama.<\/p>\n This broad support ensures that teams can test everything from cloud-hosted GPT-4 models to locally running Llama 3 instances with the same tooling.<\/p>\n The tool\u2019s architecture emphasizes production reliability, featuring built-in rate limiting, retry logic, and timeout handling to prevent scan failures during large-scale assessments.<\/p>\n Results can be exported in multiple formats, including JSON, JSONL for streaming logs, and HTML for stakeholder reporting, making it easy to ingest vulnerability data into vulnerability management platforms<\/a> or SIEMs.<\/p>\n Augustus is the second release in Praetorian\u2019s \u201c12 Caesars\u201d open-source series, following the release of the LLM fingerprinting tool Julius<\/em>. It is available immediately under the Apache 2.0 license.<\/p>\n Security professionals and developers can download the latest release or build from source via GitHub<\/a>.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Augustus \u2013 Open-source LLM Vulnerability Scanner With 210+ Attacks Across 28 LLM Providers<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\ngarak<\/code> have set the standard for comprehensive testing, but rely on complex Python environments and heavy dependencies.<\/p>\n210+ Attack Modes<\/strong><\/h2>\n
\n