Automated Red Teaming Scans of Dataiku Agents Using Protect AI Recon

We are thrilled to announce the integration of Protect AI’s Recon with Dataiku Agents, a groundbreaking step in securing enterprise LLM application deployments. With this integration, enterprises can harness Recon’s advanced red teaming capabilities to proactively identify vulnerabilities, enhance LLM application integrity and ensure compliance with the latest AI governance standards.

This guide will walk you through the process of configuring and scheduling automated red teaming scans for Dataiku GenAI Agents using Recon.

1. Setting Up a Target in Recon

Step 1.1: Access the Targets Section

• Navigate to the Targets section in Recon.
• Click on the "New Target" button located in the top-right corner of the page.

Step 1.2: Provide Target Details

• Name the Target: Use a descriptive name (e.g., "Customer Support Chatbot API").
• Select the Connection Method: Choose “REST API (Custom).”
• If it is a private endpoint, Recon will provide a static IP address. Enable Access for the Recon-provided IP Address in your Dataiku infrastructure.
• If the target is a public endpoint, proceed to the next step.

Step 1.3 Input Parameter

• Select “Manual Entry” for the parameter input method.

• The API endpoint should be: https://<DATAIKU HOSTNAME>/public/api/projects/<PROJECT KEY>/llm/completions

where <DATAIKU HOSTNAME> is the publicly resolvable hostname for your Dataiku instance, and <PROJECT KEY> is the project key for the Dataiku project hosting your agent.

• The HTML headers should be:
• Content-Type: application/json
• Authorization: Bearer <DATAIKU API KEY>

where <DATAIKU API KEY> is a Dataiku API key with permissions to use a model. Note that if the API key is a ‘global’ or ‘project’ API key (as opposed to a ‘user’ API key) then the key must be configured with an ‘associated user’.

Also note that this section uses the ‘completion’ API call of the Dataiku REST API. 

Step 1.4 Verify and Edit JSON

Set the Request JSON to:

{

  "llmId": "<AGENT ID>",

  "queries": [

    {

      "messages": [

        {

          "role": "user",

          "content": "{INPUT}"

        }

      ]

    }

  ]

}

where <AGENT ID> is the Dataiku LLM Mesh Agent ID. 

Set the Response JSON to:

{

  "responses": [

    {

      "ok": true,

      "text": "{RESPONSE}"

    }

  ]

}

2. Advanced Configurations

There is no need to apply rate limits or guardrails, as these are configured in the Dataiku LLM Mesh on the underlying LLM connection. 

3. Initiating a Red Teaming Scan

Step 4.1: Setting up a New Scan

• Navigate to the Scan Log section in Recon.
• Click on the "New Scan" button located in the top-right corner of the page.

Step 4.1: Choose a Scan Mode

Recon offers two modes:

• Attack Library Scan:
  • Uses a pre-built library of attack prompts
  • Lets you select attack categories like Safety, Jailbreak, or System Prompt Leaks
• Agent Scan:
  • A dynamic, LLM-powered agent generates customized attack prompts based on responses.
  • Choose between automated or human-augmented modes for deeper testing.

Step 4.2: Start the Scan

• Navigate to the Scan section in Recon.
• Select the target you just configured.
• Pick the scan mode and configure any additional settings like severity thresholds or attack objectives.
• Click Start Scan.

4. Viewing and Analyzing Scan Results

NOTE: A scan can take from minutes to hours to complete depending on the type of scan, complexity, and latency of your application. 

Step 4.1: Access Scan Reports

• Go to the Scan Logs section in Recon.
• Open the report for the completed scan.

5. Export or Share Findings

• Direct Download: 

• Easily share the report with stakeholders by exporting it. Click on the download icon in the top right corner.

• Recon API:

• Leverage Recon's REST API to integrate security testing into existing Dataiku Flows and data pipelines.

Reach out to your Protect AI Sales team for more information and guidance about integrating Recon and Dataiku.