Securing secrets of AI Agent & LLM with CyberArk Conjur & LLM Guard from ProtectAI | Palo Alto Networks
- ✅ Supports Air-gapped, self-hosted and cloud environment
- ✅ Support autonomous (time-driven and event-driven) and interactive use cases
- ⚙️ Planned to add CyberArk Agent Guard use case
- ✅ Inject Secrets for AI Tools from Conjur
- ✅ Inject Secrets for AI Agent Memory from Conjur
- ✅ Detect and guardrail secrets from sending LLM as training data
- ✅ Detect and guardrail secrets from sending from LLM as sensitive data
- ⚙️ Secure secrets retrieval for MCP communication
Below is the environment used as development environment.
You can use your own equipments that have similar configuration
- Hardware: NVIDIA Jetson Orin Nano Super Developer Kit (https://www.nvidia.com/en-us/autonomous-machines/embedded-systems/jetson-orin/nano-super-developer-kit/)
- OS: Ubuntu 22.04.5 LTS
- Container: Docker version 28.4.0
- Execute
bin/start.shto pull and create containers
- Access n8n web ui at http://:5678, e.g. http://quincy-jetson.local:5678
- Answer the n8n popup to create an user account for first time access
-
Open the imported workflow named n8n-jwt-sync
-
Test for interactive use case by clicking
Open Chatand inputTell me the names of my databasesin the chat windows
-
Test for autonomous use case by clicking
Execute Workflow
| Software | Port | Host/Container | Authn Info | Descriptnion |
|---|---|---|---|---|
| Docker/podman | n/a | Host | n/a | https://www.docker.com/ |
| Ollama | 11434 | Host | n/a | https://github.com/ollama/ollama Get up and running with large language models. |
| n8n | 5678 | Container | User created during first access | https://github.com/n8n-io/n8n n8n is a workflow automation platform that gives technical teams the flexibility of code with the speed of no-code. With 400+ integrations, native AI capabilities, and a fair-code license, n8n lets you build powerful automations while maintaining full control over your data and deployments. |
| CyberArk Conjur OSS | 8080 | Container | Generated during installation: data/conjur/admin_data |
https://www.conjur.org/ A seamless open source interface to securely authenticate, control and audit non-human access across tools, applications, containers and cloud environments via robust secrets management. |
| LLM Guard | n/a | Used by llm-guard-litellm microservice | n/a | https://github.com/protectai/llm-guard LLM Guard by Protect AI is a comprehensive tool designed to fortify the security of Large Language Models (LLMs). |
| LiteLLM | 4000 | Container | Generated during installation: data/.env.litellm |
https://www.litellm.ai/ LLM Gateway to provide model access, fallbacks and spend tracking across 100+ LLMs. All in the OpenAI format. |
| llm-guard-litellm | 4321 | Container | Generated during installation: data/.env.llm-guard |
llm-guard-litellm https://github.com/quincycheng/llm-guard-litellm LLM-Guard container as LiteLLM custom guardrails |
| PostgreSQL | 5432 | Container | Generated during installation: data/.env.postgres |
https://www.postgresql.org/ |
- Execute
bin/99-destroy.sh
