Determining the impact of a documented CVE on a specific project or container is a labor-intensive and manual task. This intricate process involves the collection, comprehension, and synthesis of various pieces of information to ascertain whether immediate remediation, such as patching, is necessary upon the identification of a new CVE.
Our team developed a cybersecurity vulnerability analysis tool to aid in assessing the exploitability of CVEs in specific projects and containers. This tutorial will guide you step-by-step through the process of using LLMs, Retrieval-Augmented Generation (RAG), and agents to create both a toy version and a microservice running LLM-powered CVE exploitability analysis.
To run this example, you will need to have the access to build.nvidia.com and API credits to access the hosted LLMs. These are necessary to support running LLMs which are the focus of the Cyber Developer Day.
You will also need to have a Morpheus 24.03 docker container built and present in the environment.
To access the NVIDIA hosted Inference Service, you will need to have the following environment variables set: OPENAI_API_KEY. To obtain the API key, please visit the NVIDIA website for instructions on generating your API key.
It's important to note here that although we store the NGC API Key under the OPENAI_API_KEY variable, we will be interacting with NVIDIA hosted LLMs and not OpenAI LLMs.
NVIDIA NIMs are OpenAI API compliant to maximize usability, so we will be using the openai with package as a wrapped to make API calls.
This notebook has originally been designed to run with the NVIDIA AI Enterprise Morpheus container from NGC:
nvcr.io/nvidia/morpheus/morpheus:v24.03.02-runtimeIf you do not have access to NVIDIA AI Enterprise containers, you can follow instructions to build from source at the Morpheus Repository.
If you are using a Morpheus version that is not v24.03.02-runtime, please update the version argument in the docker-compose.yml file as follows:
args:
- MORPHEUS_CONTAINER=${MORPHEUS_CONTAINER:-nvcr.io/nvidia/morpheus/morpheus}
- MORPHEUS_CONTAINER_VERSION=${MORPHEUS_CONTAINER_VERSION:-v24.03.02-runtime}To automatically use these API keys, you can set the OPENAI_API_KEY value in the docker-compose.yml file in this directory as follows:
environment:
- TERM=${TERM:-}
# Workaround until this is working: https://github.com/docker/compose/issues/9181#issuecomment-1996016211
- OPENAI_API_KEY=<BUILD_NV_API_KEY>
# Overwrite any environment variables in the .env file with URLs needed in the network
- OPENAI_API_BASE=https://integrate.api.nvidia.com/v1
- OPENAI_BASE_URL=https://integrate.api.nvidia.com/v1If you do not have Git LFS installed, install it using instructions at this link.
Run the following command from inside this repository's directory to pull down large files using Git LFS.
git lfs pullYou can build the required containers to run the workflow by running the following command in your terminal from this directory.
docker compose build cyber-dev-dayThe Cyber Developer Day content is designed to be run using the docker compose command. The main entry point is the cyber-dev-day container, which is built in the previous step. This container launches a JupyterLab server with the necessary environment variables set to access the NeMo Inference Service and NVIDIA AI Foundation Models API. From there, the pipelines and all content can be run from JupyterLab.
To run the Cyber Developer Day content, use the following command:
docker compose up cyber-dev-dayOnce launched, you should see a link in the output to connect to the JupyterLab server. Open this link in your web browser to access the content. For example:
cyber-dev-day-1 | To access the server, open this file in a browser:
cyber-dev-day-1 | file:///root/.local/share/jupyter/runtime/jpserver-7-open.html
cyber-dev-day-1 | Or copy and paste one of these URLs:
cyber-dev-day-1 | http://localhost:8888/lab?token=a2d7504f70a2f5407236be5897ee266dc24bf19b01c222bc
cyber-dev-day-1 | http://127.0.0.1:8888/lab?token=a2d7504f70a2f5407236be5897ee266dc24bf19b01c222bc
Once connected to the JupyterLab server, you can navigate to the notebooks directory and open the cyber-dev-day.ipynb Notebook. The notebook contains the instructions and all of the necessary content to run the Cyber Developer Day.
To stop the container, use the following command:
docker compose down