How to make LLMs a defensive advantage without creating a new attack surface

LLMs are being used in security in three ways: as productivity tools for analysts, as embedded components in security products, and as targets for attackers to manipulate or steal. The same capabilities that help security teams (like summarizing incidents or drafting detection logic) can also enable attackers to create convincing phishing emails or extract sensitive information if the LLM is poorly integrated. To use LLMs defensively without creating new vulnerabilities, security teams should treat LLM output as untrusted, start with narrow, easy-to-verify use cases, and design systems with three layers of constraints: limited model capabilities, restricted data access, and human approval for any actions that change system state.