OWASP Top 10 for LLM Applications

This document is the latest exciting chapter in the ongoing efforts to enhance security in the rapidly evolving field of artificial intelligence.

Download Now

Frequently Asked Questions

  • What is the OWASP Top 10 for Large Language Models (LLMs)?

    The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security

  • Who is the primary audience for the OWASP Top 10 for LLMs?

    The primary audience is developers, data scientists, and security experts tasked with designing and building applications and plug-ins leveraging LLM technologies.

  • How does the OWASP Top 10 for LLMs relate to other OWASP Top 10 lists?

    While the list shares DNA with vulnerability types found in other OWASP Top 10 lists, it does not simply reiterate these vulnerabilities. Instead, it delves into the unique implications these vulnerabilities have when encountered in applications utilizing LLMs. The goal is to bridge the divide between general application security principles and the specific challenges posed by LLMs.

  • How was the OWASP Top 10 for LLMs created?

    The creation of the OWASP Top 10 for LLMs list was a major undertaking, built on the collective expertise of an international team of nearly 500 experts, with over 125 active contributors. The team brainstormed and proposed potential vulnerabilities, refined these proposals down to a concise list of the ten most critical vulnerabilities, and each vulnerability was then further scrutinized and refined by dedicated sub-teams and subjected to public review.

  • Will the OWASP Top 10 for LLMs be updated in the future?

    Yes, the first version of the list will not be the last. The team expects to update it on a periodic basis to keep pace with the state of the industry. They will be working with the broader community to push the state of the art, and creating more educational materials for a range of uses.