July 21, 2023

Episode 6: OWASP's Top 10 Vulnerability Classes For LLMs

1 hour 8 minutes

In this episode, we go through OWASP's recently released list of vulnerability classes for LLMs. The list includes:

Prompt injections

Data leakage

Inadequate sandboxing

Unauthorized code execution

SSRF vulnerabilities

Overreliance on LLM-generated content

Inadequate AI alignment

Insufficient access controls

Improper error handling

Training data poisoning

We note that while some of the items on this list are definitely worth mentioning, others feel a bit more disconnected from the topic of cybersecurity and likely can't be solved through technical means.

Reference: Rich Harang's twitter thread on the subject.

...more

View all episodes

By Natalie Pistunovich & Ivan Kwiatkowski

July 21, 2023

Episode 6: OWASP's Top 10 Vulnerability Classes For LLMs

1 hour 8 minutes

In this episode, we go through OWASP's recently released list of vulnerability classes for LLMs. The list includes:

Prompt injections

Data leakage

Inadequate sandboxing

Unauthorized code execution

SSRF vulnerabilities

Overreliance on LLM-generated content

Inadequate AI alignment

Insufficient access controls

Improper error handling

Training data poisoning

Reference: Rich Harang's twitter thread on the subject.

...more

Share Episode 6: OWASP's Top 10 Vulnerability Classes For LLMs

Sign up to save your podcasts

Episode 6: OWASP's Top 10 Vulnerability Classes For LLMs

Episode 6: OWASP's Top 10 Vulnerability Classes For LLMs