NEW!

LLM and Gen AI Data Security Best Practices Guide

Gen AI and LLMs require strong data security to prevent breaches and meet regulations. This paper covers best practices in protection, privacy, and threat mitigation.

Download

NEW!

UK AI Cyber Security Code cites several project resources, guidance.

Learn how OWASP Top 10 for LLM and Generative AI Security guidance and resources provide a supporting foundation for the new UK AI Security Code of Practice and implementation guide.

Learn More

ANNOUNCEMENT!

OWASP Gen AI Red Teaming Guide Now Available!

This New guide provides key insights and practical framework into GenAI Red Teaming for cybersecurity professionals, AI/ML engineers, researchers & practitioners.

Learn More Download

Join us @ RSAC 2025 This Year

OWASP LLM & Gen AI Security Summit 2025, April 30th

Join us for the 2nd annual OWASP LLM & Gen AI Security Summit on Wednesday, April 30th, 8:30 AM - 1:00 PM. Explore key topics like the 2025 Top 10, Securing Agentic Apps, Gen AI Data, Applied AI Red Teaming, AI Governance, and more.

Share your email - and we'll keep you updated.

Learn More

UPDATED LIST FOR Q1, 2025, NEW CHEAT SHEETS

Explore The 2025 AI Security Solutions Landscape

The AI Security Landscape maps risks from the LLM Top 10, LLMSecOps, and solutions for securing GenAI apps throughout the LLMSecOps lifecycle.

Learn More

GET INVOLVED

Research Initiative: Agentic Application Security

The Agentic Security Research Initiative examines the security impacts of agentic systems using advanced frameworks (e.g., LangGraph, AutoGPT) and features like Llama 3's agentic capabilities.

Learn More

ANNOUNCEMENT!

OWASP Unveils 2025 LLM Top 10 Risks, Sponsorship Program & Inaugural Sponsors

The updated 2025 LLM Top 10 highlights risks like Unbounded Consumption, Vector/Embedding RAG guidance, System Prompt Leakage, and more.

Learn More

ANNOUNCEMENT!

LLM Top 10 Project Expands Focus and Publishes New AI Security Guidance

Announcement introduces new initiatives for AI Threat Intelligence, Secure AI Adoption, AI Security Landscape, DeepFake response guidance, and an AI Security Center of Excellence.

Learn More

NEW!

Deepfake Threat Preparation and Response Guidance

The OWASP LLM Top 10 team announces the release of a comprehensive guide for mitigating and responding to deepfake risks.

Learn More Download Now

NEW!

AI Security Center of Excellence Guide

Establishing a Generative AI Security COE is essential. This document offers a best practices framework for teams, including cross-functional OKRs and KPIs, to streamline implementation.

Download Now
Join the Newsletter

Introduction

Businesses, eager to harness the potential of LLMs and Generative AI are rapidly integrating them into their operations and client facing offerings. Yet, the breakneck speed at which LLMs are being adopted and the rapid evolution of Gen AI application architectures (e.g. RAG, agentic apps) have outpaced the establishment of comprehensive security and risk management protocols, leaving many applications and their organizations vulnerable to high-risk issues.

Who is it for?

Our primary audiences include technology and business leaders, developers, data scientists, and security experts tasked with developing, building and managing the security risks of applications leveraging LLM  and Generative AI technologies.

Affiliated Standards Organizations and Projects

NIST_logo.svg
ENISA_logo
ncsc
CEN-CENELEC.thumb.png.efabe09d2e7fbd7c64b2cef7ea5a7182
5bfdce88cd3820f7c5c21e02_mitre
1712241004772
large_blob
openssf-open-source-security-foundation-logo-648066AA6E-seeklogo.com
iso-1-logo-png-transparent
Linux_Foundation_logo

Explore the Top 10 for 2025

Creating the OWASP Top 10 for LLM Applications list is a significant undertaking, built on the collective expertise of an international team of  more than 500 experts and over 150 active contributors. Our contributors come from diverse backgrounds, including AI companies, security companies, ISVs, cloud hyperscalers, hardware providers, and academia.

View the Top 10 for LLMs 2023-24.

Explore

What The Industry Is Saying

“‘The OWASP Guide to Preparing and Responding to Deepfake Events’ very clearly outlines the current threats and guidance on how to deal with some specific events. This guide acts as. . . .

  • - Henry Patishman, Executive Vice President for Identity Verification Solutions,
  • Regula

“PromptArmor is proud to contribute our novel threat intelligence on AI risks to the OWASP Top 10 for LLMs project, and is excited to sponsor the project’s mission to create. . . .

  • PromptArmor

“The 2025 OWASP Top 10 for LLMs effectively debunks the misconception that securing GenAI is solely about protecting the model or analyzing prompts. The research offers valuable insights into how. . . .

  • - Rehan Jalil, CEO,
  • Securiti AI

The unique value of this project lies in its systematic organization of threats and clear definition of necessary solutions across the LLM Ops lifecycle, particularly significant in today’s emerging GenAI. . . .

  • NRI Secure

“OWASP’s AI Security Solutions Landscape is a landmark guide for security professionals. It outlines key risks and critical controls for securing LLMs and Generative AI applications, while highlighting the innovative. . . .

  • - Gilad Elyashar, Chief Product Officer,
  • Aqua Security

Frequently Asked Questions

What is the OWASP Top 10 for Large Language Models (LLM)?

The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security

Who is the Primary Audience for The Top 10 for LLMs?

The primary audience is developers, data scientists, and security experts tasked with designing and building applications and plug-ins leveraging LLM technologies.

How Does the Top 10 for LLMs Relate to Other Top 10 Lists?

While the list shares DNA with vulnerability types found in other OWASP Top 10 lists, it does not simply reiterate these vulnerabilities. Instead, it delves into the unique implications these vulnerabilities have when encountered in applications utilizing LLMs. The goal is to bridge the divide between general application security principles and the specific challenges posed by LLMs

How Was The Top 10 for LLMs Created?

The creation of the OWASP Top 10 for LLMs list was a major undertaking, built on the collective expertise of an international team of nearly 500 experts, with over 125 active contributors. The team brainstormed and proposed potential vulnerabilities, refined these proposals down to a concise list of the ten most critical vulnerabilities, and each vulnerability was then further scrutinized and refined by dedicated sub-teams and subjected to public review.

Will the OWASP Top 10 for LLMs be Updated in the Future?

Yes, the first version of the list will not be the last. The team expects to update it on a periodic basis to keep pace with the state of the industry. They will be working with the broader community to push the state of the art, and creating more educational materials for a range of uses.

Announcements

OWASP AI Security Guidelines offer a supporting foundation for new UK government AI Security Guidelines
  • January 31, 2025

Announcing the OWASP Gen AI Red Teaming Guide
  • January 22, 2025

Announcing the OWASP LLM and Gen AI Security Project Initiative for Securing Agentic Applications
  • December 15, 2024

OWASP Reveals Updated 2025 Top 10 Risks for LLMs, Announces New LLM Project Sponsorship Program and Inaugural Sponsors
  • November 17, 2024

In the News

OWASP Top 10 Risks for Large Language Models: 2025 updates

  • Barracuda Networks
  • 2024-11-20
  • Blog

OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs

  • Infosecurity Magazine
  • 2024-11-20
  • James Coker

OWASP Top 10 for LLM and new tooling guidance targets GenAl security

  • Reversing Labs
  • 2024-11-14
  • John P. Mello Jr

OWASP Releases AI Security Resources

  • Security Boulevard
  • 2024-11-08
  • Juan Perez
More News

Events

  • In-Person
  • Feb
  • 11
  • Feb
  • 13

Developerweek 2025

Join us at developerweek 2025, drop by our sessions.
  • In-Person
  • Apr
  • 28
  • May
  • 1

RSA Conference 2025

Join our project again this year at RSAC in San Francisco as once again host again this year the OWASP Gen AI Security Summit.
  • In-Person
  • Sep
  • 21
  • Sep
  • 22

InfoSec World 2024

InfoSec World is the leading cybersecurity conference for security practitioners and executives. Now in its 30th year, InfoSec World has been known as the “Business of Security” conference—featuring expert insights,…
  • In-Person
  • Sep
  • 10
  • Sep
  • 12

Cloud Security Alliance – SECtember.AI

The mission of SECtember, CSA’s annual flagship event, is to change the way the cloud and cybersecurity industry meets. In honor of this vision and in light of the most…
More Events

Project Sponsors

100+ Supporting Organizations

All Sponsors and Supporters
OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top