List for 2025 expands on evolving challenges as new sponsorship program enables OWASP Top 10 for LLMs and Generative AI Project to continue its vital work
WILMINGTON, Del., Nov. 19, 2024 /PRNewswire/ — The OWASP Foundation today announced an update to the OWASP Top 10 for LLM Applications and Generative AI Project. Additionally, the OWASP Top 10 for LLM Apps and GenAI Project announced its sponsorship program that will allow organizations to support the project directly, enabling access to additional funding and resources so the organization can continue to invest in research, guidance and education, thus helping keep the industry adopt AI and generative AI applications more securely.
The updated Top 10 List for LLMs provides a refreshed resource addressing the top 10 risks, vulnerabilities and mitigations for developing and securing generative AI and large language model (LLM) applications across the development, deployment, and management lifecycle. These applications can include static prompt augmented applications, agentic applications, LLM extensions, and complex applications. The list guides developers, security professionals, and organizations as they prioritize their efforts to identify and mitigate critical generative AI application security risks.
Specific changes to the 2025 Top 10 list include:
- A better understanding of existing risks and critical updates on how LLMs are used in real-world applications today. For instance, Unbounded Consumption expands on what was previously Denial of Service to include risks regarding resource management and unexpected costs—a pressing issue in large-scale LLM deployments.
- The Vector and Embeddings entry responds to the community’s requests for guidance on securing Retrieval-Augmented Generation (RAG) and other embedding-based methods, now core practices for grounding model outputs.
- System Prompt Leakage was added to address an area with real-world exploits that the community highly requested. Many applications assumed prompts were securely isolated, but recent incidents have shown that developers cannot safely assume that information in these prompts remains secret.
- Excessive Agency has been expanded, given the increased use of agentic architectures that can give the LLM more autonomy. This entry has become more crucial as we push forward with architectures that ask AI to act more proactively, with less direct human oversight.
The OWASP Foundation (OWASP.org) provides the project with operational resources to support its work, but its resources are limited. By offering sponsorship opportunities for the project, the OWASP Top 10 for LLM and Gen AI Project aims to ensure the project has the resources necessary to empower its large collaborative community to help create and capture the latest research insights and guidance on securing generative AI/LLM applications and the evolving landscape openly and transparently that benefits the industry.
Sponsoring the OWASP Top 10 for LLM and GenAI Project showcases a company’s dedication to improving AI application security, aligning with corporate social responsibility goals and enhancing the organization’s reputation as a thought leader in the industry. This connection allows organizations to showcase their commitment to advancing security practices and innovations while gaining valuable insights into industry trends and challenges. Ultimately, this opportunity reinforces an organization’s role as a leader in shaping a safer digital environment in an evolving landscape.
The inaugural project sponsors include HiddenLayer, Lakera, Lasso Security, Mend.io, Palo Alto Networks, Pangea Security, PromptArmor, Prompt Security, Securiti, Synack, and Snyk. For additional firsthand insight into the program, see quotes from our sponsors.
Organizations interested in sponsoring can visit https://genai.owasp.org/sponsorship/ to learn more and choose from three levels of sponsorship: Gold, Silver or Corporate (for OWASP.org global sponsors). This includes sponsorship levels tailored for startups.
Christina Richmond, principal analyst, Richmond Group, said: “As the rapid adoption of AI continues, businesses encounter a landscape filled with both innovative prospects and emerging security challenges. The community’s ability to rapidly respond to revised risks presented in the new Top 10 for LLM List for 2025 empowers organizations to tackle current threats while building a resilient foundation for secure AI applications. OWASP’s project commitment to these open-source initiatives will play a crucial role in the industry’s ability to securely navigate the complexities of AI technology and foster trust in its application.”
Steve Wilson, project lead for the OWASP Top 10 for LLM Project, said: “The 2023 list was a massive success in raising awareness and building a foundation for secure LLM usage, but we’ve learned so much more since then. In this new 2025 version, we’ve worked with a larger, more diverse group of contributors worldwide who have all helped shape this list. The process involved brainstorming sessions, voting, and real-world feedback from professionals in the thick of today’s LLM application security battles, whether by contributing or refining those entries through feedback. Each voice was critical to making this new release as thorough and practical as possible.”
Scott Clinton, co-project lead for the OWASP Top 10 for LLM Project, said: “Being part of an open-source community means embracing diverse forms of participation and collaboration. We recognize the role our inaugural sponsors play in fostering community growth and sustainability. Their sponsorship, on top of our existing supporters’ commitments and community of expert contributors, not only helps us maintain our commitment to the OWASP Top 10 for LLM and GenAI Project, but also ensures we can continue to provide open and neutral resources, education and guidance to help organizations develop and deploy LLM and generative AI applications more securely.”
About The OWASP Top 10 for LLM Project
The OWASP Top 10 for LLMs and Generative AI security project community-led, industry-neutral, open source project comprises over 500 global cybersecurity experts, data scientists, developers, innovators, IT and security leadership professionals collaborating with organizations like NIST, MITRE, CSA, and ISO. It aims to provide cyber threat research guidance, document top risks and mitigations, and offer actionable solutions for securing the rapidly evolving landscape of LLMs and generative AI. Supported by over 110 companies, the community has grown to more than 5,500 members. More information is available at https://genai.owasp.org/.
About OWASP
The Open Worldwide Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools and technologies in the fields of IoT, system software and web application security. Led by a non-profit called The OWASP Foundation, the OWASP provides free and open resources. The OWASP Top 10 – 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations. The OWASP Foundation, a 501(c)(3) non-profit organization in the U.S. established in 2004 in the U.S., supports the OWASP infrastructure and projects.