Watch the GenAI Security Project’s – Agentic AI Security Summit, Europe from London

|

WATCH THE RECORDING !

OWASP Reveals Updated 2025 Top 10 Risks for LLMs, Announces New LLM Project Sponsorship Program and Inaugural Sponsors

List for 2025 expands on evolving challenges as new sponsorship program enables OWASP Top 10 for LLMs and Generative AI Project to continue its vital work 

WILMINGTON, Del. — Nov. 19, 2024 — The OWASP Foundation today announced an update to the OWASP Top 10 for LLM Applications and Generative AI Project. Additionally, the OWASP Top 10 for LLM Apps and GenAI Project announced its sponsorship program that will allow organizations to support the project directly, enabling access to additional funding and resources so the organization can continue to invest in research, guidance, and education, thus helping keep the industry adopt AI, and generative AI applications more securely.   

The updated Top 10 List for LLMs provides a refreshed resource addressing the top 10 risks, vulnerabilities and mitigations for developing and securing generative AI and large language model (LLM) applications across the development, deployment, and management lifecycle. These applications can include static prompt augmented applications, agentic applications, LLM extensions, and complex applications. The list guides developers, security professionals, and organizations as they prioritize their efforts to identify and mitigate critical generative AI application security risks.

Specific changes to the 2025 Top 10 list include: 

  • A better understanding of existing risks and critical updates on how LLMs are used in real-world applications today. For instance, Unbounded Consumption expands on what was previously Denial of Service to include risks regarding resource management and unexpected costs—a pressing issue in large-scale LLM deployments. 
  • The Vector and Embeddings entry responds to the community’s requests for guidance on securing Retrieval-Augmented Generation (RAG) and other embedding-based methods, now core practices for grounding model outputs. 
  • System Prompt Leakage was added to address an area with real-world exploits that the community highly requested. Many applications assumed prompts were securely isolated, but recent incidents have shown that developers cannot safely assume that information in these prompts remains secret. 
  • Excessive Agency has been expanded, given the increased use of agentic architectures that can give the LLM more autonomy. This entry has become more crucial as we push forward with architectures that ask AI to act more proactively, with less direct human oversight. 

The OWASP Foundation (OWASP.org) provides the project with operational resources to support the project, but they are limited. By offering sponsorship opportunities for the project, the OWASP Top 10 for LLM and Gen AI Project aims to ensure the project has the resources necessary to empower its large collaborative community with the resources to help create and capture the latest research insights and guidance on securing generative AI/LLM applications and the evolving landscape openly and transparently that benefits the industry. 

Sponsoring the OWASP Top 10 for LLM and GenAI Project showcases a company’s dedication to improving AI application security, aligning with corporate social responsibility goals and enhancing the organization’s reputation as a thought leader in the industry. This connection allows organizations to showcase their commitment to advancing security practices and innovations while gaining valuable insights into industry trends and challenges. Ultimately, this opportunity reinforces an organization’s role as a leader in shaping a safer digital environment in an evolving landscape.

The inaugural project sponsors include HiddenLayer, Lakera, Lasso Security, Mend.io, Palo Alto Networks, Pangea Security, PromptArmor, Prompt Security, Securiti, Synack, and Snyk. For additional first hand insight into the program, see quotes from our sponsors below.

Organizations interested in sponsoring can visit https://genai.owasp.org/sponsorship/ to learn more and choose from three levels of sponsorship: Gold, Silver or Corporate (for OWASP.org global sponsors). This includes sponsorship levels tailored for startups.  

Christina Richmond, principal analyst, Richmond Group, said: “As the rapid adoption of AI continues, businesses encounter a landscape filled with both innovative prospects and emerging security challenges. The community’s ability to rapidly respond to revised risks presented in the new Top 10 for LLM List for 2025 empowers organizations to tackle current threats while building a resilient foundation for secure AI applications. OWASP’s project commitment to these open-source initiatives will play a crucial role in the industry’s ability to securely navigate the complexities of AI technology and foster trust in its application.” 

Steve Wilson, project lead for the OWASP Top 10 for LLM Project, said: “The 2023 list was a massive success in raising awareness and building a foundation for secure LLM usage, but we’ve learned so much more since then. In this new 2025 version, we’ve worked with a larger, more diverse group of contributors worldwide who have all helped shape this list. The process involved brainstorming sessions, voting, and real-world feedback from professionals in the thick of today’s LLM application security battles, whether by contributing or refining those entries through feedback. Each voice was critical to making this new release as thorough and practical as possible.”  

Scott Clinton, co-project lead for the OWASP Top 10 for LLM Project, said: “Being part of an open-source community means embracing diverse forms of participation and collaboration. We recognize the role our inaugural sponsors play in fostering community growth and sustainability. Their sponsorship, on top of our existing supporters’ commitments and community of expert contributors,  not only helps us maintain our commitment to the OWASP Top 10 for LLM and GenAI Project, but also ensures we can continue to provide open and neutral resources, education and guidance to help organizations develop and deploy LLM and generative AI applications more securely.”

From our Sponsors

Palo Alto Networks: “Generative AI is transforming industries at an unprecedented rate, but with that innovation comes new security challenges. The OWASP Top 10 for LLM project helps ensure that businesses are not only prepared for today’s threats but are future-ready, with a strong foundation to handle tomorrow’s AI-driven vulnerabilities.” – Rich Campagna, SVP, Product Management, NextGen Firewall – Palo Alto Networks

Securiti AI: The 2025 OWASP Top 10 for LLMs effectively debunks the misconception that securing GenAI is solely about protecting the model or analyzing prompts. The research offers valuable insights into how data flows through the entire application, highlighting where vulnerabilities can arise. To truly safeguard AI systems, security must be enforced at every step in the data and AI pipeline, from the source data to user interactions within the app. A comprehensive, system-level security approach is essential to mitigate risks and build trust in AI,” said Rehan Jalil, CEO of Securiti AI.

HiddenLayer: “HiddenLayer is proud to partner with OWASP, a leader in advancing security for AI. Their focus on tackling the biggest risks to LLMs supports our mission to secure AI and accelerate trust in these transformative technologies. Through our collaboration, we aim to advance progress in education, research, and industry standards.” — Chris Sestito, CEO and Co-Founder, HiddenLayer

Lasso Security: “We’re proud to sponsor and contribute to the OWASP LLM Top 10 project, a pioneering collaboration to establish essential security standards for confident Generative AI adoption, providing actionable insights to address emerging risks in LLMs. This initiative reflects Lasso’s commitment to advancing GenAI solutions that address security vulnerabilities in the latest LLM applications.”

PromptArmor: “PromptArmor is proud to contribute our novel threat intelligence on AI risks to the OWASP Top 10 for LLMs project, and is excited to sponsor the project’s mission to create a universal, up-to-date standard by which to think about AI Application Risks.”

Prompt Security: “The OWASP Top 10 for LLMs has become an indispensable resource for organizations addressing the challenges of Generative AI threats. As the project continues to evolve, it provides vital guidance to help organizations stay ahead in this rapidly shifting landscape. At Prompt Security, we’re proud to have supported this initiative from the start and are excited to deepen our commitment as an official sponsor.¨ , Itamar Golan, CEO & Co-founder of Prompt Security

Synk: “Snyk is proud to sponsor these latest OWASP findings that ultimately help to advance a shared mission to secure AI-generated code. Together, we’re ensuring the world’s developers have expert-accurate, effortless guardrails in order to reap the productivity benefits of the GenAI era with security also remaining top of mind.” – Snyk

Synack: “The OWASP Top 10 for LLM project has been a critical resource for ethical hackers seeking to deepen their understanding of emerging AI risks. OWASP’s new guidance and resources will benefit the security research community and help CISOs find actionable solutions to new vulnerabilities. Synack is proud to support this important initiative.” – Ryan Rutan, Synack Red Team Community Director

About The OWASP Top 10 for LLM Project

The OWASP Top 10 for LLMs and Generative AI security project community-led, industry-neutral, open source project comprises over 500 global cybersecurity experts, data scientists, developers, innovators, IT and security leadership professionals collaborating with organizations like NIST, MITRE, CSA, and ISO. It aims to provide cyber threat research guidance, document top risks and mitigations, and offer actionable solutions for securing the rapidly evolving landscape of LLMs and generative AI. Supported by over 110 companies, the community has grown to more than 5,500 members. More information is available at https://genai.owasp.org/.

About OWASP 

The Open Worldwide Application Security Project (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools and technologies in the fields of IoT, system software and web application security. Led by a non-profit called The OWASP Foundation, the OWASP provides free and open resources. The OWASP Top 10 – 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations. The OWASP Foundation, a 501(c)(3) non-profit organization in the U.S. established in 2004 in the U.S., supports the OWASP infrastructure and projects. 

  

Media Contact 

Tanner Skotnicki 

Force4 Technology Communications  

tanner@force4.co  

Related Blogs

OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top