Home

6 min read Original article ↗

Identifying and tackling the risks of Gen AI systems and applications

OWASP GenAI Security Project

A global community-driven and expert led initiative to create freely available open source guidance and resources for understanding and mitigating security and safety concerns for Generative AI  applications and adoption.

AI Cybersecurity Publications

+

What’s New

State of Agentic AI Security and Governance 2.01

The State of Agentic AI Security and Governance provides a comprehensive view of today’s landscape for securing and governing autonomous AI systems. It explores the frameworks,

AIUC-1: Crosswalks OWASP Top 10 For Agentic Applications

The AIUC-1 Crosswalk of the OWASP Top 10 for Agentic Applications provides a bidirectional mapping between AIUC-1 requirements and the OWASP Agentic Security Initiative’s Top 10

AI Security Solutions Landscape For AI and Agentic Red Teaming Q2 2026

As organizations increasingly deploy generative AI and autonomous agents into business-critical workflows, traditional application security practices are no longer sufficient. AI systems introduce new classes of

Memory Is a Feature. It Is Also an Attack Surface

As co-lead of OWASP ASI06: Memory & Context Poisoning entry as part of OWASP Top 10 for Agentic Applications , I have spent a lot of

FinBot CTF Is Live: A Hands-On Companion to the OWASP GenAI Security Project

FinBot is a hands-on companion to the OWASP GenAI Security Project, offering an interactive Capture-The-Flag environment built around a simulated financial services application. Designed as the

OWASP GenAI Exploit Round-up Report Q1 2026

OWASP GenAI Exploit Round-up Report Q1 2026 Coverage period: January 1, 2026 through April 11, 2026 Overview For the last two years the OWASP GenAI Security

OWASP Gen AI Security Summit, London at Infosec Europe

Join the OWASP GenAI Security Project for a half-day summit on Thursday 4th June at Infosecurity Europe 2026, where global project leaders, industry practitioners and regulatory

Gen AI Project Application Security & Risk Virtual Summit

Generative and agentic AI are transforming how applications are built, deployed and operated but they are also expanding the attack surface in ways traditional AppSec programs

OWASP GenAI Security Summit at RSAC 2026 Conference

Join us Again This Year at the RSAC 2026 Conference, in San Francisco March 23rd – 26th 4 Opportunities to Learn and Connect !! Once again

OWASP Top 10 Risks for Large Language Models: 2025 updates

OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs

OWASP Top 10 for LLM and new tooling guidance targets GenAl security

Be in the know! Join the Newsletter.

Get updates on tools, threat intel, community heighlights, and new initiatives – straight to your inbox.

Affiliated Standards Organizations and Projects

Our Initiatives

Data Security

Protects training and retrieval data from leaks and tampering.

What the Industry is saying

The OWASP Guide to Preparing and Responding to Deepfake Events’ very clearly outlines the current threats and guidance on how to deal with some specific events. This guide acts as. . .

Henry Patishman

Henry PatishmanExecutive Vice President for Identity Verification Solutions, Regula

Generative AI is transforming industries at an unprecedented rate, but with that innovation comes new security challenges. The OWASP Top 10 for LLM project helps ensure that businesses are not. . . .

Rich Campagna, SVP

Rich Campagna, SVPProduct Management, NextGen Firewall, Palo Alto Networks

The OWASP Top 10 for LLMs has become an indispensable resource for organizations addressing the challenges of Generative AI threats. As the project continues to evolve, it provides vital guidance. . . .

Itamar Golan

Itamar GolanCEO & Co-founder of Prompt Security

We’re proud to sponsor and contribute to the OWASP LLM Top 10 project, a pioneering collaboration to establish essential security standards for confident Generative AI adoption, providing actionable insights to. . . .

Lasso Security

Snyk is proud to sponsor these latest OWASP findings that ultimately help to advance a shared mission to secure AI-generated code. Together, we’re ensuring the world’s developers have expert-accurate, effortless. . . .

Snyk

HiddenLayer is proud to partner with OWASP, a leader in advancing security for AI. Their focus on tackling the biggest risks to LLMs supports our mission to secure AI and. . . .

Chris SestitoCEO and Co-Founder, HiddenLayer

PromptArmor is proud to contribute our novel threat intelligence on AI risks to the OWASP Top 10 for LLMs project, and is excited to sponsor the project’s mission to create. . . .

PromptArmor

The 2025 OWASP Top 10 for LLMs effectively debunks the misconception that securing GenAI is solely about protecting the model or analyzing prompts. The research offers valuable insights into how. . . .

Rehan JalilCEO, Securiti AI

The unique value of this project lies in its systematic organization of threats and clear definition of necessary solutions across the LLM Ops lifecycle, particularly significant in today’s emerging GenAI. . . .

NRI Secure

OWASP’s AI Security Solutions Landscape is a landmark guide for security professionals. It outlines key risks and critical controls for securing LLMs and Generative AI applications, while highlighting the innovative. . . .

Gilad ElyasharChief Product Officer, Aqua Security

OWASP Gen AI Security Project Sponsors

GenAI-SecurityProject-SponsorBadgeGOLD-Rectangular

GenAI-SecurityProject-SponsorBadgeGOLD-Rectangular-white

Events

  • Jun
  • 2
  • 8:00 AM PDT
  • Jun
  • 4
  • 4:30 PM PDT
  • In-Person, Featured

OWASP Gen AI Security Summit, London at Infosec Europe

Join the OWASP GenAI Security Project for a half-day summit on Thursday 4th June at Infosecurity Europe 2026, where global project leaders, industry practitioners and regulatory experts will present

  • May
  • 27
  • 8:00 AM PDT
  • May
  • 27
  • 1:00 PM PDT
  • Virtual

Gen AI Project Application Security & Risk Virtual Summit

Generative and agentic AI are transforming how applications are built, deployed and operated but they are also expanding the attack surface in ways traditional AppSec programs were never designed

  • Mar
  • 25
  • 8:00 AM PDT
  • Mar
  • 25
  • 1:15 PM PDT
  • In-Person, Featured

OWASP GenAI Security Summit at RSAC 2026 Conference

Join us Again This Year at the RSAC 2026 Conference, in San Francisco March 23rd – 26th 4 Opportunities to Learn and Connect !! Once again we are back

  • Dec
  • 10
  • 2:00 PM PST
  • Dec
  • 10
  • 7:00 PM PST
  • In-Person

GenAI Security Project, Agentic AI Summit, Europe

Hosted by the OWASP GenAI Security Project, December 10, 2025 — London, UK The Agentic AI Security Summit – Europe, organized by the OWASP GenAI Security Project, is a

100+ Supporting Organizations