appsec.fyi · Sources

genai.owasp.org

5 curated AppSec resources from genai.owasp.org across 2 topics on appsec.fyi.

genai.owasp.org

Resources curated from this publisher and indexed across appsec.fyi topic pages. Last item added: 2026-04-11.

AI 3 Talks 2
Date Added Resource Excerpt
2026-04-11 2026OWASP Top 10 for LLM Applications 2025AIOWASP Top 10 for LLM Applications 2025
2026-04-11 2026OWASP GenAI Top 10 Risks and Mitigations for Agentic AI SecurityAILibrary defining the OWASP Top 10 for Agentic Applications, a comprehensive resource for identifying and mitigating risks associated with autonomous AI agents. Developed through input from over 100 industry leaders, it highlights threats such as Agent Behavior Hijacking, Tool Misuse and Exploitation, and Identity and Privilege Abuse. This framework complements existing OWASP GenAI resources, offering practical, actionable guidance grounded in real-world attacks and mitigations to promote the secure development and deployment of generative AI systems.
2026-04-10 2026OWASP Global AppSec EU 2025 - GenAI FocusTalksConference of cybersecurity experts focusing on Generative AI security, featuring the OWASP GenAI Security Project. Sessions will cover secure AI adoption, incident response, risks of autonomous AI agents, and scaling community-driven security initiatives. Specific topics include Agentic Security Risks and general GenAI project business tactics.
2026-04-10 2026OWASP Global AppSec USA 2025 (Washington DC)TalksConference proceedings from OWASP Global AppSec USA 2025 in Washington D.C. cover application security through six curated tracks: builder/developer, breaker, defender, manager-culture, and OWASP Projects. The event features keynote speakers, interactive sessions, and opportunities for networking among over 800 security experts.
2026-04-03 2026LLM01:2025 Prompt Injection | OWASP Gen AI SecurityAIReference detailing LLM01:2025 Prompt Injection, a vulnerability where user prompts unintendedly alter Large Language Model behavior. The OWASP Gen AI Security resource covers direct and indirect injections, including scenarios like CVE-2024-5184 exploitation in email assistants and multimodal attacks. It outlines mitigation strategies such as constraining model behavior, input/output filtering, and adversarial testing, emphasizing that while prevention is challenging, impact reduction is achievable.