Safeguard
Tag

owasp-llm-top-10

Safeguard articles tagged "owasp-llm-top-10" — guides, analysis, and best practices for software supply chain and application security.

24 articles

Industry Analysis

The emerging role of the AI security engineer

OWASP's 2025 LLM Top 10 ranks prompt injection #1 and calls it structurally unfixable by parameterization — a signal that AppSec skills alone no longer cover the job.

Jul 9, 20267 min read
AI Security

Why traditional AppSec still catches most enterprise AI agent bugs

OWASP's LLM Top 10 names new categories, but most enterprise agent breaches trace back to broken access control and unvalidated input — the classics.

Jul 9, 20266 min read
AI Security

The guardrail gap in low-code agentic AI platforms

Low-code AI builders let business users wire agents to live connectors in minutes — but most ship without per-tool scoping, approval gates, or audit trails.

Jul 9, 20267 min read
AI Security

What is LLM Security

LLM security protects model weights, prompts, outputs, and the AI supply chain from injection, leakage, and compromise—here's what it covers and how to defend it.

Mar 5, 20268 min read
AI Security

What is Prompt Injection

Prompt injection is OWASP's #1 LLM risk. Learn how it works, real CVEs like EchoLeak, and how to detect and defend against it.

Mar 4, 20268 min read
Application Security

Secure Patterns for LLM Output Handling in 2026

LLM02 on the OWASP LLM Top 10 keeps quietly producing incidents because downstream systems trust model outputs they should not. Concrete patterns that hold up.

Mar 4, 20265 min read
AI Security

Direct vs Indirect Prompt Injection

Direct and indirect prompt injection are different attack vectors with different blast radii. Real 2025 CVEs like EchoLeak show why the distinction matters.

Mar 4, 20267 min read
AI Security

What is Training Data Poisoning

Training data poisoning corrupts an ML model's training data to plant hidden backdoors. Learn how it works, real incidents, and how to detect it.

Mar 2, 20266 min read
AI Security

What is Insecure Output Handling in LLMs

Insecure output handling lets LLM-generated text execute code, alter queries, or render unsanitized HTML — a real, exploitable OWASP LLM05:2025 risk.

Mar 2, 20267 min read
AI Security

What is Sensitive Information Disclosure in LLMs

LLM sensitive information disclosure leaks training data, prompts, and secrets through model outputs. Real incidents, causes, and defenses explained.

Mar 1, 20266 min read
AI Security

Prompt Injection Defense Architectures in 2026

Prompt injection remains the LLM01 entry on the OWASP LLM Top 10 for a reason. A pragmatic look at the defense architectures that hold up in production this year.

Feb 11, 20265 min read
AI Security

Explaining prompt injection attacks and why they're hard ...

Prompt injection attacks trick AI models into obeying attacker instructions hidden in data or user input, and there's still no complete fix.

Dec 8, 20257 min read
owasp-llm-top-10 — Safeguard Blog