Explained: The OWASP Top 10 for Large Language Model Applications

preview_player
Показать описание

Large Language Models (LLMs), like any new technology, are subject to the risk that "malicious actors" will abuse it for financial or other gain by attempting to circumvent built-in security measures. The well-known Open Worldwide Application Security Project or OWASP project has recently published their list of top 10 security risks for LLMs. In this video, IBM Distinguished Engineer Jeff Crume explains a subset of them and what you can do to protect you and your users.

00:00 - What is the OWASP Top 10 for LLMs?
01:25 - Prompt Injection (Direct)
03:37 - Prompt Injection (Indirect)
06:43 - Insecure Output Handling
08:55 - Training Data
11:46 - Over Reliance
  1. IBM Technology
  2. IBM
  3. IBM Cloud
Рекомендации по теме
Explained: The OWASP 0:14:22

Explained: The OWASP Top 10 for Large Language Model Applications

OWASP Top 10 0:08:51

OWASP Top 10 2021 - The List and How You Should Use It

OWASP TOP 10 0:07:02

OWASP TOP 10 - EXPLAINED WITH EXAMPLES - 2024

OWASP Top 10 0:14:58

OWASP Top 10 Web Application Security Risks

OWASP TOP 10 0:27:54

OWASP TOP 10 Introduction - Explained with examples (2024 edition)

OWASP Top 10 0:18:44

OWASP Top 10 in 10 Min! (Kinda)

What is the 0:14:34

What is the OWASP Top 10? | AppSec 101

2021 OWASP Top 0:08:57

2021 OWASP Top Ten Overview

Live Bug Bounty 0:37:29

Live Bug Bounty Hacking Workflow

IT Security Tutorial 0:05:11

IT Security Tutorial - The OWASP Top 10

OWASP Mobile Top 2:07:25

OWASP Mobile Top 10 Risks (2024) | Detailed Explaination with Examples | Payatu

What is the 0:01:11

What is the OWASP Top 10?

OWASP Top 10 0:14:56

OWASP Top 10 Explained

OWASP API Security 1:27:01

OWASP API Security Top 10 Course – Secure Your Web Apps

OWASP Top 10 0:17:22

OWASP Top 10 Vulnerabilities in Hindi

OWASP Top 10: 0:36:47

OWASP Top 10: Injection - Detailed Explanation with Real-World Examples

OWASP Top 10 0:01:39

OWASP Top 10 Explained with Examples (2023)

OWASP Top 10 0:12:25

OWASP Top 10 Vulnerabilities. All discussed in details with examples 💥

OWASP Top 10 0:13:33

OWASP Top 10 2021 Explained | Web Application Vulnerabilities

TOP 10 OWASP 0:15:04

TOP 10 OWASP Vulnerabilities Explained with Examples (Part I)

2021 OWASP Top 0:11:48

2021 OWASP Top Ten: Injection

Top 10 Web 0:19:57

Top 10 Web App Security Vulnerabilities 2021 | OWASP Top 10 Web Application Security Risks 2021

OWASP TOP 10 0:07:55

OWASP TOP 10 Introduction - Detailed Explanation with Real-World Examples

Web Application Security 0:41:16

Web Application Security and OWASP - Top 10 Security Flaws with Examples

Комментарии
Автор

Great information. Can you please do remaining owasp 10 for LLM ?

ishwaryanarayan
Автор

I know many companies, using A.I to generate letters or emails, that most likely hold some personal, or sensitive information, that don't realize that this is even possible. I'm glad I watch these videos, so I myself know the dangers that the future of A.I holds in these situations. Thank you.

letsgoo
Автор

Wow, l like video series, this is new technology Netflix

pankajoctdogra
Автор

Very good session on the 3 of the Top 10. Where can I listen to the remaining?

rsharma
Автор

Your example about training data isn't actually about "training" data, since the LLM is already trained and just pulling in poisoned data at run-time. Otherwise, very good stuff...

christopherpetersen
Автор

Terrific content but I'd like to suggest a change in the title to "Top 3 plus Bonus!" What happened to the other 7?

tombesore
Автор

There's always somebody that's going to come in and gum up the works 🙃

Matinirx
Автор

"LLM is NOT a trusted user"... ouch

bastabey
Автор

If I could, I'd give two 👍
Easy to understand and precise.
Thank you.

tgau