LLM Apps Top 10 Bi-Weekly Project Meetings

This meeting covers updates on OWASP’s GenAI Security Project, including improvements to the website for easier contributor onboarding, global events like the upcoming UAE hackathon, and plans for the OWASP virtual AppSec Security Summit in October. Other highlights include new tools, the CTI team’s Exploit Generation initiative, and the launch of the Deepfake Guide revision project. The session also welcomes new members and provides pointers on how to get involved with the project across various initiatives like Agentic AI, LLM security, and red teaming.

This meeting provides updates on OWASP’s GenAI Security Project, including highlights from Black Hat and DEF CON events, the launch of new tools like the FinBot CTF platform, and progress on important resources such as the GenAI Solutions Landscape and Agentic AI initiatives. The discussion also covers community engagement, growth metrics, and upcoming plans for the OWASP virtual conference in October. Participants share insights on onboarding contributors and continuing to scale AI security efforts globally.

This meeting covers key updates on OWASP’s AI security initiatives, including agent architecture, threat mitigation, and practical resources for securing AI systems. We discuss upcoming events at Black Hat and DEF CON, recent releases like the GenAI Solutions Landscape, and progress on AI security guidelines and frameworks. Participants also explore ways to contribute to the community and advance AI-driven security practices.

In this episode of the OWASP Generative AI Security Project podcast, we dive into exciting updates and advancements in AI security. From the upcoming OWASP Compass launch to Black Hat and DEFCON preparations, this meeting spotlighted progress across initiatives like agentic security, the roadmap for future deliverables, and community efforts to enhance industry awareness.📌 Highlights include:🛠️ OWASP Compass 1.0: A strategic dashboard to guide AI adoption securely.🌍 Black Hat & DEFCON updates: New workshops, hackathons, and outreach efforts.🌟 Agentic Security: Threat modeling advancements and a preview of the upcoming Agentic Top 10 list.📋 Solutions Landscape: Expanding tools and resources for cybersecurity practitioners.🌐 Ready to get involved? Learn more and join the community: https://genai.owasp.org#AI #GenerativeAI #Cybersecurity #OWASP #OWASPGenAI #AgenticSecurity #AIThreats #BlackHat2023 #DEFCON

Discover the latest in AI and cybersecurity as we unpack cutting-edge tools and global collaborations. This episode introduces the OWASP Compass, a unique framework for operationalizing AI strategies, alongside highlights from UN Open Source Week and upcoming events like Black Hat and DEFCON.Whether you’re into red teaming, AI governance, or free training resources, this episode has something for everyone!📌 Learn more: OWASP GenAILet’s shape a safer AI-powered future!

Catch the latest updates from the OWASP GenAI Security Project, including global partnerships, tools, and groundbreaking AI security research:🔍 Key topics:UN Open Source Week: OWASP takes the stage to discuss AI security in supply chain and generative AI advancements.Compass Tool Update: Simplifying AI threat strategies with profiles and streamlined workflows.AI Incident Response Guide: Now open for core team review—aiming for a July release.AI Red Teaming Framework: New initiatives to enhance vulnerability testing in generative AI systems.Stay informed as we push the boundaries of AI security innovation!#OWASP #GenAI #AISecurity #CompassTool #RedTeaming #UNOpenSource #GenerativeAI

This episode dives into the latest milestones from the OWASP GenAI Security Project, focusing on AI security tools, responses, and emerging challenges in the world of generative AI:🔍 Key topics:Compass Tool Updates: Streamlining AI threat identification and strategy building.AI Incident Response Guide: A specialized framework for preparing and managing AI-enabled breaches.Exploit Generation Research: Advancing LLM and agentic AI testing to benchmark cybersecurity risks.Don’t miss actionable insights from evolving initiatives like red teaming and agentic security. Stay updated on the forefront of AI safety!#AISecurity #OWASP #GenAI #AIIncidentResponse #CompassTool #ExploitGeneration

In this episode, we discuss the latest developments in AI security from the OWASP GenAI Security Project, featuring updates on the Compass Tool, AI Red Teaming efforts, and the evolving landscape of generative AI risks.🔍 Key topics:Compass Tool: An operationalized version of the CISO checklist for prioritizing generative AI threats.AI Red Teaming Handbook: Progress on testing frameworks for LLMs and AI systems.Post-RSA reflections: Key takeaways and future initiatives in AI security.Stay ahead in the dynamic field of AI security with these actionable insights!#OWASP #GenAI #AISecurity #AIRedTeaming #CompassTool #RSA2025

Catch the latest updates from the OWASP GenAI Security Project following RSA, including discussions on AI security trends, Agentic AI workflows, and project highlights like the Compass Tool.🛡️ Key insights include:The evolving intersection of AppSec and LLM security.Updates on Agentic AI workshops and Peer-reviewed AI guidance.Behind the scenes of OWASP’s initiatives shaping the future of generative AI security.Stay informed on the latest in AI security and learn how to get involved! 🌍#AISecurity #OWASP #GenAI #AgenticAI #RSA2025 #RedTeaming #AppSec

In this podcast, we dive into key updates from the OWASP GenAI Security Project, including the latest on Agentic AI, red teaming best practices, upcoming events at RSA 2025, and exciting tools like the Compass for AI security maturity. 🌐🛡️ Highlights:Insights into red teaming vulnerabilities and testing strategies.The importance of Agentic AI security frameworks.Exclusive RSA 2025 workshops, parties, and live streams.Tools to enhance AI governance and navigate AI risks effectively.Stay ahead in the AI security game!#AISecurity #OWASP #GenAI #RSA2025 #RedTeaming #AgenticAI

Join host Scott Clinton and cybersecurity community members for the latest OWASP GenAI Security Project meeting. In this episode, the team shares key updates on their upcoming activities at the RSA Conference—including a half-day summit, agentic security workshop, and special networking opportunities. Scott emphasizes community engagement, while Sandy Dunn introduces the newly established Compass Project, dedicated to operationalizing governance and security strategies in practical, effective ways.Additionally, the episode covers project updates on AI incident response with Bryan Nakayama, translation efforts for wider global accessibility, and other initiatives to build cohesive, community-driven resources. This meeting demonstrates OWASP's ongoing commitment to collaboration and action within cybersecurity, securing AI, and enhancing threat modeling practices.

In this episode, join Scott Clinton, Steve Wilson, John Sotiropoulos, and Aubrey King as they discuss the latest updates and achievements in the OWASP GenAI Security Project. From the introduction of new governance structures to insights on sponsorship growth, this episode provides an in-depth look at how the project is evolving to tackle the challenges in AI security.Learn about the various initiatives and milestones, including the success of the Agentic AI initiative, the upcoming events at RSA, and the impressive community engagement metrics. Whether you're a cybersecurity professional, AI enthusiast, or someone interested in contributing to the project, this episode is packed with valuable information and practical insights.

In this episode, Scott Clinton leads the discussion on the latest trends and challenges in the AI security landscape. They kick things off with a friendly catch-up before diving into important topics like AI red teaming, the security of AI models, and the best practices for ensuring robust AI security frameworks.Throughout the discussion, our experts share their insights on how to tackle the evolving threats in the AI space. From the lack of security measures in many organizations to the innovative approaches being developed to counter these threats, this episode is a treasure trove of information for anyone involved in AI and cybersecurity. Whether you're a professional in the field or simply interested in the latest developments, there's something valuable here for you.

Welcome to our latest podcast episode where we delve into the nuances of AI security and the exciting developments in the field. In this episode, we discuss the recent meeting of our AI security team, highlighting key projects such as the Red Teaming Guide, the Agent Security Insights (ASI) document, and the ongoing efforts to translate and refine our resources for global use. Steve Wilson, Sandy Dunn, and Scott Clinton share their insights on the latest advancements and the collaborative efforts that are driving the future of AI security.Join us as we explore the intricacies of defining AI agents, the challenges of threat modeling, and the importance of creating standardized definitions to facilitate better communication and understanding in the AI security domain. Whether you're new to the field or a seasoned expert, this episode offers valuable perspectives and actionable insights to enhance your understanding of AI security.

Join us for an insightful discussion in our latest podcast episode featuring our core team and many others from the AI security community. This episode dives deep into various exciting topics, including the introduction of new AI security guidelines, the advancements in agentic security, and the latest developments in AI red teaming. We explore the collaborative efforts in creating practical and consumable security documentation, the impact of AI security standards alignment, and the roadmap for future AI security projects.In addition to these discussions, we also highlight the upcoming AI Security Summit at RSA Conference, the integration of AI security solutions, and the active involvement of new contributors to the project. This episode is a comprehensive overview of the current state and future directions of AI security, making it a must-watch for anyone interested in the field. Don't miss out on the detailed insights and valuable information shared by experts in this engaging and informative podcast.

Join us for an engaging episode where the OWASP LLM and Gen AI Project Team discuss key initiatives, updates, and collaborative efforts. This episode dives into various topics such as the ongoing development of the Agentic Security Landscape, the importance of creating a standardized glossary for AI terminology, and the exciting collaborations with organizations like IBM and the Cloud Security Alliance. The team also explores the potential of producing educational videos to enhance understanding of AI concepts and terms.In this meeting, the team emphasizes the need for consensus and community feedback in refining AI definitions, while also discussing the significance of simplifying complex documentation to make it more accessible. Special highlights include the announcement of the upcoming RSA summit, the introduction of new project sponsors, and the proposal to include ByteDance as a sponsor. This episode is packed with insights and updates that are critical for anyone involved in AI and cybersecurity. Don’t miss out on the latest developments from the OWASP LLM and Gen AI Project!

Join the core team as they dive into a comprehensive discussion on recent workshops, AI advancements, and the significance of industry conferences. This episode unpacks the latest feedback from cybersecurity sessions and sets the stage for RSA 2025 and other upcoming events. Scott Clinton and Bryan Nakayama add depth with insights into AI red teaming and deepfake initiatives as well as community growth metrics. Don't miss out on this engaging conversation that bridges the gap between cybersecurity strategy and practical implementation. Subscribe for more expert insights!

Welcome to our latest episode, recorded on December 18th, where we dive into the exciting progress and future plans for our project as we wrap up 2024. We discuss the incredible work done by our community, the recognition from the OWASP Foundation, and our ambitious roadmap for 2025. Highlights include updates on the project's progress, insights from our check-in with Andrew, the Executive Director of OWASP, and plans for promoting the project and increasing community engagement. We also cover the launch of our new AI Red Teaming Initiative and updates to the AI cybersecurity and governance checklist.We touch on our collaborative efforts with other OWASP projects, potential new grant-funded initiatives, and exciting plans for RSA and other developer events in 2025. Whether you're a developer, security professional, or just passionate about AI and cybersecurity, there's something in this episode for you. Don't forget to like, subscribe, and hit the notification bell to stay updated with our latest episodes and projects. Join the conversation in the comments below and let us know your thoughts!

Welcome to the latest bi-weekly meeting for the OWASP Top Ten for Generative AI and Application Security, recorded on December 4th, 2024. Join us as we dive into key updates, project developments, and community engagement activities. This meeting covers updates on meeting link changes, recent launch statistics, social media metrics, and community growth. We also discuss new initiatives like the upcoming podcast series, LinkedIn engagement strategies, future webinars, and our plans for 2025 outreach. We highlight the progress on the Red Teaming document, data security best practices white paper, and explore translation services for broader accessibility. Additionally, we share updates on our sponsorship and fundraising efforts, along with insights on our website and community engagement metrics. Thank you for watching! Be sure to like, comment, and subscribe for more updates. Join our community and stay engaged with the latest in generative AI and application security. For more information and to get involved, visit our OWASP Project Page. #OWASP #GenerativeAI #ApplicationSecurity #TopTen #CommunityMeeting #Podcast #TechUpdates #CyberSecurity #AI #LinkedIn #Webinar #CaptureTheFlag #DataSecurity #RedTeaming

The session covers key updates and lively discussions among team members. Steve Wilson welcomes attendees and discusses recent travels and the prepared slide deck. The team celebrates the release of the new Top 10 list and its positive reception. Scott Clinton shares success stories and goals from the sponsorship program, while social media growth, project roadmap, and community contributions are highlighted. Krishna updates on the newsletter and future plans for webinars and outreach. The growth of the solutions landscape and the onboarding of a new web team are also discussed. The team brainstorms new initiatives, including workshops and virtual events, to enhance community engagement. Steve Wilson addresses the need for structured governance as the project evolves, discussing potential changes and future planning. The meeting concludes with gratitude to the community for their significant contributions and collective achievements. Tags: #OWASP #CyberSecurity #AI #LLM #GenAI #MeetingRecap #Top10 #Community #Sponsorship #Newsletter #Webinars #Governance Don't forget to like, comment, and subscribe for more updates from the OWASP Top 10 for LLM & Gen AI Group!

Join us for an engaging meeting discussing the November 6th edition of the OWASP Top 10 for LLM (Large Language Model) applications. Steve Wilson leads the session, providing updates on the latest developments, including the release candidate, feedback collection, and expectations for the final version. Key points include the importance of the OWASP Top 10 list for 2025, feedback on errors and formatting, and insights into the traction generated by recent press releases and media coverage. The team also discusses the solutions landscape document, the searchable directory of solutions, and upcoming announcements for the new OWASP Top 10 list. Contributions from team members on data security white papers, red teaming documents, and threat intelligence efforts are highlighted. Special shoutouts to Scott Clinton for his work on the sponsorship program and PR efforts, as well as contributions from Emmanuel, Sandy, and other core team members. This meeting underscores the collaborative efforts within the community to enhance the security landscape for LLM applications. Don't miss this insightful discussion showcasing teamwork and dedication in cybersecurity. Subscribe for more updates and stay tuned for the next meeting as we continue to push the boundaries of security innovation. #OWASP #LLM #Cybersecurity #Top10 #MeetingRecap #TeamEffort #SecurityInnovation

In this meeting, the team finalizes the 2025 version of the OWASP Top 10 list for large language models (LLMs), highlighting key updates to the entries and ongoing efforts to refine the document's graphical layout. They also discuss the integration of the solutions catalog, which now features over 40 contributions from both open-source and commercial entities. Additionally, plans for a robust PR and media outreach campaign are outlined, including potential briefings with press and analysts, and the announcement of a sponsorship program in November. The team is also considering hosting a virtual event in December to highlight the new 2025 list and other project assets. Significant contributions and updates from various team members are acknowledged, such as the work on red teaming initiatives, data security best practices, and mapping the new entries to existing frameworks. The meeting underscores the collaborative spirit of the project, with ongoing efforts to make the OWASP guidelines more accessible and comprehensive. The session concludes with a note of appreciation for the team's hard work and an optimistic outlook for the project's future, emphasizing the importance of the collective effort in shaping valuable cybersecurity resources.

Catch up on the latest OWASP Top 10 for Large Language Models (LLMs) meeting! Russell Tait and Rachel discuss AI Incident response, while Steve Wilson updates on transitioning to the 2024 version. Key topics include prompt injection redefinition, red teaming progress, AI Bill of Materials proposal, and updates on the Deepfake Guide, AI-enhanced Cyber Attack Guidance, and exploit generation for AI. Sandy Dunn provides an AI Security Checklist update and proposes a centralized definitions page, and Scott Clinton announces the new Center of Excellence guide and encourages contributions to the Solutions Guide. For more details, check out the Deepfake Guide and the Solutions Submission Form. Stay connected by joining our community on Slack and following us on LinkedIn. Like, comment, and subscribe for more updates!

In our recent session, we discussed the ever-evolving landscape of AI and machine learning security. Key highlights include: 1. Prompt Leakage: Addressing vulnerabilities where AI systems inadvertently disclose sensitive information. 2. Agent Interaction Risks: Focusing on excessive agency and the complexities of multi-agent systems. 3. Supply Chain Vulnerabilities: Ensuring robust security measures in AI development pipelines.

In our recent meeting, we covered crucial topics such as defining AI incidents, publishing deep fake guidance, and innovative research on AI exploitation. Our community continues to drive forward with impactful initiatives. Also, a special mention to our beautiful new HQ in Colorado! 🌄 #AI #CyberSecurity #OWASP

In our recent meeting, we explored several key topics, including AI-enhanced cyber attack responses, the importance of automated PDF generation for documentation, and welcoming new members to our community. These discussions are crucial for staying ahead in AI and cybersecurity. Dive in and contribute to shaping the future of AI security with us. #AI #CyberSecurity #OWASP #TechInnovation

In our recent meeting, we explored the evolving landscape of agentic workflows and multi-agent architectures in AI. From discussing the orchestration of tools to the complexities of fully autonomous agents, our team is at the forefront of AI innovation. Dive into the discussion, share your insights, and help shape the future of AI governance. #AI #MachineLearning #AIInnovation #AIResearch

We took a break from the standard meeting and had a meeting of the core member team to hash out some of the new threats that have come up in conversation for v2.0 ranking.

The team discussed the progress of the large language models expert group project, focusing on the voting phase for new entries and the future publication. They also discussed the importance of the top 10 list, the outreach roadmap, and the need for upcoming calls for papers. Lastly, they explored potential solutions for managing multiple PDF pipelines, the use of templating, and the team's presence at an upcoming conference in Lisbon.

The team discussed the call for new vulnerability candidates for the OASP top 10 for large language models expert group, the challenges of accommodating all nominations for the AI Safety Institute's task force, and the ongoing process of creating a list of top AI tools. They also reviewed the progress of the organization's sponsorship program, plans for outreach, and the upcoming publication of a blog based on research from the University of Illinois. Lastly, they discussed the upcoming CSA AI summit, improving existing vulnerabilities, and the idea of creating a top 20 list to recognize emerging vulnerabilities.

This week, Scott leads the bi-weekly meeting for May 23, 2004. We recap the RSA happenings, talk about the new website and get a bit of an update on the v2.0 efforts! Check out Episode 14 of the Bi-weekly Meeting Podcast!

Steve Wilson's back to lead the discussion for our April 25 2024 meeting for Episode 13. We talk about the v2 updates - even some survey response discussions. RSA Planning was a significant topic as well, as it's coming up quickly. We also talked the new website efforts and a whole lot more.

The team, led by Scott, discussed upcoming activities including the RSA conference, a virtual summit on AI, and a website refresh. They also reviewed the success of their recent social media campaign and planned for future promotions. Lastly, they addressed the improvement of their data gathering methodology and looked forward to the next week's catch-up through Slack.

This month was huge. We talked about the returning core members and early data from our volunteer interest survey, as well as possible charter expansion. We've also got an AI summit coming up at RSA that is not to miss! Also, the leads gave reports, too!

Steve wasn't able to make the meeting this week, so Sandy Dunn ran the meeting. We talked about how to share any speaking opportunities you may have with the team and had great discussion around prompt injection and "AI-washing" from vendors.

Set your Alexa alarms, AI Community! We've got a meeting this Thursday and want to see YOU there! Meetings Link: https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings

We talked about the 2.0 Kickoff and introduced the concept for budget and sponsorship.

We've got a meeting this Thursday @ 8am Pacific / 11am Eastern. Set your clocks, #AISecurity aficionados!Meetings Link: https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings #AI #LLMTop10

Hear from some new community members and get into a bit of the 2.0 brainstorming, as well as hearing from the leads. Impending release for the Security And Governance Checklist!

The 2.0 Kickoff meeting! This is where we break it down a bit. We talk about the goals of the project, in terms of evangelism and planning for the next major release. We also get a rundown on activities for each of the leads. If you want to know a bit more about what our visibility is actually looking like or any data from our audience, we go over the early results on our end consumer survey!

Talked about the reception of our first three translations, the forthcoming Security & Governance Checklist and the impending 2.0 release announcement. Join us every two weeks for the latest in our project.

Come check out our bi-weekly meeting tomorrow, Jan 18! https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings

First meeting after the holiday season, so a bit short. We covered the podcast release, passing 1000 LinkedIn subscribers, talked about the new language translations forthcoming release, getting closer on the Security & Governance Checklist and much more!

Our Bi-Weekly Meeting!

Our Bi-Weekly meeting for Dec. 7 2023.

This is our meeting update for Nov. 9, 2023.