OWASP LLM Top 10 Explorer (2025)
Explore the OWASP Top 10 for LLM Applications (2025) — prompt injection, sensitive info disclosure, excessive agency, supply chain and more, with prevention steps for each. Free, from Neurobyte.
About this training
As organisations rush to ship AI features, a new class of risk comes with them — and the OWASP Top 10 for Large Language Model Applications is the reference for understanding it. This free explorer covers the 2025 edition: prompt injection, sensitive information disclosure, supply-chain risks, excessive agency, system-prompt leakage, vector and embedding weaknesses and more, with prevention guidance for each.
It's essential grounding for developers, architects and security teams building on LLMs and agents. AI security is moving fast, and a shared vocabulary of the real risks is the starting point for building responsibly. Pair it with our Prompt Injection Lab and Secure AI Deployment Checklist to move from understanding to practice.
Frequently asked questions
What is the OWASP LLM Top 10?
It's OWASP's list of the most critical security risks specific to applications built on large language models — including prompt injection, sensitive information disclosure, excessive agency and supply-chain risks — with guidance to mitigate each.
Why do LLM apps need their own Top 10?
LLMs introduce risks traditional app-security lists don't cover, such as manipulation through natural-language input, over-permissioned autonomous agents, and data leakage through model outputs and embeddings. They need dedicated controls.
How do I apply this?
Use the explorer to learn the risks, practise the attacks safely in our Prompt Injection and RAG & Agent labs, then self-assess your application with the Secure AI Deployment Checklist.