Look for any podcast host, guest or anyone
Showing episodes and shows of

OWASP GenAI Security Project

Shows

Pondering AI
Pondering AIAgentic Insecurities with Keren KatzKeren Katz exposes novel risks posed by GenAI and agentic AI while reflecting on unintended malfeasance, surprisingly common insider threats and weak security postures. Keren and Kimberly discuss threats amplified by agentic AI; self-inflicted exposures observed in Fortune 500 companies; normalizing risky behavior; unintentional threats; non-determinism as a risk; users as an attack vector; the OWASP State of Agentic AI and Governance report; ransomware 2025; mapping use cases and user intent; preemptive security postures; agentic behavior analysis; proactive AI/agentic security policies and incident response plans. Keren Katz is Senior Group Manager of Threat Re...
2025-10-1549 minSecurity Weekly Podcast Network (Video)
Security Weekly Podcast Network (Video)Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that appsec teams need to focus on. Whether apps are created by genAI or directly use genAI, the future of securing software is going to be busy. Resources https://genai.owasp.org https://genai.owasp.org/llm-top-10/ LLM security book on Amazon...
2025-10-141h 07Security Weekly Podcast Network (Audio)
Security Weekly Podcast Network (Audio)Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that appsec teams need to focus on. Whether apps are created by genAI or directly use genAI, the future of securing software is going to be busy. Resources https://genai.owasp.org https://genai.owasp.org/llm-top-10/ LLM security book on Amazon...
2025-10-141h 07Security Weekly (Download Only)
Security Weekly (Download Only)Inside the OWASP GenAI Security Project - Steve Wilson - ASW #352Interest and participation in the OWASP GenAI Security Project has exploded over the last two years. Steve Wilson explains why it was important for the project to grow beyond just a Top Ten list and address more audiences than just developers. He also talks about how the growth of AI Agents influences the areas that appsec teams need to focus on. Whether apps are created by genAI or directly use genAI, the future of securing software is going to be busy. Resources https://genai.owasp.org https://genai.owasp.org/llm-top-10/ LLM security book on Amazon...
2025-10-141h 07Talk Python To Me
Talk Python To MeRed Teaming LLMs and GenAI with PyRITEnglish is now an API. Our apps read untrusted text; they follow instructions hidden in plain sight, and sometimes they turn that text into action. If you connect a model to tools or let it read documents from the wild, you have created a brand new attack surface. In this episode, we will make that concrete. We will talk about the attacks teams are seeing in 2025, the defenses that actually work, and how to test those defenses the same way we test code. Our guides are Tori Westerhoff and Roman Lutz from Microsoft. They help lead AI red teaming and...
2025-09-291h 02Zero Signal
Zero SignalWhat's our nuclear meltdown? Understanding Risk in the Age of AI ft. Sandy DunnQuick Take (TL;DR)This episode examines how AI is transforming the cybersecurity landscape, with Sandy Dunn discussing why security leaders must reassess risk, trust, and business alignment in the era of agentic AI. Essential listening for anyone navigating the intersection of AI, security, and executive decision-making.Guest SpotlightSandy Dunn is the Chief Information Security Officer (CISO) at SPLX, where she leads AI-driven security strategy and advises executive teams on risk and defense alignment. A 20-year cybersecurity veteran, Sandy is the creator and project leader of the...
2025-09-2437 minZero Signal
Zero SignalThe AI Divide, Orphaned Agents, and Ransomware That Negotiates BackAI is redrawing the economic map while vendors rush to “platformize” and attackers weaponize LLMs. Leaders must push for real platforms (shared data planes + policy layers), avoid “platform-in-name-only” lock-in, and prepare for agentic threats like PromptLock.Key Topics & Timestamps(00:00) Introduction — Why this week matters: AI divide, platformization reality check, agentic ransomware.(02:10) Topic 1 — The AI Divide; Anthropic’s index shows productivity clustering in high-adoption regions; implications for hiring, policy, and multi-national execution.(12:00) Topic 2 — Platformization & Consolidation; CrowdStrike–Pangea and Check Point–Lakera signal AI-security land grab; what “true pla...
2025-09-1940 minCybersecurity News & Analysis by Cyber Sidekicks - Your Weekly Update’
Cybersecurity News & Analysis by Cyber Sidekicks - Your Weekly Update’Agentic AI: Why your SecOps is at risk and what to do about it - with Rock LambrosRock Lambros, CEO & Founder of Rock Cyber joins us again this week to delve deeper into the emerging opportunities, risks and challenges of using agentic AI in your SecOps - and what you can do to minimize potential exposure and risk. OWASP GenAI / Agentic AI resources In the news: Personal Liability, Security Become Bigger Issues for CISOs Varonis Acquires Email Security Provider SlashNext to Enhance BEC Defenses   Leave us a message! Want to leave some feedback and suggestions but would prefer not to write an e...
2025-09-1637 minSecurity Weekly (Download Only)
Security Weekly (Download Only)How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - ASW #348This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now. We start off discussing how Scott and other leaders have managed to keep up with the crazy rate of change in the AI world. We pivot to discussing some of the specific projects the team is working on, and finally discuss some...
2025-09-161h 08Security Weekly Podcast Network (Video)
Security Weekly Podcast Network (Video)How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - ASW #348This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now. We start off discussing how Scott and other leaders have managed to keep up with the crazy rate of change in the AI world. We pivot to discussing some of the specific projects the team is working on, and finally discuss some...
2025-09-161h 08Security Weekly Podcast Network (Audio)
Security Weekly Podcast Network (Audio)How OWASP's GenAI Security Project keeps up with the pace of AI/Agentic changes - Scott Clinton - ASW #348This week, we chat with Scott Clinton, board member and co-chain of the OWASP GenAI Security Project. This project has become a massive organization within OWASP with hundreds of volunteers and thousands of contributors. This team has been cranking out new tools, reports and guidance for practitioners month after month for over a year now. We start off discussing how Scott and other leaders have managed to keep up with the crazy rate of change in the AI world. We pivot to discussing some of the specific projects the team is working on, and finally discuss some...
2025-09-161h 08Certified - AI Security Audio Course
Certified - AI Security Audio CourseEpisode 36 — OWASP GenAI/LLM Top 10This episode introduces the OWASP GenAI/LLM Top 10, a structured list of the most critical risks associated with generative AI and large language models. For certification purposes, learners must understand how OWASP adapts its long-standing methodology for web applications to the AI context, focusing on vulnerabilities such as prompt injection, insecure output handling, training data poisoning, and model theft. The exam relevance lies in knowing how these categories prioritize defensive focus and provide a common language for risk management. Mastery of the Top 10 allows candidates to quickly identify high-impact risks and connect them to appropriate technical and organizational controls.
2025-09-1522 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.44 Meeting Aug 27 2025: Initiatives, New Website, and Community GrowthThis meeting covers updates on OWASP’s GenAI Security Project, including improvements to the website for easier contributor onboarding, global events like the upcoming UAE hackathon, and plans for the OWASP virtual AppSec Security Summit in October. Other highlights include new tools, the CTI team’s Exploit Generation initiative, and the launch of the Deepfake Guide revision project. The session also welcomes new members and provides pointers on how to get involved with the project across various initiatives like Agentic AI, LLM security, and red teaming.
2025-09-0224 minHow Hard Can It Be?
How Hard Can It Be?Alex x Ken HuangIn this episode of How Hard Can It Be? host Alex Schlager sits down with Ken Huang, a leading authority on Generative AI governance, cybersecurity, and risk management. Ken is a CSA Fellow, NIST GenAI contributor, co-author of the OWASP Top 10 for LLMs, and an international instructor on GenAI security best practices. He also recently co-authored a book on AI governance and cybersecurity, shaping the global conversation on AI safety, compliance, and red teaming. We dive into: • Why securing LLMs and Agentic AI is uniquely challenging • The upcoming CSA paper on Agentic AI Red...
2025-09-0227 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.43 Meeting Aug 13 2025: Black Hat Recap, New Tools, and OWASP RoadmapThis meeting provides updates on OWASP’s GenAI Security Project, including highlights from Black Hat and DEF CON events, the launch of new tools like the FinBot CTF platform, and progress on important resources such as the GenAI Solutions Landscape and Agentic AI initiatives. The discussion also covers community engagement, growth metrics, and upcoming plans for the OWASP virtual conference in October. Participants share insights on onboarding contributors and continuing to scale AI security efforts globally.
2025-09-0235 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.42 Meeting Jul 30 2025: OWASP Initiatives, Agent Protection, and Black Hat PrepThis meeting covers key updates on OWASP’s AI security initiatives, including agent architecture, threat mitigation, and practical resources for securing AI systems. We discuss upcoming events at Black Hat and DEF CON, recent releases like the GenAI Solutions Landscape, and progress on AI security guidelines and frameworks. Participants also explore ways to contribute to the community and advance AI-driven security practices.
2025-09-0243 minCybersecurity News & Analysis by Cyber Sidekicks - Your Weekly Update’
Cybersecurity News & Analysis by Cyber Sidekicks - Your Weekly Update’OWASP Agentic AI SecOps deep dive: Solutions & Framework!This week we delve into OWASP's recently-released OWASP Agentic AI SecOps Framework and Market Landscape report: https://genai.owasp.org/resource/ai-security-solutions-landscape-for-agentic-ai-q3-2025/ This week's guest is Paul Farrington, Chief Product Officer at Glasswall. Paul, Christina & I talk about the evolution of Zero Trust and where the industry is headed.... Leave us a message! Want to leave some feedback and suggestions but would prefer not to write an email? You can leave us a voicemail (90 seconds max). We will share any that are not too spicy in the following episode.
2025-09-0237 minAI Safety Breakthrough
AI Safety BreakthroughNavigating the New AI SecurityWelcome to Agentic AI Unlocked, your deep dive into the transformative world of Agentic AI—systems combining large language models with advanced reasoning and autonomous action. These intelligent agents promise to disrupt industries, yet introduce a fundamentally new threat surface. Risks like memory poisoning, tool misuse, prompt injection, and insider threats highlight the urgent need for robust security and real-time governance.The OWASP GenAI Security Project aims to provide actionable insights into these challenges, helping organizations responsibly develop, deploy, and govern agentic AI. We advocate a proactive, defense-in-depth approach across the entire agent lifecycle.Join us...
2025-08-1325 minThe Generative AI Security Podcast
The Generative AI Security PodcastExploring GenAI Security: Agentic Top 10, Threat Modeling & Community HackathonsJoin us on the latest episode of the GenAI Security Podcast as Aubrey King chats with John Sotiropoulos, co-lead of the Agentic Security Initiative. Dive deep into AI agent security, the groundbreaking Agentic Top 10 (coming soon!), and how the OWASP GenAI Security Project is shaping the future of safe AI development.Get insights on threat modeling, hackathons, innovative community initiatives, and how YOU can contribute to this growing global movement. Whether you’re in AI, cybersecurity, or just curious, there’s something here for everyone!📌 Learn more and get involved: OWASP GenAI SecurityDon’t forget to like, share, and subscribe...
2025-07-3121 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.41 Meeting Jul 16 2025: Roadmap, Black Hat Prep & Compass LaunchIn this episode of the OWASP Generative AI Security Project podcast, we dive into exciting updates and advancements in AI security. From the upcoming OWASP Compass launch to Black Hat and DEFCON preparations, this meeting spotlighted progress across initiatives like agentic security, the roadmap for future deliverables, and community efforts to enhance industry awareness.📌 Highlights include:🛠️ OWASP Compass 1.0: A strategic dashboard to guide AI adoption securely.🌍 Black Hat & DEFCON updates: New workshops, hackathons, and outreach efforts.🌟 Agentic Security: Threat modeling advancements and a preview of the upcoming Agentic Top 10 list.📋 Solutions Landscape: Expanding tools and resources for cybersecurity practitioners.🌐 Ready to get involve...
2025-07-1645 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.40 Meeting Jul 2 2025: OWASP Compass Tool & Exciting UN Week HighlightsDiscover the latest in AI and cybersecurity as we unpack cutting-edge tools and global collaborations. This episode introduces the OWASP Compass, a unique framework for operationalizing AI strategies, alongside highlights from UN Open Source Week and upcoming events like Black Hat and DEFCON.Whether you’re into red teaming, AI governance, or free training resources, this episode has something for everyone!📌 Learn more: OWASP GenAILet’s shape a safer AI-powered future!
2025-07-0245 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.39 Meeting Jun 18 2025: UN Panel, Compass Tool Progress & AI Red Teaming FrameworkCatch the latest updates from the OWASP GenAI Security Project, including global partnerships, tools, and groundbreaking AI security research:🔍 Key topics:UN Open Source Week: OWASP takes the stage to discuss AI security in supply chain and generative AI advancements.Compass Tool Update: Simplifying AI threat strategies with profiles and streamlined workflows.AI Incident Response Guide: Now open for core team review—aiming for a July release.AI Red Teaming Framework: New initiatives to enhance vulnerability testing in generative AI systems.Stay informed as we push the boundaries of AI security innovation!#OWASP #GenAI #AISecurity #CompassTool #RedTeaming #UNOpenSource #GenerativeAI
2025-06-2027 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.38 Meeting Jun 04 2025: Compass Tool, AI Incident Response & Exploit Generation AdvancesThis episode dives into the latest milestones from the OWASP GenAI Security Project, focusing on AI security tools, responses, and emerging challenges in the world of generative AI:🔍 Key topics:Compass Tool Updates: Streamlining AI threat identification and strategy building.AI Incident Response Guide: A specialized framework for preparing and managing AI-enabled breaches.Exploit Generation Research: Advancing LLM and agentic AI testing to benchmark cybersecurity risks.Don’t miss actionable insights from evolving initiatives like red teaming and agentic security. Stay updated on the forefront of AI safety!#AISecurity #OWASP #GenAI #AIIncidentResponse #CompassTool #ExploitGeneration
2025-06-2030 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.37 Meeting May 21 2025: Compass Tool, AI Red Teaming, and Post-RSA InsightsIn this episode, we discuss the latest developments in AI security from the OWASP GenAI Security Project, featuring updates on the Compass Tool, AI Red Teaming efforts, and the evolving landscape of generative AI risks.🔍 Key topics:Compass Tool: An operationalized version of the CISO checklist for prioritizing generative AI threats.AI Red Teaming Handbook: Progress on testing frameworks for LLMs and AI systems.Post-RSA reflections: Key takeaways and future initiatives in AI security.Stay ahead in the dynamic field of AI security with these actionable insights!#OWASP #GenAI #AISecurity #AIRedTeaming #CompassTool #RSA2025
2025-06-2031 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.36 Meeting May 07 2025: AI Security Trends, Agentic AI, and Post-RSA UpdatesCatch the latest updates from the OWASP GenAI Security Project following RSA, including discussions on AI security trends, Agentic AI workflows, and project highlights like the Compass Tool.🛡️ Key insights include:The evolving intersection of AppSec and LLM security.Updates on Agentic AI workshops and Peer-reviewed AI guidance.Behind the scenes of OWASP’s initiatives shaping the future of generative AI security.Stay informed on the latest in AI security and learn how to get involved! 🌍#AISecurity #OWASP #GenAI #AgenticAI #RSA2025 #RedTeaming #AppSec
2025-06-2052 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.35 Meeting Apr 23 2025: Agentic AI, Red Teaming & RSA 2025 HighlightsIn this podcast, we dive into key updates from the OWASP GenAI Security Project, including the latest on Agentic AI, red teaming best practices, upcoming events at RSA 2025, and exciting tools like the Compass for AI security maturity. 🌐🛡️ Highlights:Insights into red teaming vulnerabilities and testing strategies.The importance of Agentic AI security frameworks.Exclusive RSA 2025 workshops, parties, and live streams.Tools to enhance AI governance and navigate AI risks effectively.Stay ahead in the AI security game!#AISecurity #OWASP #GenAI #RSA2025 #RedTeaming #AgenticAI
2025-06-2048 minITSPmagazine
ITSPmagazineWhy Global Community-Led Innovation Is Driving Real Application Security Progress | An OWASP AppSec Global 2025 Conversation with Starr Brown | On Location Coverage with Sean Martin and Marco CiappelliIn this On Location episode during OWASP AppSec Global 2025 in Barcelona, Starr Brown, Director of Open Source Projects and Programs at OWASP, unpacks the real engine behind the organization’s impact: the projects and the people driving them forward.With over 130 active projects, OWASP continues to expand its open source contributions to improve software security across the board. While the OWASP Top 10 remains its most recognized initiative, Starr points out that it’s just one among many. Other significant projects include the Application Security Verification Standard (ASVS), the Software Assurance Maturity Model (SAMM), and the increasingly popular secu...
2025-05-3009 minOn Location With Sean Martin And Marco Ciappelli
On Location With Sean Martin And Marco CiappelliWhy Global Community-Led Innovation Is Driving Real Application Security Progress | An OWASP AppSec Global 2025 Conversation with Starr Brown | On Location Coverage with Sean Martin and Marco CiappelliIn this On Location episode during OWASP AppSec Global 2025 in Barcelona, Starr Brown, Director of Open Source Projects and Programs at OWASP, unpacks the real engine behind the organization’s impact: the projects and the people driving them forward.With over 130 active projects, OWASP continues to expand its open source contributions to improve software security across the board. While the OWASP Top 10 remains its most recognized initiative, Starr points out that it’s just one among many. Other significant projects include the Application Security Verification Standard (ASVS), the Software Assurance Maturity Model (SAMM), and the increasingly popular secu...
2025-05-3009 minThe Generative AI Security Podcast
The Generative AI Security PodcastAre Your Red Teaming Efforts Giving Bad Actors An Advantage? GenAI SecurityIn this episode of the Generative AI Security Podcast, we sit down with Disesdi Susanna Cox, from the OWASP AI Exchange, to explore the cutting-edge of AI security:🔍 Key topics include:The OWASP AI Exchange as a resource for understanding AI security threats.Fascinating insights on red teaming, adversarial attacks, and why full coverage may be mathematically impossible.How generative AI adoption intersects with predictive AI use cases and security risks.Learn why staying ahead of AI security trends is crucial and how tools like the OWASP AI Exchange can help!#AISecurity #GenerativeAI #OWA...
2025-05-2317 minResilient Cyber
Resilient CyberResilient Cyber w/ Vineeth Sai Narajala: Model Context Protocol (MCP) - Potential & PitfallsIn this episode, I discuss the Model Context Protocol (MCP) with the OWASP GenAI Co-Lead for Agentic Application Security, Vineeth Sai Narajala. We will discuss MCP's potential and pitfalls, its role in the emerging Agentic AI ecosystem, and how security practitioners should consider secure MCP enablement.We discussed: MCP 101, what it is and why it mattersThe role of MCP as a double-edged sword, offering opportunities but additional risks and considerations from a security perspectiveVineeth's work on the "Vulnerable MCP" project is a repository of MCP risks, vulnerabilities, and corresponding mitigations.How MCP is also of...
2025-05-2118 minThe Generative AI Security Podcast
The Generative AI Security PodcastOWASP Project Rebrand, RSA Conference Highlights - GenAI Security Podcast Ep.7Welcome to Episode 7 of the Generative AI Security Podcast! 🚀 This week, we dive into the rebranding of the Gen AI Security Project, upcoming highlights at RSA Conference 2023—including a must-attend Gen AI party—and discussions on cutting-edge initiatives like agentic security and red teaming guides. Join Aubrey, Steve, and Scott as they cover the evolution of this OWASP project, its impact on generative AI security, and what’s next for the community. Don’t forget to like, subscribe, and stay updated on all the latest content!
2025-04-1816 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.34 Meeting Apr 09 2025: RSA Summit, New Compass Project, Community UpdatesJoin host Scott Clinton and cybersecurity community members for the latest OWASP GenAI Security Project meeting. In this episode, the team shares key updates on their upcoming activities at the RSA Conference—including a half-day summit, agentic security workshop, and special networking opportunities. Scott emphasizes community engagement, while Sandy Dunn introduces the newly established Compass Project, dedicated to operationalizing governance and security strategies in practical, effective ways.Additionally, the episode covers project updates on AI incident response with Bryan Nakayama, translation efforts for wider global accessibility, and other initiatives to build cohesive, community-driven resources. This meeting demonstrates OWASP's ongoing co...
2025-04-1644 minThe Generative AI Security Podcast
The Generative AI Security PodcastContinuous Red Teaming for AI: Insights from OWASP Experts - GenAI Security Ep.6In this episode of the OWASP GenAI Security Podcast, Aubrey sits down with Ante and Kris from Splx to discuss the importance of continuous red teaming for AI applications. As AI evolves with multimodal systems, agent frameworks, and retrieval-augmented generation (RAG), proactive security testing becomes essential to address vulnerabilities like jailbreaks, data poisoning, and alignment shifts.Learn how integrating automated red teaming processes and collaborating closely with security teams can help organizations stay ahead of threats. Don’t miss this deep dive into the latest strategies for safeguarding AI applications in production and beyond.
2025-04-0426 minITSPmagazine
ITSPmagazineFrom Overload to Insight: Are We Getting Smarter, or Just Letting AI Think for Us? | A RSA Conference 2025 Conversation with Steve Wilson | On Location Coverage with Sean Martin and Marco CiappelliIn a conversation that sets the tone for this year’s RSA Conference, Steve Wilson, shares a candid look at how AI is intersecting with cybersecurity in real and measurable ways. Wilson, who also leads the OWASP Top 10 for Large Language Models project and recently authored a book published by O’Reilly on the topic, brings a multi-layered perspective to a discussion that blends strategy, technology, and organizational behavior.Wilson’s session title at RSA Conference—“Are the Machines Learning, or Are We?”—asks a timely question. Security teams are inundated with data, but without meaningful visibility—defined not just...
2025-04-0427 minOn Location With Sean Martin And Marco Ciappelli
On Location With Sean Martin And Marco CiappelliFrom Overload to Insight: Are We Getting Smarter, or Just Letting AI Think for Us? | A RSA Conference 2025 Conversation with Steve Wilson | On Location Coverage with Sean Martin and Marco CiappelliIn a conversation that sets the tone for this year’s RSA Conference, Steve Wilson, shares a candid look at how AI is intersecting with cybersecurity in real and measurable ways. Wilson, who also leads the OWASP Top 10 for Large Language Models project and recently authored a book published by O’Reilly on the topic, brings a multi-layered perspective to a discussion that blends strategy, technology, and organizational behavior.Wilson’s session title at RSA Conference—“Are the Machines Learning, or Are We?”—asks a timely question. Security teams are inundated with data, but without meaningful visibility—defined not just...
2025-04-0427 minAI Friday
AI FridayAI Friday LIVE w/ Steve Wilson - Vibe Coding, Agentic AI Security And MoreWelcome to AI Friday! In this episode, we dive into the latest developments in Generative AI Security, discussing the implications and challenges of this emerging technology. Join Aubrey from DevCentral and the OWASP GenAI Security Project, along with an expert panel including Byron, Ken, Lori, and special guest Steve Wilson, as they explore the complexities of AI in the news and the evolving landscape of AI security.We also take a closer look at the fascinating topic of vibe coding, its impact on software development, and the transformative potential of AI-assisted coding practices. Whether you're a developer, security professional...
2025-03-2853 minDevCentral
DevCentralAI Friday LIVE w/ Steve Wilson - Vibe Coding, Agentic AI Security And MoreWelcome to AI Friday! In this episode, we dive into the latest developments in Generative AI Security, discussing the implications and challenges of this emerging technology. Join Aubrey from DevCentral and the OWASP GenAI Security Project, along with an expert panel including Byron, Ken, Lori, and special guest Steve Wilson, as they explore the complexities of AI in the news and the evolving landscape of AI security. We also take a closer look at the fascinating topic of vibe coding, its impact on software development, and the transformative potential of AI-assisted coding practices. Whether you're a developer, security professional, or...
2025-03-2753 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.33 Meeting Mar 26 2025 - Project Updates: Governance, Sponsorship & GrowthIn this episode, join Scott Clinton, Steve Wilson, John Sotiropoulos, and Aubrey King as they discuss the latest updates and achievements in the OWASP GenAI Security Project. From the introduction of new governance structures to insights on sponsorship growth, this episode provides an in-depth look at how the project is evolving to tackle the challenges in AI security.Learn about the various initiatives and milestones, including the success of the Agentic AI initiative, the upcoming events at RSA, and the impressive community engagement metrics. Whether you're a cybersecurity professional, AI enthusiast, or someone interested in contributing to the project...
2025-03-2657 minThe Generative AI Security Podcast
The Generative AI Security PodcastExploring Agentic AI Security with OWASP: Insecure Agent Hackathon Apr 1 In NYCIn this episode of our podcast, Aubrey from the OWASP GenAI Security Project sits down with Ali Howe, the founder of Growth Cyber and contributor to the project. Alie shares her journey from software engineering to becoming a vCISO, emphasizing the importance of AI security and SOC 2 compliance for startups. She discusses the upcoming OWASP Insecure Agents Hackathon in New York City, where developers will explore building AI agents with a focus on identifying and mitigating security threats.Join us to learn more about the OWASP Gen AI Security Project, the significance of AI security in modern startups, and...
2025-03-2515 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.32 Meeting Mar 12 2025: AI Red Teaming, Securing AI Models, and Best Practices in AI SecurityIn this episode, Scott Clinton leads the discussion on the latest trends and challenges in the AI security landscape. They kick things off with a friendly catch-up before diving into important topics like AI red teaming, the security of AI models, and the best practices for ensuring robust AI security frameworks.Throughout the discussion, our experts share their insights on how to tackle the evolving threats in the AI space. From the lack of security measures in many organizations to the innovative approaches being developed to counter these threats, this episode is a treasure trove of information for anyone...
2025-03-251h 00LLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.31 Meeting Feb 26 2025: Red Teaming Guide Updates, Agentic Security InsightsWelcome to our latest podcast episode where we delve into the nuances of AI security and the exciting developments in the field. In this episode, we discuss the recent meeting of our AI security team, highlighting key projects such as the Red Teaming Guide, the Agent Security Insights (ASI) document, and the ongoing efforts to translate and refine our resources for global use. Steve Wilson, Sandy Dunn, and Scott Clinton share their insights on the latest advancements and the collaborative efforts that are driving the future of AI security.Join us as we explore the intricacies of defining AI...
2025-03-1149 minThe Generative AI Security Podcast
The Generative AI Security PodcastSandboxing AI Models with Dyana & OWASP Top 10 for LLM Apps - Ep.4Welcome back to our Generative AI Security Podcast! In this episode, Aubrey sits down with Ads Dawson, a respected member of the AI community, to delve into the OWASP Top Ten for LLM Applications and Generative AI. They discuss the latest security challenges and showcase Dyana, an open-source utility developed by Dreadnode for profiling and securing machine learning models.Ads gives a comprehensive demo of Diana, explaining its functionalities and how it can sandbox and profile a wide range of files, including models from Hugging Face. Discover how Diana can help detect backdoored models and provide detailed insights into...
2025-03-0622 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp.30 Meeting Feb 12 2025: AI Security Guidelines, Agentic Security, RSA SummitJoin us for an insightful discussion in our latest podcast episode featuring our core team and many others from the AI security community. This episode dives deep into various exciting topics, including the introduction of new AI security guidelines, the advancements in agentic security, and the latest developments in AI red teaming. We explore the collaborative efforts in creating practical and consumable security documentation, the impact of AI security standards alignment, and the roadmap for future AI security projects.In addition to these discussions, we also highlight the upcoming AI Security Summit at RSA Conference, the integration of AI...
2025-02-2553 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp. 29: Meeting Jan 29 2025: Glossary Initiative, RSA Summit, and New SponsorsJoin us for an engaging episode where the OWASP LLM and Gen AI Project Team discuss key initiatives, updates, and collaborative efforts. This episode dives into various topics such as the ongoing development of the Agentic Security Landscape, the importance of creating a standardized glossary for AI terminology, and the exciting collaborations with organizations like IBM and the Cloud Security Alliance. The team also explores the potential of producing educational videos to enhance understanding of AI concepts and terms.In this meeting, the team emphasizes the need for consensus and community feedback in refining AI definitions, while also discussing...
2025-02-2456 minibl.ai
ibl.aiOWASP: LLM Applications Cybersecurity and Governance ChecklistSummary of https://genai.owasp.org/resource/llm-applications-cybersecurity-and-governance-checklist-english Provides guidance on securing and governing Large Language Models (LLMs) in various organizational contexts. It emphasizes understanding AI risks, establishing comprehensive policies, and incorporating security measures into existing practices. The document aims to assist leaders across multiple sectors in navigating the challenges and opportunities presented by LLMs while safeguarding against potential threats. The checklist helps organizations formulate strategies, improve accuracy, and reduce oversights in their AI adoption journey. It also includes references to external resources like OWASP and MITRE to facilitate a robust cybersecurity plan...
2025-02-1820 minProject Gamma
Project GammaEpisode 5 | AI-Engineered: Building Applications, Tackling Tech Debt, and Securing SoftwareJoin host Warner Moore on Project Gamma as he chats with tech veteran Jason Montgomery about how GenAI is revolutionizing engineering and cybersecurity. Discover how GenAI accelerates development, builds applications from scratch, and creates AI agents to tackle technical debt. We also explore strategies for introducing GenAI into your engineering team, modern security practices, and the essentials of DevSecOps.Podcast topics:Using GenAI to accelerate engineeringBuilding an application from scratch using GenAICreating AI agents to tackle technical debtIntroducing GenAI to your engineering organizationSecurity...
2025-02-1842 minNon-Adjective
Non-AdjectiveOWASP Reporting: OverReliance at ChemeketaA generated conversation about GenAi at Chemeketa. Part One of Two!
2025-02-0357 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp. 28: Meeting Jan 15 2025 - Red Teaming, Deepfake, RSA 2025 Updates And MoreJoin the core team as they dive into a comprehensive discussion on recent workshops, AI advancements, and the significance of industry conferences. This episode unpacks the latest feedback from cybersecurity sessions and sets the stage for RSA 2025 and other upcoming events. Scott Clinton and Bryan Nakayama add depth with insights into AI red teaming and deepfake initiatives as well as community growth metrics. Don't miss out on this engaging conversation that bridges the gap between cybersecurity strategy and practical implementation. Subscribe for more expert insights!
2025-01-2159 minThe Generative AI Security Podcast
The Generative AI Security PodcastExploring AI Security: Red Teaming & Offensive Agents with Ads | GenAI Security Ep.3Join us for the third episode of our podcast, where Aubrey from the OWASP Top Ten for Large Language Model Applications and Generative AI dives into the evolving world of AI security. In this episode, we chat with Ads, a seasoned AI security researcher from Dreadnode, who shares his journey from network engineering to AI security. Gain insights into the latest trends in AI red teaming, offensive agents, and the exciting developments at Dreadnode. Explore the fascinating world of AI security with real-world examples, the importance of agentic AI, and how innovative tools like RoboPages and Burpference...
2025-01-0932 minThe Security Repo
The Security RepoThe Updated OWASP Top 10 for LLM Applications and the AI landscape - Talesh SeeparsanIn this episode of the Security Repo Podcast, the team dives into the OWASP Top 10 for Large Language Model Applications with special guest Talesh Seeparsan, an expert in cybersecurity and AI safety. Talesh shares insights into why a specialized top 10 for LLM vulnerabilities is essential, delves into unique challenges like system prompt leakage and AI supply chain risks, and provides practical advice for small companies navigating AI compliance. The conversation wraps up with reflections on security best practices, including collaboration and skepticism about industry norms. With over a decade in cybersecurity, Talesh is a trusted expert in protecting enterprise...
2025-01-0842 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEp. 27: Meeting Dec 18 2024 - OWASP Recognition, AI Red Teaming, RSA And MoreWelcome to our latest episode, recorded on December 18th, where we dive into the exciting progress and future plans for our project as we wrap up 2024. We discuss the incredible work done by our community, the recognition from the OWASP Foundation, and our ambitious roadmap for 2025. Highlights include updates on the project's progress, insights from our check-in with Andrew, the Executive Director of OWASP, and plans for promoting the project and increasing community engagement. We also cover the launch of our new AI Red Teaming Initiative and updates to the AI cybersecurity and governance checklist.We touch on our...
2024-12-191h 02Chain of Thought
Chain of ThoughtHow AI Assistants Can Enhance Human Connection | Twilio’s Vinnie GiarrussoCan AI assistants actually enhance human connection? As Season 1 of Chain of Thought comes to a close, Conor Bronsdon and Vinnie Giarrusso (Twilio) explore the transformative potential of AI assistants in the workplace. Discover how these assistants function as "async junior digital employees," taking on specific tasks and contributing to the organizational structure. But will AI assistants ultimately replace human connection? Vinnie argues the opposite is true, suggesting that AI can liberate employees from mundane tasks, allowing them to focus on building meaningful relationships and providing personalized experiences. This thought-provoking conversation takes a...
2024-12-1842 minThe Generative AI Security Podcast
The Generative AI Security PodcastEffective AI Red Teaming Best Practices With Krishna Sankar - GenAI Security Ep.2In this second episode of our podcast series, we introduce the Red Teaming Initiative with special guest Krishna Sankar. Discover the nuances of red teaming in the context of generative AI, explore best practices, and understand what it takes to develop a mature red teaming strategy. Krishna also shares his rich background in autonomous systems, AI in financial services, and his passion for Legos! Don't miss out on this informative discussion that also touches on the exciting (and somewhat daunting) concept of Artificial General Intelligence (AGI) and its implications. For the latest insights and updates in generative AI security...
2024-12-1235 minSecurity Weekly Podcast Network (Video)
Security Weekly Podcast Network (Video)AI's Junk Vulns, Web3 Backdoor, LLM CTFs, 5 GenAI Mistakes, Top Ten for LLMs - ASW #310Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more! Show Notes: https://securityweekly.com/asw-310
2024-12-1029 minSecurity Weekly Podcast Network (Video)
Security Weekly Podcast Network (Video)Looking Back on 2024 - ASW #310We do our usual end of year look back on the topics, news, and trends that caught our attention. We covered some OWASP projects, the ongoing attention and promises of generative AI, and big events from the XZ Utils backdoor to Microsoft's Recall to Crowdstrike's outage. Segment resources https://prods.ec https://owasp.org/www-project-spvs/ https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/ https://securitychampions.owasp.org/ https://deadliestwebattacks.com/appsec/2024/11/14/ai-and-llms-asw-topic-recap https://www.scworld.com/podcast-episode/3017-infosec-myths-mistakes-and-misconceptions-adrian-sanabria-asw-279 Show Notes: https://securityweekly.com/asw-310
2024-12-1030 minSecurity Weekly Podcast Network (Audio)
Security Weekly Podcast Network (Audio)Looking Back on 2024 - ASW #310We do our usual end of year look back on the topics, news, and trends that caught our attention. We covered some OWASP projects, the ongoing attention and promises of generative AI, and big events from the XZ Utils backdoor to Microsoft's Recall to Crowdstrike's outage. Segment resources https://prods.ec https://owasp.org/www-project-spvs/ https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/ https://securitychampions.owasp.org/ https://deadliestwebattacks.com/appsec/2024/11/14/ai-and-llms-asw-topic-recap https://www.scworld.com/podcast-episode/3017-infosec-myths-mistakes-and-misconceptions-adrian-sanabria-asw-279 Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana...
2024-12-1059 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 26: Meeting December 4 2024 Launch Updates, New GenAI Security Podcast And MoreWelcome to the latest bi-weekly meeting for the OWASP Top Ten for Generative AI and Application Security, recorded on December 4th, 2024. Join us as we dive into key updates, project developments, and community engagement activities. This meeting covers updates on meeting link changes, recent launch statistics, social media metrics, and community growth. We also discuss new initiatives like the upcoming podcast series, LinkedIn engagement strategies, future webinars, and our plans for 2025 outreach. We highlight the progress on the Red Teaming document, data security best practices white paper, and explore translation services for broader accessibility. Additionally, we share...
2024-12-0429 minThe Generative AI Security Podcast
The Generative AI Security Podcast2025 LLM Apps Top 10, Evolving AI Architectures - GenAI Security Ep.1Welcome to the first episode of the Gen AI Security Podcast! 🎉 Join Aubrey King, Sandy Dunn, and Scott Clinton as they discuss Thanksgiving plans and dive into the OWASP Top Ten for LLM apps. We'll cover our recent 2025 release, deepfake guidance, and evolving AI architectures like RAG. Perfect for a mix of holiday cheer and cutting-edge cybersecurity insights! 🔗 Resources: OWASP GenAI Project: genai.owasp.org #GenAISecurity #Cybersecurity #Podcast #Thanksgiving #AI #OWASP Theme song, 'Crumbling Castle,' freely usable by King Gizzard And The Lizard Wizard, as per https://kinggizzardandthelizardwizard.com/bootlegger.
2024-11-2829 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 25: Meeting November 20 2024 Version 2025 Released This WeekThe session covers key updates and lively discussions among team members. Steve Wilson welcomes attendees and discusses recent travels and the prepared slide deck. The team celebrates the release of the new Top 10 list and its positive reception. Scott Clinton shares success stories and goals from the sponsorship program, while social media growth, project roadmap, and community contributions are highlighted. Krishna updates on the newsletter and future plans for webinars and outreach. The growth of the solutions landscape and the onboarding of a new web team are also discussed. The team brainstorms new initiatives, including workshops and virtual events...
2024-11-2145 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 24: Meeting November 6 2024 Deepfake Guidance, Solutions Landscape And MoreJoin us for an engaging meeting discussing the November 6th edition of the OWASP Top 10 for LLM (Large Language Model) applications. Steve Wilson leads the session, providing updates on the latest developments, including the release candidate, feedback collection, and expectations for the final version. Key points include the importance of the OWASP Top 10 list for 2025, feedback on errors and formatting, and insights into the traction generated by recent press releases and media coverage. The team also discusses the solutions landscape document, the searchable directory of solutions, and upcoming announcements for the new OWASP Top 10 list. Contributions from team members...
2024-11-0822 minCyberHub Podcast
CyberHub Podcast🚨 Nokia & Schneider Electric Investigate Data Breaches, MoneyGram Replaces Leadership, Spyware Legal Barriers🚨 Nokia & Schneider Electric Investigate Data Breaches, MoneyGram Replaces Leadership, Spyware Legal Barriers   🎙️ Join us on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitionersToday’s episode will discuss the latest news as Nokia & Schneider Electric investigate claims of data breach with more news below:• Cisco Notified Customers of Data Breach  • SEC Moves to get more testimony against SolarWinds• Google Patches Vulnerabilities           For more information, please visit our website: https://www.cyberhubpodcast.com/ ✅ Story Links: https://www.bl...
2024-11-0518 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 23: Meeting October 23 2024 Finalizing The 2025 Top 10 And More!In this meeting, the team finalizes the 2025 version of the OWASP Top 10 list for large language models (LLMs), highlighting key updates to the entries and ongoing efforts to refine the document's graphical layout. They also discuss the integration of the solutions catalog, which now features over 40 contributions from both open-source and commercial entities. Additionally, plans for a robust PR and media outreach campaign are outlined, including potential briefings with press and analysts, and the announcement of a sponsorship program in November. The team is also considering hosting a virtual event in December to highlight the new 2025 list and other...
2024-10-2817 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 22: Meeting October 9 2024 Prompt Injection Redefined, AI Bill Of MaterialsCatch up on the latest OWASP Top 10 for Large Language Models (LLMs) meeting! Russell Tait and Rachel discuss AI Incident response, while Steve Wilson updates on transitioning to the 2024 version. Key topics include prompt injection redefinition, red teaming progress, AI Bill of Materials proposal, and updates on the Deepfake Guide, AI-enhanced Cyber Attack Guidance, and exploit generation for AI. Sandy Dunn provides an AI Security Checklist update and proposes a centralized definitions page, and Scott Clinton announces the new Center of Excellence guide and encourages contributions to the Solutions Guide. For more details, check out the Deepfake Guide and...
2024-10-2558 minPromptCast: The Voice of AI and Security
PromptCast: The Voice of AI and SecurityAubrey King, PR Lead at OWASP and Community Evangelist at F5 on AI as defensive and offensive toolItamar hosted Aubrey King, PR Lead at OWASP and Community Evangelist at F5 for a fascinating episode on AI and Security all around: from how attackers are using AI to attack organizations, to defending organizations with AI, or why haven't we seen *yet* the WannaCry or SolarWinds of GenAI. Don't miss a unique musical recommendation by Aubrey: King Gizzard & the Lizard Wizard -------------------------------------------------------------------- Learn more about Prompt Security: https://prompt.security
2024-10-1535 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 21: Meeting September 11 2024 Prompt Leakage, Agent Interaction, Supply ChainIn our recent session, we discussed the ever-evolving landscape of AI and machine learning security. Key highlights include: 1. Prompt Leakage: Addressing vulnerabilities where AI systems inadvertently disclose sensitive information. 2. Agent Interaction Risks: Focusing on excessive agency and the complexities of multi-agent systems. 3. Supply Chain Vulnerabilities: Ensuring robust security measures in AI development pipelines.
2024-09-1357 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 20: Meeting August 28 2024 Defining AI Incidents, Deep Fake GuidanceIn our recent meeting, we covered crucial topics such as defining AI incidents, publishing deep fake guidance, and innovative research on AI exploitation. Our community continues to drive forward with impactful initiatives. Also, a special mention to our beautiful new HQ in Colorado! 🌄 #AI #CyberSecurity #OWASP
2024-09-1353 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 19: Meeting August 15, 2024 AI-Enhanced Cyber Attack ResponsesIn our recent meeting, we explored several key topics, including AI-enhanced cyber attack responses, the importance of automated PDF generation for documentation, and welcoming new members to our community. These discussions are crucial for staying ahead in AI and cybersecurity. Dive in and contribute to shaping the future of AI security with us. #AI #CyberSecurity #OWASP #TechInnovation
2024-09-1334 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 18: Meeting August 1 2024: Multi-Agent Architectures In AIIn our recent meeting, we explored the evolving landscape of agentic workflows and multi-agent architectures in AI. From discussing the orchestration of tools to the complexities of fully autonomous agents, our team is at the forefront of AI innovation. Dive into the discussion, share your insights, and help shape the future of AI governance. #AI #MachineLearning #AIInnovation #AIResearch
2024-09-1357 minChangelog Master Feed
Changelog Master FeedCybersecurity in the GenAI age (Practical AI #286)Dinis Cruz drops by to chat about cybersecurity for generative AI and large language models. In addition to discussing The Cyber Boardroom, Dinis also delves into cybersecurity efforts at OWASP and that organization’s Top 10 for LLMs and Generative AI Apps. Leave us a commentChangelog++ members save 7 minutes on this episode because they made the ads disappear. Join today!Sponsors:Speakeasy – Production-ready, enterprise-resilient, best-in-class SDKs crafted in minutes. Speakeasy takes care of the entire SDK workflow to save you significant time, delivering SDKs to your customers in minutes with just a fe...
2024-09-1151 minPractical AI
Practical AICybersecurity in the GenAI ageDinis Cruz drops by to chat about cybersecurity for generative AI and large language models. In addition to discussing The Cyber Boardroom, Dinis also delves into cybersecurity efforts at OWASP and that organization’s Top 10 for LLMs and Generative AI Apps.Join the discussionChangelog++ members save 7 minutes on this episode because they made the ads disappear. Join today!Sponsors:Speakeasy – Production-ready, enterprise-resilient, best-in-class SDKs crafted in minutes. Speakeasy takes care of the entire SDK workflow to save you significant time, delivering SDKs to your customers in minutes with just a few clic...
2024-09-1151 minTrustworthy AI : De-risk business adoption of AI
Trustworthy AI : De-risk business adoption of AISecuring GenAI: Secure our FutureThis episode of Trustworthy AI : De-risk business adoption of AI is  brought to you by Trusted AI. Securing Generative AI, LLMs is a critical topic for adopting AI.Host Pamela Gupta, CEO Trusted AI talks with Steve Wilson leader of the LLM Governance & Cybersecurity OWASP , Product officer at Exabeam, author Developers Playbook for LLM security, O’ReillyWhy is Securing GenAI critical?Organizations are increasingly prioritizing value creation and demanding tangible results from their Generative AI initiatives. This requires them to scale up their Generative AI deployments— advancing beyond experimentation, pilots and proofs of co...
2024-09-1022 minResilient Cyber
Resilient CyberResilient Cyber w/ Steve Wilson - Securing the Adoption of GenAI & LLM'sIn this episode we sit down with GenAI and Security Leader Steve Wilson to discuss securing the explosive adoption of GenAI and LLM's. Steve is the leader of the OWASP Top 10 for LLM's and the upcoming book The Developer's Playbook for LLM Security: Building Secure AI Applications-- First off, for those not familiar with your background, can you tell us a bit about yourself and what brought you to focusing on AI Security as you have currently?- Many may not be familiar with the OWASP LLM Top 10, can you tell...
2024-08-2828 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 17: Core Member Meeting July 10 2024 - v2.0 New Threat ConversationWe took a break from the standard meeting and had a meeting of the core member team to hash out some of the new threats that have come up in conversation for v2.0 ranking.
2024-07-1158 minWE\'RE IN!
WE'RE IN!Ads Dawson on developing the OWASP Top 10 for Large Language ModelsAds Dawson, release lead and founding member for the Open Web Application Security Project (OWASP) Top 10 for Large Language Model Applications project, has no shortage of opinions on securing generative artificial intelligence (GenAI) and LLMs. With rapid adoption across the tech industry, GenAI and LLMs are dominating the conversation in the infosec community. But Ads says the security approach is similar to other attack vectors like APIs. First, you need to understand the context of AI-related vulnerabilities and how an attacker might approach hacking a particular AI model. In the latest episode of WE’RE IN!, Ads tal...
2024-06-2636 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 16: Meeting June 20 2024 - v2.0 Voting, Conferences & CFPs, PDF PipelinesThe team discussed the progress of the large language models expert group project, focusing on the voting phase for new entries and the future publication. They also discussed the importance of the top 10 list, the outreach roadmap, and the need for upcoming calls for papers. Lastly, they explored potential solutions for managing multiple PDF pipelines, the use of templating, and the team's presence at an upcoming conference in Lisbon.
2024-06-2040 minITSPmagazine
ITSPmagazineIt's Just Software, What Could Possibly Go Wrong? Exploring Deterministic GenAI and AI Trust Cards | An OWASP AppSec Global Lisbon 2024 Conversation with Isabel Praça, Dinis Cruz, and Rob van der Veer | On Location CoverageGuests:Isabel Praça, Coordinator Professor, ISEP - Instituto Superior de Engenharia do PortoOn LinkedIn | https://www.linkedin.com/in/isabel-pra%C3%A7a-07b86310/At OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/icpDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruzAt OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/dinis.cruzRob van der Veer, Senior director at Software Improvement Group [@sig_eu]
2024-06-1934 minRedefining CyberSecurity
Redefining CyberSecurityIt's Just Software, What Could Possibly Go Wrong? Exploring Deterministic GenAI and AI Trust Cards | An OWASP AppSec Global Lisbon 2024 Conversation with Isabel Praça, Dinis Cruz, and Rob van der Veer | On Location CoverageGuests:Isabel Praça, Coordinator Professor, ISEP - Instituto Superior de Engenharia do PortoOn LinkedIn | https://www.linkedin.com/in/isabel-pra%C3%A7a-07b86310/At OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/icpDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruzAt OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/dinis.cruzRob van der Veer, Senior director at Software Improvement Group [@sig_eu]
2024-06-1934 minOn Location With Sean Martin And Marco Ciappelli
On Location With Sean Martin And Marco CiappelliIt's Just Software, What Could Possibly Go Wrong? Exploring Deterministic GenAI and AI Trust Cards | An OWASP AppSec Global Lisbon 2024 Conversation with Isabel Praça, Dinis Cruz, and Rob van der Veer | On Location CoverageGuests:Isabel Praça, Coordinator Professor, ISEP - Instituto Superior de Engenharia do PortoOn LinkedIn | https://www.linkedin.com/in/isabel-pra%C3%A7a-07b86310/At OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/icpDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruzAt OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/dinis.cruzRob van der Veer, Senior director at Software Improvement Group [@sig_eu]
2024-06-1934 minSecurity Weekly Podcast Network (Audio)
Security Weekly Podcast Network (Audio)GenAI, Security, and More Lies - Aubrey King - PSW #832We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Skyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headphones, decrypting firmware, and VPNs are still being hacked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-832
2024-06-142h 54Security Weekly Podcast Network (Video)
Security Weekly Podcast Network (Video)GenAI, Security, and More Lies - Aubrey King - PSW #832We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Show Notes: https://securityweekly.com/psw-832
2024-06-131h 03Paul\'s Security Weekly (Video)
Paul's Security Weekly (Video)GenAI, Security, and More Lies - Aubrey King - PSW #832We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Show Notes: https://securityweekly.com/psw-832
2024-06-131h 03Paul\'s Security Weekly (Audio)
Paul's Security Weekly (Audio)GenAI, Security, and More Lies - Aubrey King - PSW #832We will discuss LLM security in general and some of the issues covered in the OWASP Top 10 for LLMs! Segment Resources: https://genai.owasp.org/ Skyrocketing IoT vulnerabilities, bricked computers?, MACBORG!, raw dogging source code, PHP strikes again and again, if you have a Netgear WNR614 replace it now, Arm Mali, new OpenSSH feature, weird headphones, decrypting firmware, and VPNs are still being hacked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-832
2024-06-122h 54LLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 15: Meeting June 6 2024 - v2.0 Candidates, Top AI Tools List, CSA AI Summit And MoreThe team discussed the call for new vulnerability candidates for the OASP top 10 for large language models expert group, the challenges of accommodating all nominations for the AI Safety Institute's task force, and the ongoing process of creating a list of top AI tools. They also reviewed the progress of the organization's sponsorship program, plans for outreach, and the upcoming publication of a blog based on research from the University of Illinois. Lastly, they discussed the upcoming CSA AI summit, improving existing vulnerabilities, and the idea of creating a top 20 list to recognize emerging vulnerabilities.
2024-06-0854 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 14: Meeting May 23 2024 - RSA Recap, New Website, v2.0 EffortsThis week, Scott leads the bi-weekly meeting for May 23, 2004. We recap the RSA happenings, talk about the new website and get a bit of an update on the v2.0 efforts! Check out Episode 14 of the Bi-weekly Meeting Podcast!
2024-05-2334 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 13: Meeting April 25 2024 - v2 Updates, RSA Planning, New WebsiteSteve Wilson's back to lead the discussion for our April 25 2024 meeting for Episode 13. We talk about the v2 updates - even some survey response discussions. RSA Planning was a significant topic as well, as it's coming up quickly. We also talked the new website efforts and a whole lot more.
2024-04-2952 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 12: Meeting April 11 2024 - RSA, OWASP Media BlitzThe team, led by Scott, discussed upcoming activities including the RSA conference, a virtual summit on AI, and a website refresh. They also reviewed the success of their recent social media campaign and planned for future promotions. Lastly, they addressed the improvement of their data gathering methodology and looked forward to the next week's catch-up through Slack.
2024-04-1513 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 11: Meeting March 28 2024 - OWASP Top 10 For LLM ApplicationsThis month was huge. We talked about the returning core members and early data from our volunteer interest survey, as well as possible charter expansion. We've also got an AI summit coming up at RSA that is not to miss! Also, the leads gave reports, too!
2024-03-2852 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsEpisode 10: Meeting March 14 2024 - OWASP Top 10 For LLM ApplicationsSteve wasn't able to make the meeting this week, so Sandy Dunn ran the meeting. We talked about how to share any speaking opportunities you may have with the team and had great discussion around prompt injection and "AI-washing" from vendors.
2024-03-1540 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting Announcement! Thursday March 14, 2024 - 11am Eastern / 8am PacificSet your Alexa alarms, AI Community! We've got a meeting this Thursday and want to see YOU there! Meetings Link: https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings
2024-03-1300 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting February 29, 2024 - OWASP Top 10 For LLM ApplicationsWe talked about the 2.0 Kickoff and introduced the concept for budget and sponsorship.
2024-03-1257 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting Announcement! Thursday, Feb. 29 2024 - 11am Eastern / 8am PacificWe've got a meeting this Thursday @ 8am Pacific / 11am Eastern. Set your clocks, #AISecurity aficionados!Meetings Link: https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings #AI #LLMTop10
2024-02-2800 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting February 15, 2024 - OWASP Top 10 For LLM ApplicationsHear from some new community members and get into a bit of the 2.0 brainstorming, as well as hearing from the leads. Impending release for the Security And Governance Checklist!
2024-02-1641 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting February 1, 2024 - OWASP Top 10 For LLM ApplicationsThe 2.0 Kickoff meeting! This is where we break it down a bit. We talk about the goals of the project, in terms of evangelism and planning for the next major release. We also get a rundown on activities for each of the leads. If you want to know a bit more about what our visibility is actually looking like or any data from our audience, we go over the early results on our end consumer survey!
2024-02-0552 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting Announcement! Thursday, Feb 1, 2024 - 11 AM Eastern / 8 AM PacificCome check out our bi-weekly meeting on February 1! ⁠https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings --- Send in a voice message: https://podcasters.spotify.com/pod/show/owasp-top-10-for-llm-apps/message
2024-02-0100 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting January 18, 2024 - OWASP Top 10 For LLM ApplicationsTalked about the reception of our first three translations, the forthcoming Security & Governance Checklist and the impending 2.0 release announcement. Join us every two weeks for the latest in our project.
2024-01-2228 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting Announcement! Thursday, Jan 18, 2024 - 11 AM Eastern / 8 AM PacificCome check out our bi-weekly meeting tomorrow, Jan 18! https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Meetings
2024-01-1700 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting January 04, 2024 - OWASP Top 10 For LLM ApplicationsFirst meeting after the holiday season, so a bit short. We covered the podcast release, passing 1000 LinkedIn subscribers, talked about the new language translations forthcoming release, getting closer on the Security & Governance Checklist and much more!
2024-01-0421 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting December 21, 2023 - OWASP Top 10 For LLM ApplicationsOur Bi-Weekly Meeting!
2023-12-2230 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting December 7, 2023 - OWASP Top 10 For LLM ApplicationsOur Bi-Weekly meeting for Dec. 7 2023.
2023-12-2236 minLLM Apps Top 10 Bi-Weekly Project Meetings
LLM Apps Top 10 Bi-Weekly Project MeetingsMeeting November 9, 2023 - OWASP Top 10 For LLM ApplicationsThis is our meeting update for Nov. 9, 2023.
2023-12-2246 min