Exploring OWASP Top 10 for Large Language Model (LLM) Applications

AGENDA

6:00 - 6:15pm: Introduction

6:15 - 8:00pm: Steve Wilson - Exploring OWASP Top 10 for Large Language Model (LLM) Applications

Summary of the talk:

The OWASP Top 10 for Large Language Model Applications project provides a list of the top 10 most critical vulnerabilities often seen in LLM applications, highlighting their potential impact, ease of exploitation, and prevalence in real-world applications. Examples of vulnerabilities include prompt injections, data leakage, inadequate sandboxing, and unauthorized code execution, among others. In this talk, we'll explore these vulnerabilities and provide real world examples of exploitation methods.

Speaker bio:
Steve Wilson is Chief Product Officer at Exabeam. Wilson leads product strategy, product management, product marketing, and research at Exabeam. He is a leader and innovator in AI, cybersecurity, and cloud computing, with over 20 years of experience leading high-performance teams to build mission-critical enterprise software and high-leverage platforms. Before joining Exabeam, he served as CPO at Contrast Security
leading all aspects of product development, including strategy, product management, product marketing, product design, and engineering. Wilson has a proven track record of driving product transformation from on-premises legacy software to subscription-based SaaS business models including at Citrix, accounting for over $1 billion in ARR.
He also has experience building software platforms at multi-billion dollar technology companies including Oracle and Sun Microsystems.

Wilson is also a project leader at the Open Web Application Security Project (OWASP) Foundation where he has assembled a group of over 400 experts to create the first industry-standard, comprehensive reference project called the “Top 10 List for Large Language Model Applications.” The list educates developers, designers, architects, managers, and organizations about the potential security risks when deploying and
managing generative AI and other large language models (LLMs). He holds a degree in Business Administration from the University of San Diego and a second-degree black belt from the American Taekwondo Association.