Loading
Preparing your Intelligence workspace
We are restoring your source feed, E-Fraud Watch context, account state, and trust signals.
Loading
We are restoring your source feed, E-Fraud Watch context, account state, and trust signals.
While LLMs and agents are new to appsec and everyone else, a lot of AI security requirements translate to well-known API security requirements. Jeremy Snyder helps us frame the OWASP LLM Top 10 into five layers in order to help orgs understand and prioritize their attack surface. A lot of orgs don't have to deal with model-specific threats or building their own GPU architecture, but every org adopting LLMs and agents should be aware of how those agents are being invoked and the output those agents are producing. That awareness of input and output helps in identifying and mitigating prompt injection attacks, ensuring agents are working within their expected boundaries, and taming token budgets. Resources: - https://genai.owasp.org/llm-top-10/ - https://github.com/rtk-ai/rtk - https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-caching.html - https://www.firetail.ai/blog/beyond-the-spectacle-rsac-2026-and-the-5-layers-of-ai-security Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-391
Trust cues for videos