🎃 OWASP LLM Top 10 Newsletter - October '23 Edition 🎃

It’s hard to keep your witch hat on when you’re flying so high! Send us your best costumed-up Wasps and we’ll feature our favorites!

A witch wasp riding a broom in front of the moon

It’s hard to keep your witch hat on when you’re flying so high!
Send us your best costumed-up Wasps and we’ll feature our favorites!

Welcome to our spo0o0oky October edition of the OWASP LLM Apps Top 10 newsletter! 👻 This month we’ve got a boo-tiful array of topics for you to visit so don’t be afraid to scroll down and treat yourself!

🧪 Boo-st in Followers, Spirited Chats, and Our Project's 'Lab-oratory' Evolution! 🧪

Wow, we’ve seen a huge increase in interest in the program and our newsletter in the last month! Our newsletter audience has grown to over 300 awesome people! I promise no more updates til we hit 1000 (January? 🧐) but shoutouts to all of our readers as well those of you that have been sharing that subscribe link!

In case you missed the memo, our bi-weekly meeting has been pushed up an hour to 8am Pacific, 11am Eastern, and 4pm GMT! View the updated links as well as the handy .ical 📆 file at our meetings page on the wiki.

As a last house-cleaning item, the OWASP board approved promoting the OWASP LLM Apps Top 10 project up from Incubator Status to Lab Status! 🎉 

OWASP Labs projects represent projects that have produced an OWASP reviewed deliverable of value. We hope you have derived great value from the project so far and will decide to contribute! Join our #project-top10-for-llm slack channel today (Slack invite Link) to get started being a contributor!

🍬 No Tricks, All Treats: Version 1.1 and a Web Update to Howl About! 🍬

On October 16th we published the v1.1 of our LLM Apps Top 10 list, which focused on typos, grammatical errors, and inconsistencies. You can read it in our beautiful PDF version or check it out our newly updated for v1.1 webpage! This update couldn’t have been done without all of our great volunteers and core team, including v1.1 lead Ads Dawson, closing out 55 Github issues and 17 pull requests to make it happen!

One of my favorite goodies that came with v1.1 was this slick visual aid diagram by Mike Finch that you can find on our site’s homepage!

Click/tap the image above to view the diagram in all its glory!

⚗️ Gathering Ingredients for the Next Potion: The v2.0 Brew-haha! ⚗️

In the latest Data Gathering group meeting on October 16th, Bob, Emmanuel, and Sandy discussed next steps to v2.0 of our Top 10. They talked about Data Flow, cross-organizational data sharing, as well as creating additional visual representation to facilitate understanding. The video recording has been uploaded to Youtube so check out the video for the full meeting’s contents!

🪦 Unveiling the Cursed Crypts: Our List of Vulnerable LLM Apps! 🪦

A big round of applause is in order for the brilliant minds behind the vulnerable applications featured in our Vulnerable LLM Applications List. Your work provides an invaluable training ground for security professionals to better understand the intricacies of LLM vulnerabilities. If you haven't checked out this crucial resource yet, you can find the full list here.

But hold on, we're not stopping there! Ads is ambitiously working to set up a vulnerable container-based application and is actively seeking contributors. If you're looking for a meaningful way to contribute to the community, reach out in the #project-top10-for-llm slack channel and share how you would like to contribute! (Slack invite Link)

🌕 Full Moon Findings: Bug Bounty programs and Hackers Are Shapeshifting with GenAI! 🌕

Both Microsoft and Google unveiled bug bounty scopes related to their GenAI products this month. Notable with these announcements were the list of vulnerabilities, adversarial tactics, techniques and more they shared that they were interested in for paying bug bounty hackers for. For instance, Microsoft has out of scope attacks done by a user that only affect that same user, and Google is not paying for finding ways to use a GenAI to do potentially harmful things that are already possible with other tools.

Microsoft’s Vulnerability Severity Classification for AI Systems

Google’s list of common GenAI Adversarial tactics, techniques, and procedures

Also this month HackerOne released their Annual Hacker-Powered Security Report. Notable this year were the three slides focused on LLMs. My personal favorite metric was 62% of bug bounty hacker respondents saying they would be specializing in our OWASP LLM Apps Top 10 list! 

One of the GenAI slides from HackerOne’s Hacker-Powered Security Report

🧙‍♂️ You shall not pass! 🧙‍♂️

Earlier we covered the list of LLM Vulnerable apps. One such particular app that’s embraced the Halloween season is Lakera’s Halloween edition Gandalf game. Try your best to trick Gandalf into sharing the secret passwords and you could make it onto their leaderboard! These sorts of games are great for helping others understand how adversaries may try to bypass their well-intended LLM app!

Be careful eating candy that you get from Gandalf! They may be explosive!

🔮 Social Media Séance: Connect with Us Beyond the Newsletter! 🔮

Did you know besides a newsletter we also have content on LinkedIn, Youtube, and Twitter? Follow and don’t be shy to re-share any content we post! By the way, if you're presenting anything related to our project externally, do let us know at [email protected] so we can review and blast out to our social media followers!

📕 On a personal note… 📕

Earlier this month I presented on Generative AI and the security risks that come alongside of it to the latest group of mentees for Cyversity’s mentorship program. The attendees had great questions around GenAI use cases and how companies are making sure security is built into the many tools that are being stood up every day. I was impressed with how many of the mentees were already diving deep into the new technology!

Shoutout to Akeem, Alison, Azhar, Eliza, Enedelio, Enoch, Haozhe, Jeanette, Rafael, Ray, Remya, Timothy, and others on their thoughtful LinkedIn posts following the presentation. I look forward to hearing from each of you in the future on what further findings you may find in the GenAI tools you explore or build!

🪄 Pumpkin Carriage Awaits: See You in the Next Enchanted Issue! 🪄

And that’s a wrap on our October edition of the newsletter! As we head into the holiday season over the next couple of months, I recommend taking a few moments to explore GenAI with friends or family members. We will be in the minority of users for these tools in the future, and watching how more normal users (I mean that in the nicest way possible) use these tools may help you understand in what ways adversaries may either try to attack tools and/or their users!

Dressing up as “Where’s Waldo?” this year,

Will Chilcutt
Connect with me on LinkedIn, Follow me on Twitter