https://blog.lameiro0x.com/tags/llm-security/Recent content in Llm-Security on Miguel Lameiro | Cybersecurity Blog & Security WriteupsHugo -- 0.161.1en-usFri, 08 May 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/ai-security/red-teaming-llm-applications-practical-assessment-workflow/Fri, 08 May 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/ai-security/red-teaming-llm-applications-practical-assessment-workflow/<h2 id="introduction">Introduction</h2> <p>Red teaming an LLM application is not the same thing as checking whether the base model passed a benchmark. The deployed application has prompts, retrieval, tools, business rules, memory, hidden context, and user workflows. Those layers create risks that do not exist in the foundation model alone.</p> <p>The course uses two demo applications: a banking assistant and an ebook store support bot. The useful pattern is not the specific brand names or prompts. The useful pattern is the assessment workflow: define scope, probe manually, automate repeatable checks, use scanners where they help, and connect successful attacks to real application impact.</p>https://blog.lameiro0x.com/notes/ai-security/owasp-top-10-for-llm-applications-practical-guide/Wed, 06 May 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/ai-security/owasp-top-10-for-llm-applications-practical-guide/<h2 id="introduction">Introduction</h2> <p>The OWASP Top 10 for LLM Applications is useful because it moves the conversation beyond &ldquo;the model said something wrong.&rdquo; In real systems, an LLM is connected to prompts, RAG, vector databases, tools, APIs, logs, users, permissions, providers, and business workflows.</p> <p>That is where the risk lives. A bad response is a quality problem. A bad response that triggers a tool call, leaks internal context, writes to a ticketing system, executes generated SQL, or retrieves another user&rsquo;s documents becomes a security problem.</p>