https://blog.lameiro0x.com/tags/owasp/Recent content in Owasp on Miguel Lameiro | Cybersecurity Blog & Security WriteupsHugo -- 0.161.1en-usWed, 06 May 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/ai-security/owasp-top-10-for-llm-applications-practical-guide/Wed, 06 May 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/ai-security/owasp-top-10-for-llm-applications-practical-guide/<h2 id="introduction">Introduction</h2> <p>The OWASP Top 10 for LLM Applications is useful because it moves the conversation beyond &ldquo;the model said something wrong.&rdquo; In real systems, an LLM is connected to prompts, RAG, vector databases, tools, APIs, logs, users, permissions, providers, and business workflows.</p> <p>That is where the risk lives. A bad response is a quality problem. A bad response that triggers a tool call, leaks internal context, writes to a ticketing system, executes generated SQL, or retrieves another user&rsquo;s documents becomes a security problem.</p>