Season 3 Episode 12
Ads Dawson on developing the OWASP Top 10 for Large Language Models
Ads Dawson, release lead and founding member for the Open Web Application Security Project (OWASP) Top 10 for Large Language Model Applications project, has no shortage of opinions on securing generative artificial intelligence (GenAI) and LLMs. With rapid adoption across the tech industry, GenAI and LLMs are dominating the conversation in the infosec community. But Ads says the security approach is similar to other attack vectors like APIs. First, you need to understand the context of AI-related vulnerabilities and how an attacker might approach hacking a particular AI model.
In the latest episode of WE’RE IN!, Ads talks about including threat modeling from the design phase when integrating GenAI into applications, and how he uses AI in his red teaming and application security work.
Listen to hear more about:
- The misuse of AI, such as creating deep fakes for financial gain or manipulating powerful systems like the stock market
- The role of governments in securing the AI space and the concept of “safe” AI
- How the infosec community can contribute to OWASP frameworks
Topics Covered
OWASP Top 10 LLM Security GenAI Risks Deepfakes AI Red Teaming Government Policy
Notable Quotes
“The biggest risk isn’t the model itself — it’s how organizations deploy it without understanding the attack surface.” — Ads Dawson
“Deepfakes are moving faster than our detection capabilities, and that gap is where attackers live.” — Ads Dawson
From the Episode
The way I think about LLM security is actually very similar to how we’ve always approached API security — you start with the attack context. What model is being used? How is it deployed? What interfaces does an attacker have to interact with it? Those questions haven’t changed; only the technology underneath has.
The OWASP Top 10 for LLM Applications came out of a real need in the community to have a shared vocabulary. When I was doing red team exercises against AI systems, I kept seeing the same classes of issues — prompt injection being the most prevalent, data leakage through over-permissive integrations, insecure output handling. These aren’t exotic new attacks. They’re extensions of problems we know how to solve, but applied to a novel context.
What I tell organizations deploying GenAI is: don’t skip threat modeling. That conversation has to happen at design time, not after you’ve pushed to production. And the infosec community has a real opportunity here — contributing to open frameworks like OWASP is how we collectively raise the floor.
About the Guest
Ads Dawson is a leading AI and application security researcher known for contributions to the OWASP Top 10 for LLM Applications project. With deep expertise in generative AI threats, Ads advises organizations on securing LLM deployments against prompt injection, data leakage, and adversarial misuse.
Enjoyed this episode? Explore the full Synack podcast library.