Resources

AI Security Checklist

A hands-on walkthrough of the OWASP LLM Top 10 for developers and security teams shipping AI features. Real incidents, practical fixes, no fluff.

How to use this checklist

Work through each of the 10 vulnerability classes below. Expand a section to see the checklist items, a real-world incident, and a quick fix you can ship today. Check off items as you address them. Your progress is tracked per section. This is meant to be worked through with your team, not read passively.

Based onOWASP Top 10 for LLM Applications (2025)with practitioner context added by Aravind Arumugam.

Want the full breakdown?

I write about AI security, prompt injection defences, and practical LLM hardening on this blog. No vendor pitches, just what works in production.

Read the blog

How to use this checklist

AI Security Checklist

How to use this checklist

Prompt Injection

Sensitive Information Disclosure

Supply Chain Vulnerabilities

Data and Model Poisoning

Improper Output Handling

Excessive Agency

System Prompt Leakage

Vector and Embedding Weaknesses

Misinformation

Unbounded Consumption

Master Audit Prompt

Want the full breakdown?

AI Security Checklist

How to use this checklist

Prompt Injection

Sensitive Information Disclosure

Supply Chain Vulnerabilities

Data and Model Poisoning

Improper Output Handling

Excessive Agency

System Prompt Leakage

Vector and Embedding Weaknesses

Misinformation

Unbounded Consumption

Master Audit Prompt

Want the full breakdown?