In this talk we will look at the OWASP LLM Top 10 from a different angle: not from the attacker perspective but from a developer point of view. We captured findings from public AI security challenges designed to evaluate the resilience of LLM applications against some of the OWASP LLM Top 10 threats. During this events developers have been provided with vulnerable AI application with the goal of creating a valid patch to succesfully block automated attacker exploits. We looked at both good and bad patches, succes rate and real time evolution of the patches and how they vary across the different top 10 category.

We will share insights and results of the experiment.