LLM Security and OWASP Top 10 for LLM Applications 2025
Our content team released a new course that covers LLM Security including lessons specific to the update OWASP Top 10 LLM Application list.
A notable enhancement to our hands-on lessons is the seamless integration of videos, streamlining the learning experience. Learners who need additional depth can now watch relevant videos without leaving the hands-on lesson, making it easier to absorb key concepts in context.
AI/LLM Hands-On Only path
Path Name: HackEDU: OWASP Top 10 for LLM Applications
* indicates that lesson includes new optional video
*AI/LLM | Prompt Injection (HackEDU)
*AI/LLM | Sensitive Information Disclosure (HackEDU)
*AI/LLM | Supply Chain Vulnerabilities (HackEDU)
*AI/LLM | Training Data Poisoning (HackEDU)
*AI/LLM | Improper Output Handling (HackEDU)
*AI/LLM | Excessive Agency: Human in the Loop (HackEDU)
AI/LLM | Excessive Agency: Prompt Security
AI/LLM | Excessive Agency: Insecure Plugin Design
*AI/LLM | Prompt Leakage (HackEDU)
*AI/LLM | Vector and Embedding Weaknesses (HackEDU)
*AI/LLM | Misinformation (HackEDU)
*AI/LLM | Unbounded Consumption (HackEDU)
There were several changes made to this path including:
Model Denial of Service renamed to Unbounded Consumption
Overreliance renamed to Misinformation
Insecure Output Handling was renamed to Improper Output Handling to conform with OWASP
Insecure Plugin Design renamed to Excessive Agency: Insecure Plugin Design
New lessons: Excessive Agency: Human in the Loop, Excessive Agency: Prompt Security, Vector and Embedding Weaknesses
AI/LLM Video and Hands-On
Path Name: AI/LLM Security
* indicates that lesson includes new optional video
Introduction to AI/LLM Security
*AI/LLM | Prompt Injection (HackEDU)
*AI/LLM | Sensitive Information Disclosure (HackEDU)
*AI/LLM | Supply Chain Vulnerabilities (HackEDU)
*AI/LLM | Training Data Poisoning (HackEDU)
*AI/LLM | Improper Output Handling (HackEDU)
*AI/LLM | Excessive Agency: Human in the Loop (HackEDU)
AI/LLM | Excessive Agency: Prompt Security
AI/LLM | Excessive Agency: Insecure Plugin Design
*AI/LLM | Prompt Leakage (HackEDU)
*AI/LLM | Vector and Embedding Weaknesses (HackEDU)
*AI/LLM | Misinformation (HackEDU) (Now with optional intro video)
*AI/LLM | Unbounded Consumption (HackEDU)
AI Security Toolchain
Secure Development Leveraging LLM’s
LLM Enterprise Security
Governance for AI/LLM Systems
AI/LLM | Model Theft (HackEDU)
There were several changes made to this path including removing 3 videos: Data Science Engineering for AI/LLM, Model Engineering for AI/LLM, and Application and Plugin Security for AI/LLM. Additionally, we updated the path to include the new OWASP Top 10 threat lessons.