OWASP's Playbook For Preventing AI Data Leaks
SC Media, Thursday, July 10th, 2025
AI doesn't need to be hacked to leak confidential content. It just needs to be asked the right way.
In the era of GenAI, sensitive information doesn't just live in files or servers. It resides in vectors, embeddings and training tokens. Once an LLM has ingested something, there's a real chance it might say it back.
Because large language models (LLM) ingest vast amounts of data via training and through user generated chats, policing the sensitive information disclosed to users becomes uniquely challenging. Quite simply, there's no guaranteed way to make LLMs keep secrets.
In Part One, SC Media examined the rising threat of Sensitive Information Disclosure, the second-ranked risk in OWASP's Top 10 for LLM Applications 2025. Here in Part Two, we dig into the mitigation strategies that OWASP recommends for AI developers, CISOs, and product leaders.