PromptArmor

Framework

OWASP Top 10 for LLM

Evaluate AI in vendors against the OWASP Top 10 for LLM. PromptArmor assesses all ten vulnerability classes — from prompt injection to unbounded consumption — across every vendor in your portfolio.

See it in actionNIST AI RMF

All ten categories

How PromptArmor assesses each risk

LLM01

Prompt Injection

User or environmental inputs alter LLM behavior in unintended ways. PromptArmor identifies which vendor AI systems are susceptible to direct and indirect prompt injection, including cross-context injection from connected data sources.

LLM02

Sensitive Information Disclosure

LLMs expose PII, financial data, health records, or proprietary credentials through outputs. PromptArmor assesses vendor data handling policies and output controls to flag where sensitive information can surface.

LLM03

Supply Chain

Third-party models, datasets, or fine-tuning pipelines introduce integrity risk. PromptArmor surfaces vendor model provenance — including base model sources, third-party integrations, and training data lineage.

LLM04

Data and Model Poisoning

Adversarial manipulation during pre-training, fine-tuning, or embedding stages corrupts model behavior. PromptArmor flags vendors that train on user data by default and documents the scope of that training exposure.

LLM05

Improper Output Handling

Insufficient validation or sanitization of LLM outputs creates downstream injection risks. PromptArmor evaluates vendor output handling controls and identifies gaps in downstream data processing.

LLM06

Excessive Agency

LLMs granted broad function-calling or agentic capabilities act beyond intended scope. PromptArmor identifies which vendor AI systems operate with agentic permissions and what external systems those agents can access.

LLM07

System Prompt Leakage

Vendor system prompts containing sensitive configuration or business logic are exposed through outputs. PromptArmor tests vendor AI for prompt leakage vectors and documents confidentiality controls.

LLM08

Vector and Embedding Weaknesses

RAG implementations introduce vulnerabilities through untrusted retrieval sources or weak similarity thresholds. PromptArmor evaluates vendor RAG architecture and retrieval scope for exploitable embedding weaknesses.

LLM09

Misinformation

Hallucinated or misleading LLM outputs are presented as factual. PromptArmor documents vendor grounding controls, citation practices, and confidence signaling to surface misinformation risk.

LLM10

Unbounded Consumption

Uncontrolled inference requests lead to denial of service or runaway resource costs. PromptArmor assesses vendor rate limiting, quota controls, and resource governance policies.

Every PromptArmor vendor report maps findings across all 10 OWASP LLM categories and surfaces where your vendors carry the most exposure.

Book a Demo

Coverage

All 10 categories. Every vendor. Continuously.

PromptArmor maps OWASP Top 10 for LLM findings to every vendor in your ecosystem — with continuous monitoring to detect when risk profiles change as vendors update their AI.

Book a Demo

10 / 10

OWASP categories covered

10,000+

Vendors assessed

OWASP, NIST, MITRE

Frameworks mapped

75%

Review time reduction

Get started

Assess vendors against OWASP Top 10 for LLM

See how PromptArmor gives your security team complete OWASP LLM coverage across your entire vendor portfolio.

Book a Demo