To deal with this issue, the OWASP Foundation was launched in 2001. “The initial goal of OWASP was to create a platform where security experts could share knowledge, tools, and best practices to improve web application security,” says Jim Mercer, program vice president, software development, DevOps, and DevSecOps at IDC.

And as cyber practitioners scramble to upskill themselves on the topic of artificial intelligence (AI) security and their organizations quickly adopt AI tools, platforms, applications, and services, various resources are emerging in the industry to help practitioners process the ever-changing landscape.

One of the most useful of those is the OWASP AI Exchange. OWASP has increasingly positioned itself as a go-to resource for AI security knowledge, including publishing the OWASP LLM top 10 list in 2023, which documents the top 10 risks for LLM systems and recommendations on how to mitigate those risks.