The OWASP Top 10 for Large Language Model Applications are mitigated in the development of large language model applications.
Injection: Validate and sanitize all inputs to the LLM to prevent injection attacks. Ensure user-supplied data does not contain harmful code, such as malicious SQL or shell commands, that could manipulate the underlying system or model. Use parameterized queries and context-aware escaping to safeguard against injection in LLM inputs.
All user-supplied input must be handled securely by separating data from commands. Utilize safe APIs that avoid direct interaction with interpreters by employing parameterized interfaces or Object Relational Mapping Tools (ORMs). Be cautious of stored procedures that concatenate queries and data, as they can still be vulnerable when using commands like EXECUTE IMMEDIATE or exec(). Enforce strict server-side input validation to filter out harmful characters, recognizing that this defense may not suffice in all cases, such as APIs requiring special characters. For dynamic queries, apply context-specific escape mechanisms tailored to the interpreter in use. Structure names such as table and column names, often unescapable, must never rely on user-supplied input to avoid structural query manipulation. Implement SQL constraints, such as LIMIT, to restrict query scope and mitigate the risk of mass data exposure during an injection attack. These practices ensure robust defenses against injection vulnerabilities while preserving functionality for legitimate use cases.
| ID | Operation | Description | Phase | Agent |
|---|---|---|---|---|
| SSS-02-05-03-01-01 | Validate and sanitize user inputs | Implement robust server-side input validation to filter and sanitize user-supplied data, ensuring no hostile or malformed input is processed by the application. | Development | Development teams, Security team |
| SSS-02-05-03-01-02 | Use parameterized queries and safe APIs | Replace dynamic queries with parameterized queries or ORM tools that safely handle user inputs, avoiding direct concatenation in SQL or other interpreters. | Development | Security team, Database administrators |
| SSS-02-05-03-01-03 | Implement residual query escaping and SQL controls | For cases requiring dynamic queries, escape special characters using interpreter-specific syntax and use SQL controls (e.g., LIMIT) to restrict mass record access. | Development | Development teams, Security team |
| SSS-02-05-03-01-04 | Monitor and test for injection vulnerabilities | Perform static and dynamic application testing to identify and remediate injection vulnerabilities. Use automated tools and penetration testing to ensure no untrusted input reaches queries. | Post-deployment | QA team, Security team |
| Industry framework | Academic work | Real-world case |
|---|---|---|
|
Information Security Manual (ISM-1923) The Open Worldwide Application Security Project Top 10 (A03:2021) The Open Worldwide Application Security Project Top 10 (A03:2021) |