Overview
Severity: MEDIUM | Affected: OWASP | Category: tool
The Open Web Application Security Project (OWASP) has officially released 'Vellum,' a new open-source framework designed to standardize the security testing and red teaming of Large Language Model (LLM) applications. Vellum provides security professionals with a comprehensive toolkit to simulate a wide range of threats outlined in the OWASP Top 10 for LLMs. Its modules include automated testing for prompt injections and insecure output handling, simulations of data poisoning attacks on training pipelines, and tools to detect sensitive data leakage from model responses. By offering a modular and extensible platform, OWASP aims to empower organizations to build more robust and secure AI systems. Vellum integrates with popular CI/CD pipelines, allowing for continuous security validation throughout the development lifecycle.