Overview
Severity: MEDIUM | Affected: OWASP | Category: tool
The Open Web Application Security Project (OWASP) has officially launched LLMGuard, a new open-source framework designed to act as a security firewall for applications built on large language models. LLMGuard provides a configurable set of defenses against common AI-specific threats, including prompt injection, data leakage, and denial-of-service attacks targeting model inference. It operates as an intermediary API gateway, inspecting both inbound prompts and outbound model responses for malicious patterns. Key features include a pluggable scanner architecture for detecting PII and secrets, semantic similarity filters to block known harmful inputs, and rate-limiting based on token complexity. The project aims to provide developers with a standardized, community-vetted tool to secure their AI deployments without needing to become deep experts in adversarial machine learning.