Security Test: LLM Endpoint Detection¶
Description¶
Default Severity:
LLM Endpoint Detection is about finding when an application exposes a way to interact with a language model, which can be a hidden door for potential attackers. If developers aren’t careful, these endpoints may allow malicious input that tricks the system into doing unexpected or harmful things, like revealing sensitive data or running unauthorized code. Often, the issue arises when endpoints aren’t properly secured or validated, letting attackers use injection attacks to manipulate how the underlying model behaves. This can lead not only to data breaches but also to broader misuse of the application, especially when developers make assumptions about what kind of input will be received. The danger lies in these overlooked spaces—what seems like a harmless feature can become a gateway for more significant security problems if not treated with caution.
Reference:
Configuration¶
Identifier:
injection/llm_detection
Examples¶
All configuration available:
Compliance and Standards¶
Standard | Value |
---|---|
OWASP API Top 10 | API8:2023 |
OWASP LLM Top 10 | LLM06:2023 |
PCI DSS | 6.5.1 |
GDPR | Article-32 |
SOC2 | CC6 |
PSD2 | Article-95 |
ISO 27001 | A.12.2 |
NIST | SP800-53 |
FedRAMP | SI-3 |
CWE | 200 |
CVSS Vector | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N |