HIGHOWASP LLM Top 10 LLM04:2025
Data and Model Poisoning
Data and model poisoning attacks corrupt the training or fine-tuning data used to build AI models, introducing backdoors, biases, or degraded performance that may go undetected until exploitation. For enterprises, poisoned models can produce systematically wrong outputs, discriminatory decisions, or responses that activate only under specific trigger conditions. Evaluate vendors on their capabilities for training data validation, anomaly detection in model behavior, differential testing against clean baselines, and continuous monitoring for distribution drift. This threat is classified as OWASP LLM Top 10 (LLM03) and is particularly relevant for organizations fine-tuning models on proprietary or crowd-sourced data.