Bugcrowd Announces Vulnerability Ratings for LLMs

We Keep you Connected

Bugcrowd Announces Vulnerability Ratings for LLMs

News, news analysis, and commentary on the latest trends in cybersecurity technology.
The update to the company’s Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models.
December 20, 2023
Bugcrowd has updated its Vulnerability Rating Taxonomy (VRT) with a new rating system to categorize and prioritize vulnerabilities in large language models (LLMs).
Launched in 2016, VRT is an open source initiative that standardizes how vulnerabilities are classified. Used by Bugcrowd and its ecosystem of customer organizations and vulnerability researchers, the VRT provides a framework for assessing the severity of cybersecurity risks. VRT establishes a baseline technical severity rating for common vulnerability classes, considering potential variations in edge cases.
The latest VRT update was partly inspired by the OWASP Top 10 for Large Language Model Applications, according to the company. With this rating system, Bugcrowd's community of vulnerability researchers can focus on hunting for specific vulnerabilities and creating targeted proofs of concept, while program owners with LLM-related assets can design project scoping and rewards that produce the best outcomes, the company said.
“Although AI systems can have well-known vulnerabilities that are found in common web applications, AI technologies like LLMs have introduced unprecedented security challenges that our industry is only beginning to understand and document,” said Casey Ellis, founder and chief strategy officer of Bugcrowd, in a statement.
You May Also Like
2024 API Security Trends & Predictions
What’s In Your Cloud?
Everything You Need to Know About DNS Attacks
Black Hat Asia – April 16-19 – Learn More
Black Hat Spring Trainings – March 12-15 – Learn More
Cyber Resiliency 2023: How to Keep IT Operations Running, No Matter What
Cisco Bets Big on Multicloud Security With Isovalent Deal
ISAs and the Dawning Hardware Security Revolution
Bugcrowd Announces Vulnerability Ratings for LLMs
Smartphones That Help You Bust Out of the Android/iOS Ecosystem
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

TNC

LET US MANAGE YOUR SYSTEM
SO YOU CAN RUN YOUR BUSINESS

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE