OWASP GenAI Security Project (genai.owasp.org)

The OWASP GenAI Security Project, a community-driven, expert-led open-source initiative, has released a suite of resources to help organizations identify, prioritize and mitigate security and safety risks in generative AI deployments. The headline deliverable is Threat Defense COMPASS 1.0 (with a companion RunBook): a unified “AI Threat Resilience Strategy” dashboard that consolidates threats, vulnerabilities, defenses and mitigations into an operational playbook security teams can use to assess risk across LLM and GenAI applications. Complementing COMPASS are a Solutions Landscape for the LLM/GenAI lifecycle (DevOps–SecOps focus), an Agentic AI taxonomy and tooling guidance, plus an incident & exploit round‑up for Q2 2025 — all published as freely available guidance. For the AI/ML community this centralization matters: it standardizes threat models (prompt injection, data leakage, model poisoning, agentic misuse, supply‑chain risks), provides prescriptive runbooks to operationalize mitigation in SecOps workflows, and maps vendor/tooling options across the ML lifecycle. Strategic partnerships (e.g., CyberRisk Alliance) and global events — from a Dubai summit/hackathon to OWASP Global AppSec — aim to drive adoption, community vetting and training. Technically, COMPASS and the Solutions Landscape make it easier to integrate threat controls into CI/CD and runtime pipelines, inform governance/compliance decisions, and accelerate secure GenAI rollouts.