LLM04:2025Data & Model Poisoning
Slide 20 of 27
Part 4 · PreventionSlide 20
Slide 20 · Mitigation 2 of 6
Treat data vendors like code dependencies.
📄 OWASP LLM Top 10:2025 · LLM04 Prevention — Supplier Vetting
OWASP — Supplier Vetting
Vet Suppliers & Validate Outputs
What OWASP Says

“Vet data vendors rigorously, and validate model outputs against trusted sources to detect signs of poisoning.”

Where a Real Case Shows the Gap

The web-scale attacks (Carlini) exploited blind trust in public datasets. Validating outputs against trusted references is what catches a model whose “facts” have quietly drifted.

How to Do This Right

→ Rigorously vet every dataset and model supplier before adoption
→ Cross-check model outputs against known-good references
→ Prefer stable, reputable sources (NVD, OWASP, primary publishers) over whatever is convenient

How to Validate

Ask the model something you can independently verify. If its answer silently disagrees with a trusted source and nothing flags it, output validation is missing.

← BackNext → Sandboxing & detection
📄 View sources for this lesson