LLM04:2025Data & Model Poisoning
Slide 22 of 27
Part 4 · PreventionSlide 22
Slide 22 · Mitigation 4 of 6
Lock down who and what can feed the model.
📄 OWASP LLM Top 10:2025 · LLM04 Prevention — Access & Curation
OWASP — Access & Curation
Infrastructure Controls + Curated Datasets
What OWASP Says

“Ensure sufficient infrastructure controls to prevent the model from accessing unintended data sources.” Tailor models with specific, curated datasets for fine-tuning.

Where a Real Case Shows the Gap

Poison needs a path into your data. Loose infrastructure permissions and raw, uncurated fine-tuning sets are exactly that path.

How to Do This Right

→ Restrict which data sources the training pipeline is allowed to reach
→ Fine-tune on curated, reviewed datasets — not raw scrapes
→ Apply least privilege to data stores and pipeline service accounts

How to Validate

List every data source your training job can read. If it's more than you can audit by hand, scope it down until you can.

← BackNext → Adversarial testing
📄 View sources for this lesson