About This Project

What is this?

The GenAI Security Literature Review is a comprehensive, community-driven, auto-updating database of research, standards, tools, and resources related to the security of Large Language Models (LLMs) and AI systems.

Currently tracking 100 resources across 46 categories in 8 domains.

How It Works

Auto-Discovery

A weekly GitHub Action queries academic APIs (arXiv, Semantic Scholar, CrossRef) for new LLM security publications. New entries are submitted as pull requests for human review before merging into the database.

Human Curation

Every entry is categorized using our taxonomy, mapped to relevant security frameworks (OWASP, NIST, MITRE ATLAS, ISO 42001), and tagged. Entries can be community-submitted via GitHub Issues.

Quality Signals

Entries marked as "reviewed" have been vetted by a human. Citation counts, open-access status, and venue information help you prioritize what to read.

Coverage

We cover the full LLM/AI security landscape:

Attacks & Threats

Offensive techniques and threat vectors targeting LLM and AI systems

Defenses & Mitigations

Defensive techniques and countermeasures for LLM security

Privacy

Privacy-preserving techniques and data protection for AI systems

Governance & Compliance

Policy, regulation, and organizational governance for AI security

Red Teaming & Evaluation

Offensive security testing and evaluation methodologies for AI

Infrastructure & Deployment

Secure deployment patterns and infrastructure security for AI systems

Agentic AI Security

Security specific to autonomous AI agents and multi-agent systems

Surveys & Meta

Survey papers, meta-analyses, and cross-cutting resources

Framework Mappings

Every entry is mapped (where applicable) to these security frameworks:

  • OWASP Top 10 for LLM Applications -- the most widely adopted LLM security standard
  • OWASP Top 10 for Agentic AI -- security risks specific to autonomous AI agents
  • MITRE ATLAS -- adversarial tactics, techniques, and case studies for AI systems
  • NIST AI RMF -- the US government's AI risk management framework
  • ISO/IEC 42001 -- international standard for AI management systems

Contributing

We welcome contributions from the community:

Submit a Resource View on GitHub

Maintainer

Emmanuel Guilherme (@emmanuelgjr) -- OWASP contributor and GenAI data security researcher.

Licensed under the MIT License.