ChaptersEventsBlog
Share how your organization is preparing for the agentic shift in identity governance. Take the Securing AI Agents Survey by October 10 →

Download Publication

CSA Large Language Model (LLM) Threats Taxonomy
CSA Large Language Model (LLM) Threats Taxonomy

CSA Large Language Model (LLM) Threats Taxonomy

Release Date: 06/10/2024

Working Group: AI Safety

This document aims to align the industry by defining key terms related to Large Language Model (LLM) risks and threats. Establishing a common language reduces confusion, helps connect related concepts, and facilitates more precise dialogue across diverse groups. This common language will ultimately assist the advancement of Artificial Intelligence (AI) risk evaluation, AI control measures, and responsible AI governance. This taxonomy will also support additional research within the context of CSA’s AI Safety Initiative

Key Takeaways:
  • Define the assets that are essential for implementing and managing LLM/AI systems
  • Define the phases of the LLM lifecycle
  • Define potential LLM risks
  • Define the impact categories of LLM risks
Download this Resource

Bookmark
Share
Related resources
Analyzing Log Data with AI Models to Meet Zero Trust Principles
Analyzing Log Data with AI Models to Meet Zero ...
Agentic AI Identity and Access Management: A New Approach
Agentic AI Identity and Access Management: A Ne...
Secure Agentic System Design: A Trait-Based Approach
Secure Agentic System Design: A Trait-Based App...
From Compliance to Culture: What CISOs Need to Know About Evolving SAT
From Compliance to Culture: What CISOs Need to Know About Evolving SAT
Published: 10/02/2025
AI Log Analysis for Event Correlation in Zero Trust
AI Log Analysis for Event Correlation in Zero Trust
Published: 09/26/2025
RiskRubric: A New Compass for Secure and Responsible Model Adoption
RiskRubric: A New Compass for Secure and Responsible Model Adoption
Published: 09/18/2025
Fortifying the Agentic Web: A Unified Zero Trust Architecture Against Logic-Layer Threats
Fortifying the Agentic Web: A Unified Zero Trust Architecture Again...
Published: 09/12/2025
Cloudbytes Webinar Series
Cloudbytes Webinar Series
January 1 | Virtual

Acknowledgements

Dennis Xu
Dennis Xu
VP Analyst @ Gartner

Dennis Xu

VP Analyst @ Gartner

Rakesh Sharma
Rakesh Sharma
Security Architect

Rakesh Sharma

Security Architect

David Gee
David Gee
CIO, CISO, Board Risk Advisor, Author & NED

David Gee

CIO, CISO, Board Risk Advisor, Author & NED

 David brings over 25 years of distinguished C-suite leadership to the boardroom, seamlessly blending cybersecurity expertise with strategic technology vision. His global career spans executive leadership, digital transformation, and risk governance across diverse markets and industries. Drawing from his operational experience at the highest levels, he brings invaluable perspective on technology strategy, cyber resilience, data/AI and ...

Read more

Avishah Bar
Avishah Bar
Senior Security Architect at CyberArk

Avishah Bar

Senior Security Architect at CyberArk

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Michael Roza is a seasoned risk, audit, control and compliance, and cybersecurity professional with over 20 years of experience across multinational enterprises and startups. As a Cloud Security Alliance (CSA) Research member for over 10 years, he has led and contributed to more than 140 CSA projects spanning Zero Trust, AI, IoT, Top Threats, DecSecOps, Cloud Key Management, Cloud Control Matrix, and many others.

He has co-chaired...

Read more

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training