Skip to Main Content

Large Language Model (LLM) Assessment

Simulating AI Attacks and Providing Strategic Roadmaps

AI Penetration Testing Services

Artificial Intelligence (AI) can be used to do many helpful things in everyday life but what happens when it’s prompted to perform a task that attacks security systems? TrustedSec is excited to offer an LLM Assessment service to fill in any gaps that might be overlooked in a traditional penetration test. By using a manual testing process, we provide strategic recommendations to home in on the foundation of the issue and correct the cause of exposure.

Methodology

TrustedSec's Large Language Model (LLM) Assessment is a primarily manual approach targeting the technical security challenges presented by LLMs. The assessment focuses on LLM interactions with web application and web API components.

TrustedSec's approach is to gain an understanding of the attack surface. Manual investigation of the application is performed to identify what inputs the LLM or machine learning (ML) system relies on, including training data, prompts, and reference resource inclusion. TrustedSec continues the discovery process by investigating API interaction and in-band and OOB response behavior and then searches for exposures related to connected business logic and information disclosures. The manual testing process is informed by NIST AI 600-1, and the OWASP LLM Top 10 typically includes, but is not limited to, the following:

  • Data poisoning or attempts to inject malicious data into the training or retraining to attempt to control model outputs
  • Model inversion or use of response correlation to derive sensitive data that may have been present in system prompt inputs or training data
  • Discovery of confidentiality violations through adversarial prompting
  • Attempting to trigger authorization violations through adversarial prompting, including resource manipulation, targeted attacks leveraging excessive agency, and API integration weaknesses
  • Indirect prompt and inline markup attacks, which attempt to insert attacker-controlled tokens via included resources that will be treated as part of a victim's prompt inputs
  • Evasion attacks, sometimes referred to as jailbreaks, that include the crafting of inputs specifically designed to bypass model restrictions, such as generating negative content about first-party products and services
  • Request forgery and related web technology attacks designed to identify weaknesses in API integrations

Strategic Recommendations

Organizations typically focus efforts on the Technical Findings from an LLM Assessment. Although Technical Findings are important, fixing the root cause of the issue is a crucial outcome of the assessment. If the root cause of an exposure can be corrected, the longer-term security program will be significantly more successful than if only the Technical Findings are remediated. TrustedSec outlines the root causes in the form of Strategic Recommendations. Where applicable, the Strategic Recommendations outline long, mid, and short-term actions to provide a roadmap for remediating the underlying root cause.

Get Started with an LLM Assessment

Ready to see how your defenses hold up against Artificial Intelligence? Let's talk.

Our research on Artificial Intelligence

TrustedSec experts provide up-to-date information, tools, and tips on the latest in AI.

Webinars July 08 2026

Offense Meets Defense: A Candid Conversation on AI in Detection Engineering

Join TrustedSec and Binary Defense for a candid conversation that brings together offensive and defensive practitioners to explore how AI is reshaping…

Read about this article
Blog July 02 2026

Inheriting the Receipts: Securing the AI Your Company Already Adopted

The work is not new. The speed is. In this blog, we're outlining how existing security pillars apply to the AI your organization has already adopted; no new…

Read about this article
Blog June 25 2026

Large Workflows with Local LLMs

As it turns out, local LLMs have a few opinions about large workflows. In this blog, we walk through the scaling challenges of local LLMs and the custom Python…

Read about this article
Webinars June 03 2026

Attack at Machine Speed: Building an Incident Response Program That Can Keep Up

AI is changing how attackers operate. In this webinar, we cover how to build an Incident Response program that meets modern attacks head-on so your…

Read about this article
Podcasts June 01 2026

Security Noise - The Soap Opera That AI Created

On this episode of Security Noise, we are talking about the metaphorical soap opera that AI created, entertaining the implications of the recent OpenAI trial…

Read about this article
Blog May 19 2026

Coverage-Driven Sustained Testing (CDST): A Graph-Oriented Model for Open-Ended Agentic Workflows

1.1 IntroductionRalph is a solid tool that makes agents do…more. It's defined as: an autonomous AI agent loop that runs repeatedly until all PRD items are…

Read about this article
Blog May 07 2026

GRC in an AI World - Staying in the Fast Lane Without Losing the Race!

Artificial Intelligence (AI) is the new buzz word on the streets. It’s becoming “the best thing since sliced bread” in the IT world and is being used by…

Read about this article
Blog May 05 2026

The Defensive Stack is Exposed: LLMs, Reverse Engineering, and the End of Opaque Defense

Everyone is talking about LLMs finding zero days. That is not the only story. The story is what happens when you point these models at the defensive tools…

Read about this article
Podcasts May 04 2026

Security Noise - All is Not Quiet on the Detection Front

On this episode, we sit down with Carlos Perez and John Dwyer to discuss how AI and automation are fundamentally reshaping defenders' strategies toward threat…

Read about this article
Podcasts April 20 2026

Security Noise - The Game Is Over? Gamification of Infosec

What if learning cybersecurity felt less like a compliance checkbox and more like an adventure? In this episode, we explore how gamification is revolutionizing…

Read about this article