OWASP 2024 Global AppSec San Francisco

Compromising AI infrastructure can have devastating consequences, making it a prime target for attackers. Often, a simple misconfiguration or vulnerability in AI applications is all it takes to compromise the entire system. Many developers are not fully aware of the threat landscape and end up deploying vulnerable AI infrastructures. Traditional pentesting tools like DVWA and bWAPP have helped the infosec community understand popular web attack vectors, but there is a gap when it comes to AI environments. In this talk, we introduce AI Goat, a deliberately vulnerable AI infrastructure featuring vulnerabilities based on the OWASP AI Top 10. AI Goat mimics real-world AI applications but includes added vulnerabilities, providing security enthusiasts and pen-testers with an easy-to-deploy and destroy platform to learn how to identify and exploit AI vulnerabilities. The deployment scripts will be open-source and available after the talk.