
News, news analysis, and commentary on the latest trends in cybersecurity technology.
Bugcrowd Announces Vulnerability Ratings for LLMsBugcrowd Announces Vulnerability Ratings for LLMs
The update to the company's Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models.
December 20, 2023

Bugcrowd has updated its Vulnerability Rating Taxonomy (VRT) with a new rating system to categorize and prioritize vulnerabilities in large language models (LLMs).
Launched in 2016, VRT is an open source initiative that standardizes how vulnerabilities are classified. Used by Bugcrowd and its ecosystem of customer organizations and vulnerability researchers, the VRT provides a framework for assessing the severity of cybersecurity risks. VRT establishes a baseline technical severity rating for common vulnerability classes, considering potential variations in edge cases.
The latest VRT update was partly inspired by the OWASP Top 10 for Large Language Model Applications, according to the company. With this rating system, Bugcrowd's community of vulnerability researchers can focus on hunting for specific vulnerabilities and creating targeted proofs of concept, while program owners with LLM-related assets can design project scoping and rewards that produce the best outcomes, the company said.
“Although AI systems can have well-known vulnerabilities that are found in common web applications, AI technologies like LLMs have introduced unprecedented security challenges that our industry is only beginning to understand and document,” said Casey Ellis, founder and chief strategy officer of Bugcrowd, in a statement.
You May Also Like
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025