OWASP LLM Top 10 guides monday.com teams on AI security risks
OWASP's LLM Top 10 turns AI security into a workplace checklist, and monday.com's own controls show why access, data handling, and governance matter.

The fastest way to misunderstand AI risk at monday.com is to treat it as a model problem. OWASP’s LLM Top 10 pushes the conversation back to the application layer, where input handling, context management, tool access, output checks, and governance decide whether an AI feature helps a team or leaks its data.
Why OWASP belongs in monday.com's AI playbook
OWASP says the project started in 2023 as a community-driven effort, and it now sits inside the broader GenAI Security Project, which covers large language models, agentic AI systems, and AI-driven applications. The group has also grown far beyond a small security circle, with hundreds of contributors and thousands of active members. That scale matters inside a company like monday.com, where AI is no longer an experiment on the side but part of the product surface, the admin console, and the sales conversation.
The 2025 version of the Top 10, published in late 2024, matters because it reflects how quickly the threat landscape has matured. OWASP is not warning teams about theoretical risks. It is describing the same failure modes product, engineering, and operations leaders run into when they put AI into real workflows: manipulated inputs, weak validation, poor access boundaries, and governance gaps that show up only after the feature is already live.
The risks are in the workflow, not just the model
For monday.com engineers, the key lesson is that a model can be secure on paper and still become dangerous inside an application. Crafted inputs can manipulate an LLM into exposing information it should not reveal, taking the wrong action, or producing output that downstream systems trust too much. OWASP’s framing makes one thing plain: weak output validation can lead to data exposure, bad decisions, and even code execution if an AI system is wired into the wrong tools without guardrails.
That is why prompt injection and over-permissioning matter so much in a work platform. If AI assistants, agents, or autonomous workflows can see more than the user should, or can act with broader permissions than intended, the system becomes a shortcut for accidental leaks and deliberate abuse. In everyday terms, that can mean a chatbot summarizing the wrong private material, an agent pulling from the wrong context, or an automated action crossing a boundary that human admins expected to hold.
- What data can the model see?
- What context gets attached to a request?
- Which tools can the system call?
- What happens when output is wrong, incomplete, or malicious?
- Who approves the AI’s reach across the account?
OWASP’s guidance is useful because it turns a vague fear into specific questions teams can test:
Those are product decisions, but they are also IT and operations decisions. Once AI is embedded in a workflow tool, the blast radius is no longer limited to the model team.
How monday.com's own AI posture fits the checklist
monday.com describes monday AI as an AI work platform with embedded AI assistants, AI agents, and autonomous workflows. That matters because the company is not talking about a single chatbot. It is describing AI that can sit inside the flow of work, which makes security controls much more important than a polished demo screen.
The company says its AI features do not override existing access permissions. That is the right baseline for a work platform, because the biggest operational mistake in enterprise AI is often not a model hallucination but a permissions failure. If the AI cannot see data a user should not see, it is harder for that data to leak through a prompt, a summary, or an automated action.
monday.com also says it does not use customer input or output to train machine-learning models, and does not allow others to do so. For customers worried about sensitive project details, sales notes, staffing information, or operational planning entering a broader training pipeline, that statement helps answer a question that increasingly comes up in procurement reviews.
The trust story extends to infrastructure as well. monday.com says its data is encrypted in transit with TLS 1.3 and at rest with AES-256. It also has an AI governance area for Enterprise customers that lets admins control access to AI features, review AI credit usage, set usage limits, and manage AI access across the account. That is where OWASP’s guidance becomes practical. A checklist about input handling and tool use is useful, but it becomes enforceable only when admins can actually limit exposure, watch usage, and decide who gets access to what.
The company’s security and privacy FAQs also note that its security team is led by its CISO. That matters because AI governance only works when one team owns the policy and can press it into product, infrastructure, and account administration. Without that kind of ownership, the gap between what a company says about AI and what employees can actually do inside the platform tends to widen fast.
What each team at monday.com should take from it
For engineers, OWASP is a reminder to treat AI features like any other high-risk application layer. Test what happens when users feed the system crafted prompts, mismatched context, or inputs that try to bend the model into exposing data or taking an unintended action. Focus on permissions, validation, and tool boundaries, not just model quality.
For product managers, the Top 10 is a design checklist. If a feature can summarize, automate, route, or generate content, ask what happens when the underlying data is sensitive, incomplete, or deliberately adversarial. The goal is not to slow shipping. It is to make sure the feature is safe enough to survive contact with enterprise customers.
For sales teams, OWASP gives a common language for procurement conversations. When a customer asks whether monday.com’s AI features respect access controls, avoid training on customer data, and support admin governance, the answers are concrete. That can shorten security reviews and make the company sound less like it is selling AI for its own sake and more like it understands how enterprises actually buy software.
The larger point is simple. In a work platform, AI security is not a specialist topic tucked away from the business. It is part of how the product is built, sold, and governed. OWASP’s LLM Top 10 makes that impossible to ignore, and monday.com’s own AI controls show that the companies moving fastest on AI are also the ones that have to answer the hardest questions about who can see, who can act, and what the system is allowed to do.
This article was produced by Prism’s automated news system from verified source data, official records, and press releases, then run through automated quality and moderation checks before publishing. The system is built and supervised by the people who set the standards it runs under. Read our full AI policy.
Did this article answer your question?


