AI Posture Check Take the Check
LLM10 · OWASP LLM Top 10

Unbounded Consumption (LLM10)

An LLM service is consumed in ways that drive cost, latency, or availability problems. Includes denial-of-wallet attacks, resource exhaustion, and model-extraction-style heavy querying.

Examples

  • An attacker scripts unlimited free-tier queries that drive vendor cost spikes.
  • A poorly-designed agent recursively calls itself, exhausting tokens.
  • Model-extraction querying that aims to reproduce a competitor's fine-tuned model.

Recommended controls

  • Rate limiting at user, IP, and tenant level
  • Cost monitoring and budget alerts
  • Anomaly detection on query patterns
  • Authentication on all AI endpoints

Posture Check checkpoint

Posture Check questions Q21–Q25. Affects Runtime.

Score yourself against this framework.

The AI Posture Check is a free 30-question self-assessment that maps your gaps directly to OWASP LLM Top 10, NIST AI RMF, and ISO 42001.

Take the AI Posture Check
Need help operationalizing this?

Talk to a CWS engineer about your AI security program.

Schedule a Discovery Call to scope a Standard Audit or Enterprise Program.

Schedule a Discovery Call