161 TOOLS · OWASP LLM + AGENTIC TOP 10 · MIT

Security controls
for your AI stack,
indexed by risk.

The OWASP LLM & Agentic Top 10 describe what can go wrong. Yuntona is the practitioner-curated map from each risk to the specific tools that address it.

Browse directoryExplore knowledge graph
161
tools
20
risks
11
categories
233
tags
yuntona · search
⌘K
riskLLM01stageproduction24 results
01
PromptArmorprod
Runtime prompt-injection firewall
LLM01LLM07
02
Lakera Guardprod
Policy-based LLM input/output scanner
LLM01LLM05
03
NeMo Guardrailsprod
Programmable guardrails (Colang)
LLM01LLM06
04
Rebuffprod
Self-hardening prompt injection detector
LLM01
navigate open/ filteryuntona.ai
Coverage

Every OWASP risk, mapped to the tools
that actually address it.

Twenty risk categories. 161 tools. Every cell below is a live filter — one click takes you to the tools that cover that specific risk.

LLM01Prompt Injection
53 toolsLLM02Sensitive Information Disclosure
46 toolsLLM03Supply Chain
19 toolsLLM04Data & Model Poisoning
13 toolsLLM05Improper Output Handling
18 toolsLLM06Excessive Agency
51 toolsLLM07System Prompt Leakage
41 toolsLLM08Vector & Embedding Weaknesses
37 toolsLLM09Misinformation
19 toolsLLM10Unbounded Consumption
8 tools
· Counts updated 2026-04-22· v1.7.0· Tools may address multiple risks
How it works

Three paths from risk to tool.

Start from whatever you already know — a specific OWASP risk, a plain-English question, or no starting point at all.

01

Filter by risk

Toggle between LLM Top 10 and Agentic Top 10. Pick a risk. Directory instantly filters — tools grouped by category with counts.

filter risk:LLM01
stage production
result 24 tools
02

Natural language

Plain English. "Tools for supply chain scanning in CI." Parser extracts filters, returns ranked results from the full directory.

query "scan models in CI"
parsed risk:LLM03 stage:ci
result 9 tools
03

Explore the graph

Every tool, risk, and lifecycle stage as an interactive network. Click a node, see its connections. Coverage clusters and defence gaps at a glance.

nodes 161 + 20 + 8
edges 642
layout force-directed
Where Yuntona sits

Between awesome-lists and analyst reports.

Free and open like the first. Individually evaluated and structurally mapped like the second. Accountable to one named practitioner either way.

Awesome-lists
Crowd-sourced
Cost Free
Structure Flat links
Risk mapping None
Search / filter None
Accountability Community
Freshness Drift after fork
Yuntona
Practitioner-curated
Cost Free · MIT
Structure Evaluated entries
Risk mapping LLM + Agentic Top 10
Search / filter Plain English + filters
Accountability Named maintainer
Freshness Continuous
Analyst reports
Paywalled snapshots
Cost £££
Structure PDF chapters
Risk mapping Often
Search / filter No
Accountability Institution
Freshness Months
Curator

Single-maintainer accountability.

Every assessment reflects one expert's informed judgement — not crowd-sourced voting, not vendor self-submission.

FB Fabio Baumeler
Maintainer
Fabio Baumeler
Third-Party Cyber Risk Lead · UK Financial Conduct Authority
CISSPMSc Info Security · Royal HollowayGCHQ-certified10+ yrs SOC · infosec · regulation

Built Yuntona to close the gap between AI security frameworks and the tools that operationalise them. Every decision — inclusion, exclusion, risk mapping — traceable to one accountable reviewer.

LinkedIn ↗GitHub ↗Methodology ↗
FAQ

Questions practitioners ask.

Before you commit to trusting a curated list, you want to know who put it together and how.

Three: (1) addresses a real risk in the generative or agentic AI stack, (2) operational or near-operational (no vaporware), (3) offers capability not already covered. Discovery from OWASP WGs, conferences, practitioner networks, primary research. Duplicates without differentiation are excluded.
MIT licensed. No login, no paywall, no sign-up wall. Source on GitHub — fork it, audit it, open a PR.
Discovery is practitioner-led. OWASP risk mappings use LLMs as an analytical engine — the schema and methodology are human-designed, every output validated against published standards. Human-directed analysis at scale, not crowd-sourced or model-hallucinated classification.
Fabio Baumeler — CISSP, MSc Information Security (Royal Holloway, GCHQ-certified), Third-Party Cyber Risk Lead. Single-maintainer accountability — one expert's judgement, not vendor self-submission or crowd voting.
Continuously updated as tools emerge and mature. Version tagged — currently v1.7.0, 161 tools. Every entry dated; re-reviewed on cadence.
Yes. Suggest a tool via GitHub issue template, report gaps, or open a PR against the YAML source. Vendor submissions welcome but held to the same evaluation bar.

Close the blind spots
in your AI risk coverage.

161 dedicated AI security tools, frameworks and standards. 20 OWASP risks. One search.

Explore directory ★ Star on GitHub
OWASP LLM Top 10 · 2025 · OWASP Agentic Top 10 · 2026 · Open Source · MIT