RL Blog

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

AppSec & Supply Chain SecurityJuly 15, 2026

New OWASP tool structures AI threat modeling

Threat Advisor could help teams with AI-specific risks. But a broader AppSec strategy rethink is needed in the AI era.

man in suit
Jaikumar Vijayan, Freelance technology journalistJaikumar Vijayan
FacebookFacebookXX / TwitterLinkedInLinkedInblueskyBlueskyEmail Us
AI threat advisor robot

Organizations looking for a faster and more structured way to threat model their AI systems now have access to an open-source resource designed to help identify security risks before they become exploitable vulnerabilities. 

The OWASP Foundation’s Threat Advisor is an AI-powered assistant that guides users through the threat modeling process by first asking them to describe their AI system and then conducting an interactive interview to identify relevant threats, assess risk, and recommend mitigations. 

The recommendations draw on more than 300 pages of OWASP AI security guidance based on frameworks and standards such as MOSAIC. The free tool, which runs on Google's NotebookLM, is the latest evolution of the OWASP AI Exchange'’s efforts to make AI threat modeling more accessible. 

The new assistant comes as many organizations are struggling to understand and contain new AI-specific risks and vulnerabilities such as prompt injection, supply chain compromise, excessive model privileges, and insecure agent deployments.

Here’s how Threat Adviser works — and how it can work for you.

[ See Webinar: Securing Agentic Development with Forrester ]

Building on OWASP’s AI security guidance

OWASP’s goal is for Threat Advisor to help organizations — especially those with limited resources or AI security expertise — to identify, evaluate, and prioritize those risks in the context of their own environment. They can avoid manually navigating hundreds of pages of documentation because the tool translates OWASP’s guidance into a workflow they can use to help identify the threats most relevant to their specific AI deployment. 

Rob van der Veer, founder of the OWASP AI Exchange, extolled the tool in a recent post on LinkedIn.

“If you are building or deploying AI, use this to get a high level threat model. It is the fastest way to understand your exposure — and where to focus next.”
—Rob van der Veer

A useful guide to starting AI threat modeling

Security experts view Threat Advisor as a useful starting point for AI threat modeling, particularly for organizations lacking dedicated security teams. The tool effectively surfaces many critical AI-specific categories, but the quality of its output will depend heavily on input accuracy and organizational context.

Seemant Sehgal, founder and CEO of BreachLock, said an automated interview can surface relevant controls and map to known threat patterns. 

“The value of a tool like this depends entirely on what the organization brings to it. But it can only reason about what it’s told, and most organizations struggle to articulate their own system boundaries, data flows, and trust assumptions clearly enough to get precise output.”
—Seemant Sehgal

The organizations that likely will benefit most from Threat Advisor, Sehgal added, are those that have practitioners who can validate the output, not those hoping the tool will do the thinking for them.

Experts note that Threat Advisor can fill an important gap by helping organizations begin AI security conversations earlier in the development lifecycle. Jacob Krell, senior director of secure AI solutions and cybersecurity at Suzu Labs, noted that OWASP AI Exchange has more than 300 pages of threat and control guidance that feeds into ISO and EU AI Act frameworks, but most teams deploying AI have never touched any of it. 

“Threat Advisor turns that into a guided conversation you can run in a single sitting. For startups and mid-market companies shipping models without a security function, that’s a real upgrade from ‘we’ll deal with it later.’”
—Jacob Krell

Larger organizations that have AppSec programs will move through Threat Advisor faster, but even those teams tend to have blind spots in AI-specific threat coverage that the tool can help uncover.

Why context matters

There are some caveats. Organizations using the tool should not confuse its automated guidance with a complete threat model. While Threat Advisor can help identify AI-specific risks, teams still need to evaluate those risks within the broader context of their application’s architecture, business objectives, data flows, and existing security controls, said Jeff Williams, founder of OWASP and founder and CTO of Contrast Security.

“It’s a very interesting effort from the volunteers at OWASP, who have been doing a fantastic job at driving AI security forward.”
—Jeff Williams

Williams said Threat Advisor is an early prototype and cautioned that effective threat modeling requires looking beyond AI-specific risks. “The most serious risks aren’t AI-related,” he said, noting that longstanding application security issues such as authentication weaknesses, access control failures, and injection flaws remain just as relevant.

Williams also questioned whether an AI assistant can fully capture the architectural and operational context needed to produce a comprehensive threat model. “It’s really all about context,” he said, adding that organizations often lack a complete understanding of their own technology stack, data flows, trust boundaries, and threat environment. 

That makes it difficult for any single person to answer Threat Advisor’s questions with the level of detail required for precise results. Williams’ advice: Give the AI assistant direct access to the organization’s code repository and technical documentation to help answer the tool’s questions more accurately. He also urges giving great feedback to the Threat Advisor team. “Help make it better,” he said.

An assistant, not the decision maker

While Threat Advisor can help organizations assess their AI-related exposure, experts caution against treating its recommendations as definitive or prescriptive. The tool can help identify what threats apply, but humans still must prioritize risks based on business context, architecture, and actual operational environment. 

For example, said Joshua Marpet, senior product security consultant at Finite State, while AI can efficiently examine logs, behavioral analytics, and other security telemetry in isolation, humans are still better at connecting those findings into a broader understanding of attacker activity.  Since LLM-based assessments are inherently influenced by how users describe their systems, it’s a good idea to run an analysis multiple times with different prompts to help validate and refine the results, he said. 

“Be careful believing it 100%. Not that it’s wrong. Just ask the question several ways.”
—Joshua Marpet

Keel added that because Threat Advisor produces its results as a NotebookLM chat conversation and not as structured data, the recommendations cannot be easily imported into enterprise governance, risk, and compliance tools. Someone has to manually read the output, extract the findings, and enter them into the organization’s risk management system. 

That could lead to valid findings getting shelved because rewriting them as risk register entries feels like doing the work twice, he said. He said organizations need to keep that in mind and treat Threat Advisor appropriately.

“Run it before your architecture decisions harden. Treat the output as a starting point, then bring the threat list to your engineering team and pressure-test it against how your system actually runs in production. Do not let a NotebookLM conversation become your compliance artifact.”
—Jacob Krell

AppSec strategy transformation is critical

While Threat Advisor is a welcome addition to the security arsenal, more needs to be done. Specifically, teams need to modernize there application security (AppSec) approach for the AI era, Doug Levin, a board member at ReversingLabs, wrote recently reality-checking Mythos’ effect on AppSec. “Don’t get distracted by the headlines. Mythos is a milestone, not a destination. Organizations that understand that will come out ahead," he wrote.

"Yes, adversaries are getting an upgrade with AI. But the defensive answer is architectural, not transactional. Smart CISOs and organizations won’t feel compelled to buy the flashiest, [most] cutting-edge AI security product — whether that’s Mythos or the competitors that are already popping up.”
—Doug Levin

Levin wrote that with the next-generation AI, a serious AppSec program isn’t a scanner stack. Instead, it’s a multi-vector reasoning system built on five layers, he advised.

Here are his five recommended layers:

  • Discovery: Use supply chain threat intelligence on open-source packages, and integrate AI-assisted vulnerability research into CI/CD pipelines so that defenders find issues before code ships.
  • Analysis: Employ static analysis, SBOM tracking, and threat intelligence enrichment to give discovery context. Include a final build check on the binary. As Levin noted, SolarWinds, 3CX, and CodeCov were all build-pipeline compromises that source-code analysis missed.
  • Remediation: Accelerate patching with AI, but include human review, since autonomous patching harbors the same hallucination risk as autonomous discovery.
  • Runtime: Upgrade to detection and response tooling that assumes that one-day and even one-hour exploits are the norm and that can reason about code context at runtime.
  • Context: Stitch identity, asset ownership, and blast-radius data across the stack, so response is accurate at speed.

Learn why RL created Spectra Assure Community. And sign up for free to start building more secure software today.

Keep learning

  • Take a deep dive into ClickFix with RL's new report, and join the webinar to learn more about the attack technique. Plus: Get RL's open-source YARA rule.
  • Learn how Gartner® named RL a supply chain security 'Visionary.' Download: Gartner® Magic Quadrant™ for Software Supply Chain Security.
  • Get up to speed on the Agentic Development Security tools landscape in this webinar with Forrester Sr. Analyst Janet Worthington.
  • Understand the state of software security with RL's Software Supply Chain Security Report 2026. Plus: See the the webinar discussing the findings.

Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.

Plus: Join the free Spectra Assure Community today to get hands-on with RL's binary analysis-based software supply chain security platform.

Tags:AppSec & Supply Chain SecurityArtificial Intelligence (AI)/Machine Learning (ML)

More Blog Posts

AI-BOM minimum requirements

AI-BOM push borrows from the SBOM playbook

The Institute for Security and Technology's 'Driving AI Transparency' policy paper makes the case for AI-BOM minimum requirements.

Learn More about AI-BOM push borrows from the SBOM playbook
AI-BOM push borrows from the SBOM playbook
5 takeaways

2026 Gartner® Magic Quadrant™ for Software Supply Chain Security: 5 takeaways

The Magic Quadrant™ for Software Supply Chain Security is a 45-minute read. Here's what we feel security leaders need to pull from it.

Learn More about 2026 Gartner® Magic Quadrant™ for Software Supply Chain Security: 5 takeaways
2026 Gartner® Magic Quadrant™ for Software Supply Chain Security: 5 takeaways
OSS security

Should frontier AI firms fund OSS ecosystem security?

With a ‘vulnpocalypse’ expected, AppSec leaders are calling for the companies to invest in a Great Refactor Fund to secure open source.

Learn More about Should frontier AI firms fund OSS ecosystem security?
Should frontier AI firms fund OSS ecosystem security?
Agentic AI architecture

Agentic AI risk isn't a model problem. It's an architecture problem.

Agentic AI is moving the perimeter from components to data — and most strategies aren't built for that.

Learn More about Agentic AI risk isn't a model problem. It's an architecture problem.
Agentic AI risk isn't a model problem. It's an architecture problem.

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top
The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabs
ReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu