Lasso Security threat coverage: OWASP LLM Top 10 & MITRE ATLAS (2026)
ActiveLasso Security is a Guardrails / LLM Firewall vendor based in Tel Aviv, Israel. Its flagship product is Lasso GenAI Security platform (Intent Security, AI Red Teaming). Against the OWASP LLM Top 10 (2025) we score it Covered on 3 of 10 risks, Partial on 3, with 6 MITRE ATLAS techniques mapped as of . It's independent.
- 3/10
- Risks covered
- 3
- Partial
- 6
- ATLAS techniques
- —
- Funding
- Active
- Status
At a glance
- Category
- Guardrails / LLM Firewall
- Headquarters
- Tel Aviv, Israel
- Founded
- 2023
- Employees
- 51-200
- Flagship product
- Lasso GenAI Security platform (Intent Security, AI Red Teaming)
- Deployment
- SaaS with runtime proxy/gateway; MCP security for agents
- Best for
- Enterprises wanting full-lifecycle GenAI security from shadow-AI discovery through runtime protection and red teaming
- Funding to date
- Undisclosed
- Last round
- Undisclosed
- Status
- Active
Facts as of .
What does Lasso Security do?
Chases shadow AI across the company, then locks down what it finds with guardrails, red teaming, and MCP protection. It ships as SaaS with runtime proxy/gateway; MCP security for agents, and it's built for enterprises wanting full-lifecycle GenAI security from shadow-AI discovery through runtime protection and red teaming. It's a weaker fit for teams needing source-code SAST/SCA or model supply-chain scanning as the primary need.
Which OWASP LLM Top 10 risks does Lasso Security cover?
Lasso Security's strongest verdict is LLM01Prompt Injection. The two tables below come from our editorial read of Lasso Security's public documentation as of (it's what the docs support, not a hands-on lab test), and this row also sits in the full matrix across all 21 vendors.
| OWASP LLM Risk | What it is | Lasso Security coverage | How it's addressed | Source |
|---|---|---|---|---|
| LLM01 Prompt Injection | User or hidden input overrides the model's rules or intended behavior. | Covered | Runtime detection plus red teaming for prompt injection/jailbreaks (3,000+ attack types). | https://www.lasso.security/platform/ai-red-teaming |
| LLM02 Sensitive Information Disclosure | The model leaks secrets, personal data, or proprietary content in its output. | Covered | Data-leakage detection is a core runtime guardrail and red-team category. | https://www.lasso.security/blog/lasso-agentic-red-teaming |
| LLM03 Supply Chain | Compromised models, datasets, plugins, or dependencies add risk before runtime. | Partial | Agent hardening includes mitigating supply-chain risks and misconfigurations. | https://www.lasso.security/blog/owasp-ai-red-teaming-landscape |
| LLM04 Data and Model Poisoning | Tampered training or fine-tuning data corrupts how the model behaves. | Partial | Addresses tool poisoning in agentic environments. | https://www.lasso.security/blog/owasp-ai-red-teaming-landscape |
| LLM05 Improper Output Handling | Downstream systems trust model output without checking it, enabling injection or code execution. | Partial | Content-moderation/output guardrails at runtime. | https://www.lasso.security/blog/lasso-agentic-red-teaming |
| LLM06 Excessive Agency | An agent holds more permissions, tools, or autonomy than the task needs. | Covered | Intent Security / MCP security addresses tool misuse and privilege escalation in agent chains. | https://www.lasso.security/blog/owasp-ai-red-teaming-landscape |
| LLM07 System Prompt Leakage | The system prompt or the secrets inside it get exposed to users. | Unverified | System-prompt-leakage coverage not explicitly documented. | None found |
| LLM08 Vector and Embedding Weaknesses | Flaws in RAG stores let attackers poison, extract, or infer data. | Unverified | No public detail on vector/embedding coverage. | None found |
| LLM09 Misinformation | The model produces false or fabricated content that users act on. | Unverified | Misinformation/hallucination coverage not explicitly confirmed. | None found |
| LLM10 Unbounded Consumption | Uncontrolled requests drive cost, denial of service, or model extraction. | Unverified | Unbounded-consumption/rate-limit coverage not explicitly documented. | None found |
| ATLAS Technique (ID) | Tactic | Lasso Security coverage | Notes | Source |
|---|---|---|---|---|
| LLM Prompt Injection (AML.T0051) | Initial Access / Execution | Covered | Runtime and red-team prompt-injection coverage. | https://www.lasso.security/platform/ai-red-teaming |
| LLM Jailbreak (AML.T0054) | Defense Evasion | Covered | Jailbreak attack category in red teaming. | https://www.lasso.security/platform/ai-red-teaming |
| LLM Data Leakage (AML.T0057) | Exfiltration | Covered | Data-leakage detection guardrail. | https://www.lasso.security/blog/lasso-agentic-red-teaming |
| LLM Plugin Compromise (AML.T0053) | Execution | Partial | MCP/tool poisoning and misuse addressed in agentic security. | https://www.lasso.security/blog/owasp-ai-red-teaming-landscape |
| Craft Adversarial Data (AML.T0043) | ML Attack Staging | Covered | Automated adversarial red teaming (3,000+ attack types). | https://www.lasso.security/platform/ai-red-teaming |
| External Harms (AML.T0048) | Impact | Partial | Content-moderation guardrails reduce harmful outputs. | https://www.lasso.security/blog/lasso-agentic-red-teaming |
Is Lasso Security independent, and how is it funded?
Lasso Security is an independent company as of . It has raised an undisclosed amount to date. Lead investors: Entrée Capital, Samsung Next.
Lasso Security alternatives
The closest alternatives we track in Guardrails / LLM Firewall are Enkrypt AI, Lakera, NeuralTrust. On the open-source side, Guardrails covers similar ground.
- Lasso Security vs Prompt Security
- Lasso Security vs Enkrypt AI
- Lasso Security vs WitnessAI
- Lasso Security vs Pangea
Frequently asked questions
What is Lasso Security used for?
Lasso Security is a Guardrails / LLM Firewall vendor. Its flagship product is Lasso GenAI Security platform (Intent Security, AI Red Teaming). It ships as SaaS with runtime proxy/gateway; MCP security for agents, and it's built for enterprises wanting full-lifecycle GenAI security from shadow-AI discovery through runtime protection and red teaming.
Is Lasso Security independent or acquired?
Lasso Security is an independent company as of 2026-07-13 and has not been acquired.
How many OWASP LLM Top 10 risks does Lasso Security cover?
We score Lasso Security as Covered on 3 of the ten OWASP LLM Top 10 (2025) risks, with 3 more Partial, as of 2026-07-13. The table on this page breaks down every risk, including the ones marked Not covered or Unverified.
How is Lasso Security deployed?
Lasso Security ships as SaaS with runtime proxy/gateway; MCP security for agents.
What are the best alternatives to Lasso Security?
The closest Guardrails / LLM Firewall alternatives llmthreat tracks are Enkrypt AI, Lakera, NeuralTrust. On the open-source side, Guardrails covers similar ground.