Frameworks & Standards

Open-source framework for AI security controls, governance, and threat classification maintained by OWASP.

Tactical classification of adversary behavior and TTPs against AI systems, maintained by MITRE.

Taxonomy of the ten most critical LLM security risks including prompt injection and insecure output handling.

International standard providing guidelines for AI system security management and risk assessment.

Cross-reference engine mapping security standards and controls across OWASP, NIST, ISO, and more.

OWASP framework for identifying threats across analytical, discriminative, and generative AI systems.

Enterprise governance framework providing a structured approach to building AI security programs.

Architectural defense pattern using separate privileged and quarantined LLMs to prevent injection attacks.

Open-source taxonomy classifying prompt injections across intent, technique, evasion, and input vectors.

OWASP framework for managing vendor and model risk across the AI supply chain lifecycle.

OWASP methodology and tool guidance for systematic AI security testing and evaluation.

OWASP guidance on data protection and GDPR compliance for AI systems processing personal data.

OWASP framework covering training data integrity threats and defenses during model development.

OWASP classification of input-based evasion attacks that manipulate AI decision boundaries.

OWASP summary of essential AI security principles and minimum viable controls.

Cisco's integrated safety and security taxonomy for classifying AI defense requirements.

Framework for building correlated attack chain detections across multiple AI security signals.

Multi-dimensional benchmark for evaluating LLM agent performance and security characteristics.

Taxonomy mapping LLM attack types to specific remediation strategies.

MIT-maintained risk mapping framework covering AI security threats across deployment scenarios.