Score 70–7914 domainsCredential
AIPSA Associate
Demonstrates foundational knowledge across AI Product Security domains.
Recommended for Practitioners getting started
Domain coverage
14 domains
Recommended for
Practitioners getting started
AI Product Security Assessment - Practitioner Verification
Practitioner Verification
Four levels benchmark individual knowledge across all AI Product Security domains. From foundational awareness through expert mastery, each verification record is issued through a defined assessment and can be verified publicly where applicable.
14 domainsPublic verificationScore-based levelsRenewable records
Credential preview
Domains checked
14 domains
Public verification
Enabled
Issue date
2026-01-15
Expiry date
2028-01-15
Four-level ladder
Associate70–79
Practitioner80–89
Advanced90–94
Distinguished95–100
Badge families
AIPSA badges span individual assessment records, program marks, evidence marks, and lab completion badges.
Badge Catalog is broader than the practitioner ladder. It includes the credential system, consultant marks, organizational badges, scoped evidence marks, and lab domain badges.
4 marks
Practitioner Credentials
Individual knowledge credentials issued after a scoped AIPSA-aligned assessment.
AIPSA AssociateAIPSA PractitionerAIPSA AdvancedAIPSA Distinguished
2 marks
Consultant Credentials
Issued to practitioners authorized to conduct or support AIPSA-aligned assessment work.
AIPSA ConsultantAIPSA Assessment Lead
3 marks
Program Badges
Organizational maturity badges issued after scorecard assessment.
AIPSA Program: ManagedAIPSA Program: MeasuredAIPSA Program: Adaptive
4 marks
Evidence Marks
Scoped process badges issued after adversarial testing or evidence review.
AIPSA AssessedAIPSA TestedAIPSA Evidence PackAIPSA Verified Controls
5 marks
Lab Badges
Domain completion badges earned through AIPSA Labs scenario tracks.
Prompt InjectionRAG AuthorizationAgentic PermissionsDetection EngineeringGovernance Evidence
Credential levels
Four levels benchmark individual knowledge across all AI Product Security domains.
The level ladder is intentionally compact and comparable. Each card uses a fixed badge stage so the credential medallion stays crisp, balanced, and easy to scan.
Score 80–8914 domainsCredential
AIPSA Practitioner
Proficient understanding of AI Product Security and practical application.
Recommended for Security engineers, analysts, builders
Domain coverage
14 domains
Recommended for
Security engineers, analysts, builders
Score 90–9414 domainsCredential
AIPSA Advanced
Advanced knowledge and ability to design, assess, and improve AI security controls.
Recommended for Security leads, senior engineers, architects
Domain coverage
14 domains
Recommended for
Security leads, senior engineers, architects
Score 95–10014 domainsCredential
AIPSA Distinguished
Expert-level mastery across domains and leadership in AI Product Security.
Recommended for Leaders, advisors, consultants, researchers
Domain coverage
14 domains
Recommended for
Leaders, advisors, consultants, researchers
Assessment coverage
All 14 AI Product Security domains are assessed.
The domains are grouped for readability, but the assessment covers the full set. That keeps the catalog legible without hiding scope.
Domain group
Inventory & Architecture
What AI systems exist, how they're connected, who controls them, and where the trust boundaries are.
InventoryArchitecture & Trust BoundariesModel & Provider Risk
Domain group
Adversarial Testing
Whether adversarial inputs, manipulation, and prompt injection are modeled, tested, and measured over time.
Threat ModelingPrompt InjectionEvaluation & Regression Testing
Domain group
RAG & Data Authorization
Whether retrieval systems enforce proper authorization, and whether data exposure is controlled end to end.
RAG AuthorizationData Exposure & PrivacyAI Supply Chain
Domain group
Agentic Permissions
Whether agentic systems are constrained to the actions they need, with proper guardrails on tool use.
Agentic PermissionsTool AuthorizationWorkflow Boundaries
Domain group
Detection & Incident Response
Whether AI systems produce actionable telemetry, and whether teams can detect and respond to AI-specific incidents.
Logging & TelemetryDetection EngineeringIncident Response
Domain group
Governance Evidence
Whether AI security is documented, auditable, and integrated into delivery — not just asserted.
Governance EvidenceCustomer TrustSecure AI SDLC
Career outcomes
Who holds AIPSA credentials.
AIPSA is designed around the NIST NICE workforce framework — mapped to real job titles that appear in security engineering, product, and AI teams at regulated and high-growth companies.
AI Security Engineer
Owns threat modeling, defense controls, and security review for AI products. Maps to NICE work roles SP-DEV-001 and SP-DEV-002.
Product Security Architect
Designs security-by-default into AI systems, data pipelines, and model APIs. Key for LLM-based platforms under NIST AI RMF.
ML Red Team / AI Pen Tester
Specializes in adversarial attacks on AI systems — prompt injection, indirect injection, model extraction, supply chain.
AI Governance Lead
Builds and operates AI risk programs aligned to EU AI Act, NIST AI RMF, and ISO/IEC 42001. Evidence domain is core.
Security Consultant (AI Practice)
Sells and delivers AI security reviews, red-team engagements, and policy work to clients. Credential validates practice-area depth.
Staff / Principal Security Engineer
Generalist senior IC who needs credible AI security depth alongside their traditional infrastructure and AppSec skills.
AIPSA domains are mapped to the NIST NICE Cybersecurity Workforce Framework (NIST SP 800-181 Rev. 1) and NIST AI Risk Management Framework (AI RMF 1.0). View domain coverage →
How it works
Structured like an assessment. Issued like a credential.
The process is intentionally short, legible, and repeatable: take the assessment, compute the score, issue the level, and verify the credential publicly.
01
Take the assessment
A structured exam covering all 14 AIPSA domains. Approximately 60–90 minutes.
control step
02
Score is calculated
Domain-weighted scoring across knowledge and applied reasoning questions.
control step
03
Credential issued
Score determines your level. Credential includes a verifiable ID and expiry date.
control step
04
Verify & share
Every credential is publicly verifiable /aipsa/verify.
control step
Verification and sharing
Built to verify. Designed to share.
Every public credential should answer what was earned, what domains were covered, when it was issued, how it was scored, and what it does not claim.
Credential holder
AIPSA Demo Holder
Credential type
Practitioner credential
Score band
95-100
Domains covered
14 domains
Issue date
2026-01-15
Expiry date
2028-01-15
Credential ID
AIPSA-C-2026-001
Verify link
/aipsa/verify/AIPSA-DEMO-2026
What verification answers
- What level was earned
- What domains were covered
- When it was issued and when it expires
- Which credential ID should be checked
- What the credential does not claim
Next step
Ready to get certified?
Start with the AIPSA training assessment to see where you stand across every AI Product Security domain.
AIPSA verification records confirm completion of a scoped assessment, lab path, or evidence review where issued. They do not certify that any product, organization, or system is free of vulnerabilities.