Labs
AI Security Range
AI Security Labs
A productized lab surface for scenario-based validation, evidence capture, and replay-ready reporting.
Turn lab work into a usable product: scenario libraries, tool matrices, evidence bundles, control maps, and a flagship attack-range dashboard.
Lab workbench
Open modules
Atlassian Threat Canvas
AI threat modeling for Jira + Confluence — Jira-ready remediation and evidence
AI Trust Scanner
Public trust intelligence and ATG scorecard
AI Control Crosswalk
OWASP, NIST, ISO/AIMS, ATLAS, and scorecard bridges
SecEng Adversarial Range
Scenario execution, attack-pack coverage, and control-evidence readiness
SecEng Prompt Reviewer
Deterministic prompt policy review and KB corpus scanner — no LLM calls
SecEng RAG Analyzer
Paste RAG pipeline JSON — detects authorization gaps, tenant isolation failures, and over-retrieval
SecEng Agent Permission Analyzer
Analyze agent tool configs for broad scopes, missing approval gates, and unsafe side effects
SecEng Output Safety Tester
Test model output for unsafe HTML, Markdown injection, dangerous tool calls, and leakage
SecEng Injection Harness
12 structured attack probes across 10 categories — record outcomes and export evidence
Scenarios
157
Tool adapters
8
Modules
20
ATLAS techniques
15+
What ships here
Curated lab catalog, range snapshot, public metrics, scenario rows, chart exports, and a clear boundary that the executable runtime remains upstream.
Lab modules
The labs are organized as a product, not a stash of experiments.
AI Control Crosswalk
Unified framework navigation across OWASP LLM Top 10, NIST AI RMF, MITRE ATLAS, and ISO 42001 — with directional cross-framework mappings, evidence prompts, and scorecard bridges.
Cross-framework graph with directional mappings, confidence scores, and public-safe evidence links across 4 frameworks.
AI Trust Scanner
Public website trust intelligence for AI claims, legal clarity, security trust, governance evidence, and cross-page consistency.
ATG public scorecard contract, five public dimensions, required caveats, and a Savvy runtime boundary.
Scorecard Launch Surface
Launch into the public AI Security Scorecard and the organizational AIPSA scorecard when you need the maturity model.
Framework-backed remediation guidance and public-safe scorecard navigation.
Job Navigator
Career onboarding, role targeting, and live AI Security Engineering hiring-signal navigation in one Labs surface.
Thousands of job descriptions indexed and mapped to AI security archetypes, with local profile calibration for candidate navigation.
Career Explorer
Workforce framework navigation for AI security roles, KSAs, competencies, and career pathways.
Mapped to SP 800-181 (Career Explorer) with custom AI security extensions.
LLM Attack Range
Scenario execution, generation/media abuse tracking, and control-evidence readiness in one dedicated product surface.
The flagship product boundary with curated snapshots and public JSON endpoints.
Prompt Security Reviewer
Deterministic prompt policy review across 15 rules: injection resistance, identity anchoring, output handling, secret detection, and RAG context isolation. Includes KB/corpus scanner.
15 deterministic rules, 9-detector secret scanner, corpus scan over arbitrary document sets — no LLM calls.
RAG Security Analyzer
Paste a RAG pipeline JSON config and get instant findings across authorization gaps, tenant isolation failures, over-retrieval, document provenance, and sensitive context exposure.
10 rules covering OWASP LLM03 and LLM06 — authorization, tenant isolation, provenance, retrieval scope, and poisoning risks.
Agent Tool Permission Analyzer
Analyze agent tool configurations for overly broad scopes, missing human-approval gates, unsafe side effects, ambiguous tool descriptions, and privilege escalation paths.
Rules mapped to OWASP LLM06 (Excessive Agency) — write_broad, admin scopes, external transfers, code execution, and identity anchoring gaps.
Output Handling Safety Tester
Paste model output, select the sink type (HTML, Markdown, JSON, tool call, email, DB, code), and get deterministic safety analysis across injection, leakage, and side-effect risks.
8 sink types, 15 output rules mapped to OWASP LLM05 — script tags, event handlers, unsafe links, command fields, and hidden context leakage.
Prompt Injection Test Harness
A structured library of 12 attack probes across 10 categories. Record blocked/detected/degraded/passed outcomes per probe and export a full evidence session as JSON or Markdown.
12 probes: direct/indirect injection, system prompt exfiltration, role confusion, policy bypass, tool misuse, data exfiltration, multilingual and encoding bypasses, Markdown injection, multi-turn setup.
AI Supply Chain & Model Integrity Lab
Review model artifacts, dependency paths, provenance gaps, and poisoning scenarios. Identify integrity weaknesses using existing attack packs without rebuilding the artifact scanner.
Memory & Context Poisoning Lab
Analyze poisoned persistent memory, session history, and context influence in agentic systems. Trace how contaminated entries change downstream decisions.
Data Leakage & Cross-Tenant Exposure Lab
Review tenant data, prompt traces, PII fixtures, and retrieval behavior to identify AI-specific data exposure failures. Interactive evidence builder with localStorage persistence.
Multimodal Injection Lab
Study hidden instructions in images, SVGs, steganographic content, and document-derived context. Design test plans for vision-enabled AI systems.
AI Governance Evidence Lab
Convert AI policy claims, controls, and crawler signals into governance evidence. Build a control evidence matrix with public-safe language.
AI Inventory & System Boundaries Lab
Practice discovering AI providers, model dependencies, data flows, and shadow AI surfaces. Create an AI system inventory artifact for governance and product security.
AI Product Threat Modeling Lab
Use the existing Threat Canvas to produce an AI trust-boundary threat model. Place boundaries, find abuse paths, and assign controls for engineering review.
AI Logging & Forensics Lab
Review AI trace, prompt, completion, retrieval, and tool-use logs. Identify telemetry gaps and produce a forensic evidence chain for AI abuse scenarios.
AI Incident Response & Abuse Operations Lab
Walk through an AI abuse incident, classify the event, preserve evidence, decide escalation, and produce an after-action plan using existing incident drill scenarios.
Learning modules
Hands-on AI security labs.
Prompt Injection Lab
12 structured probes across 10 attack categories. Record outcomes and export evidence.
Open lab →
Prompt Security Lab
Scan system prompts against 15 rule categories — secrets, weak policy, injection risk.
Open lab →
Output Safety Lab
Test model output across 8 dangerous sink types — HTML, Markdown, JSON, tool calls.
Open lab →
Agent Permission Lab
Analyze agent configs for scope creep, missing approval gates, and MCP quality.
Open lab →
RAG Security Lab
Scan RAG pipeline configs for authZ gaps, tenant isolation failures, and poisoning risk.
Open lab →
All labs
Academy Labs hub
Browse all five learning modules with learning objectives, difficulty ratings, and time estimates.
Workforce Readiness Labs
Role readiness, career intelligence, and hiring calibration.
Job Navigator
Job-market intelligence for AI security roles, title normalization, and hiring signals.
Open →
Career Explorer
NIST NICE-aligned role planning extended for AI product security, RAG, agents, and governance.
Open →
Readiness Surveys
Work-style and readiness signals for training orientation, coaching, and interview preparation.
Open →
CORE Interview Practice
Technical and behavioral interview practice for AI security roles.
Open →
Hiring Calibration Lab
Define the role, rewrite the JD, calibrate the interview loop, build scorecards.
Open →
Q&A Credential Bank
Scenario-based knowledge checks across RAG, agents, AI SDLC, governance, and buyer review.
Open →
Flagship products
Adversarial Range and Trust Scanner.
SecEng Adversarial Range
Scenario execution, attack-pack coverage, and control-evidence readiness in one dedicated product surface.
SecEng Trust Scanner
Public website trust intelligence for AI companies, security buyers, and governance teams.
Public assets
Curated data bundle.
Ready
Catalog snapshot
Versioned product catalog for the public labs shell.
Size: 1 JSON file
Ready
Scenario snapshot
Curated scenario rows and control-evidence rollups.
Size: 157 scenario rows
Ready
Overview snapshot
Status, scope, caveat, run window, and data endpoints.
Size: versioned overview
Ready
Metric bundle
Public-safe scorecards and range metrics.
Size: 4 metric cards
Ready
Generation / media rollup
Monthly synthetic-media and prompt-abuse tracking.
Size: 8 monthly rows
Ready
ATG sample scorecard
Public-safe AI Trust and Governance scorecard sample with required caveat.
Size: 1 JSON file
Roadmap
The lab product expands into repeatable validation tracks.
Lab track
Prompt Injection and RAG Security Lab
Direct and indirect prompt injection, retrieval poisoning, context leakage, source attribution, access control, and evidence capture.
Lab track
Agent Security Control Lab
Tool-call authorization, sandboxing, approval gates, telemetry, rollback, audit trails, and blast-radius management.
Lab track
Governance Evidence Lab
Map AI RMF, ISO 42001, OWASP LLM, MITRE ATLAS, and internal policy to engineering artifacts.
Lab track
Model Supply Chain Security Lab
Model provenance, registry controls, artifact integrity, model signing, weights protection, and deployment gates.
Lab track
Hiring Calibration Lab
Role decomposition, JD rewrite, interview scorecards, lab-based screens, and skill matrix design.
Live · controlled environment
Threat Canvas, SecEng Adversarial Range, and Trust Scanner are open for threat modeling, testing, and evidence capture