Labs / AI Control Crosswalk
v1.16.0
MITRE ATLAS Navigator
Interactive adversary matrix, Navigator layer overlays, case-study heatmaps, and technique exploration packaged as a Labs product.
Tactics
16
Techniques
170
Mitigations
35
Case studies
57
Navigator implementation
This surface now renders a real layer-compatible Navigator UI on top of the ATLAS matrix, frequency layer, and case-study layer exports.
Snapshot
ATLAS coverage, source metadata, and assessment summary
ATLAS matrix bundles mirrored into the curated export.
Adversary goals in the public ATLAS matrix.
Combined technique inventory across roots and sub-techniques.
Top-level techniques in the current release.
Nested technique variants in the current release.
Mitigation objects mapped to technique coverage.
Public case studies and incident narratives in the bundle.
technique
AI Agent Tool Invocation
Maturity demonstrated · 11 mitigations · 14 case studies
technique
Evade AI Model
Maturity realized · 6 mitigations · 17 case studies
technique
LLM Prompt Crafting
Maturity realized · 0 mitigations · 18 case studies
subtechnique
Indirect
Maturity demonstrated · 2 mitigations · 13 case studies
technique
AI-Enabled Product or Service
Maturity realized · 1 mitigations · 13 case studies
technique
Exfiltration via AI Agent Tool Invocation
Maturity realized · 8 mitigations · 5 case studies
Based on MITRE ATLAS public data, not proof of any organization’s internal security maturity.
Tactics
16
Case studies
57
Repository metadata
Top mitigations
Most linked controls
| Mitigation | Techniques | Lifecycle |
|---|---|---|
AI Telemetry Logging AML.M0024 | 17 | Deployment, Monitoring and Maintenance |
Restrict Number of AI Model Queries AML.M0004 | 16 | Business and Data Understanding, Deployment, Monitoring and Maintenance |
Control Access to AI Models and Data at Rest AML.M0005 | 13 | Business and Data Understanding, Data Preparation, ML Model Engineering, ML Model Evaluation |
Passive AI Output Obfuscation AML.M0002 | 11 | Deployment, ML Model Evaluation |
Use Ensemble Methods AML.M0006 | 11 | ML Model Engineering |
Control Access to AI Models and Data in Production AML.M0019 | 11 | Deployment, Monitoring and Maintenance |
Top case studies
Most referenced public cases
| Case study | Type | Procedures | Refs |
|---|---|---|---|
Bypassing ID.me Identity Verification AML.CS0017 | incident | 3 | 7 |
Code to Deploy Destructive AI Agent Discovered in Amazon Q VS Code Extension AML.CS0047 | incident | 7 | 5 |
Achieving Code Execution in MathGPT via Prompt Injection AML.CS0016 | exercise | 9 | 4 |
AI Model Tampering via Supply Chain Attack AML.CS0028 | exercise | 9 | 4 |
ShadowRay AML.CS0023 | incident | 7 | 4 |
LLM Jacking AML.CS0030 | incident | 7 | 4 |
Layer assets
Layer exports, case-study layers, and machine-readable bundles
The Navigator implementation is the real migration value here: the layer matrix, case-study frequency layer, per-case-study navigator layers, STIX bundles, and OpenCTI bundles all ship as public files.
Default layers
Matrix and frequency views
Case-study layers
Navigator layer inventory
| Layer | Type | Procedures | Refs |
|---|---|---|---|
Bypassing ID.me Identity Verification AML.CS0017 | incident | 3 | 7 |
Code to Deploy Destructive AI Agent Discovered in Amazon Q VS Code Extension AML.CS0047 | incident | 7 | 5 |
Achieving Code Execution in MathGPT via Prompt Injection AML.CS0016 | exercise | 9 | 4 |
AI Model Tampering via Supply Chain Attack AML.CS0028 | exercise | 9 | 4 |
ShadowRay AML.CS0023 | incident | 7 | 4 |
LLM Jacking AML.CS0030 | incident | 7 | 4 |
STIX bundles
Matrix exports
| Bundle | Objects | Key types |
|---|---|---|
ATLAS STIX bundle stix_atlas | 538 | relationship 315, attack-pattern 170, course-of-action 35, x-mitre-tactic 16 |
ATLAS + ATT&CK Enterprise STIX bundle stix_atlas_attack_enterprise | 26381 | relationship 21341, x-mitre-analytic 1758, attack-pattern 1028, malware 729 |
OpenCTI bundles
Selected case-study packages
| Case study | Type | Objects |
|---|---|---|
Careful Who You Colab With: abusing google colaboratory AMLCS0018_Report-Careful Who You Colab With_ abusing google colaboratory_full | aml.cs0018, mitre atlas source | 32 |
PoisonGPT: How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News AMLCS0019_Report-PoisonGPT_ How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News_full | aml.cs0019, mitre atlas source | 27 |
ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery AMLCS0021_Report-ChatGPT Plugins_ Data Exfiltration via Images & Cross Plugin Request Forgery_full | aml.cs0021, mitre atlas source, ml-ready | 26 |
New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment Insurance Benefits AMLCS0017_Report-New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment | aml.cs0017, mitre atlas source | 19 |
Indirect Prompt Injection Threats: Bing Chat Data Pirate AMLCS0020_Report-Indirect Prompt Injection Threats_ Bing Chat Data Pirate_full | aml.cs0020, mitre atlas source | 16 |
MITRE ATLAS Case Study: Face Identification System Evasion via Physical Countermeasures AMLCS0012_ Face Identification System Evasion via Physical Countermeasures_full | mitre atlas source, aml.cs0012 | 14 |
Explorer
Search techniques, maturity levels, and mapped signals
The technique explorer is intentionally lightweight: search by ID or label, narrow by maturity, and isolate one tactic at a time.
Charts
ATLAS signal profile
The charts are generated from the same upstream bundle as the tables above so the visual layer and the explorer stay in sync.
MITRE ATLAS Explorer
ATLAS coverage by tactic
Technique, sub-technique, and case-study coverage grouped by tactic.
MITRE ATLAS Explorer
ATLAS technique maturity distribution
Current maturity labels in the upstream ATLAS technique bundle.
MITRE ATLAS Explorer
ATLAS case-study type distribution
How the upstream case studies split between incidents and exercises.
Assets
Mirrored validation schemas and public bundle assets
The repo keeps the useful upstream assets that help us validate, extend, and consume ATLAS without mirroring the full source tree.
Ready
Explorer JSON
Curated ATLAS matrix snapshot.
Size: 311.9 KB
Ready
Assessment JSON
Coverage scorecards and top-linked items.
Size: 15.1 KB
Ready
Navigator manifest
Layer inventory and release metadata.
Size: 35.2 KB
Ready
Layer matrix
Navigator-friendly matrix export.
Size: public JSON
Mirrored schema files
Source
Upstream repository, release, and provenance
Repository
MITRE ATLAS data
This Labs page consumes the curated public snapshot from the upstream ATLAS repositories rather than mirroring the full source tree into the app.
Provenance