feat(knowledge): add MITRE ATLAS IDs to OWASP files + Norwegian regulatory context
This commit is contained in:
Kjell Tore Guttormsen
parent
5bb9d5bd11
commit
e2c8924074
8 changed files with 301 additions and 30 deletions
|
|
@ -17,7 +17,7 @@ Used by `posture-assessor-agent` to evaluate which controls are in place and whi
|
|||
|
||||
## Matrix
|
||||
|
||||
### LLM01 — Prompt Injection
|
||||
### LLM01 — Prompt Injection (MITRE ATLAS: AML.T0051)
|
||||
|
||||
Attacker injects instructions via external content (files, web pages, tool outputs) that override intended behavior.
|
||||
|
||||
|
|
@ -39,7 +39,7 @@ Attacker injects instructions via external content (files, web pages, tool outpu
|
|||
|
||||
---
|
||||
|
||||
### LLM02 — Sensitive Information Disclosure
|
||||
### LLM02 — Sensitive Information Disclosure (MITRE ATLAS: AML.T0024)
|
||||
|
||||
Model reveals sensitive data from training, context, or external sources in its outputs.
|
||||
|
||||
|
|
@ -54,7 +54,7 @@ Model reveals sensitive data from training, context, or external sources in its
|
|||
|
||||
---
|
||||
|
||||
### LLM03 — Supply Chain Vulnerabilities
|
||||
### LLM03 — Supply Chain Vulnerabilities (MITRE ATLAS: AML.T0010)
|
||||
|
||||
Compromised models, plugins, or MCP servers introduce malicious behavior.
|
||||
|
||||
|
|
@ -68,7 +68,7 @@ Compromised models, plugins, or MCP servers introduce malicious behavior.
|
|||
|
||||
---
|
||||
|
||||
### LLM04 — Data and Model Poisoning
|
||||
### LLM04 — Data and Model Poisoning (MITRE ATLAS: AML.T0020)
|
||||
|
||||
Malicious training data or fine-tuning corrupts model behavior.
|
||||
|
||||
|
|
@ -82,7 +82,7 @@ Malicious training data or fine-tuning corrupts model behavior.
|
|||
|
||||
---
|
||||
|
||||
### LLM05 — Improper Output Handling
|
||||
### LLM05 — Improper Output Handling (MITRE ATLAS: AML.T0043)
|
||||
|
||||
Model output treated as trusted without sanitization, leading to injection in downstream systems.
|
||||
|
||||
|
|
@ -96,7 +96,7 @@ Model output treated as trusted without sanitization, leading to injection in do
|
|||
|
||||
---
|
||||
|
||||
### LLM06 — Excessive Agency
|
||||
### LLM06 — Excessive Agency (MITRE ATLAS: AML.T0061)
|
||||
|
||||
Model granted too many permissions or capabilities, enabling unintended high-impact actions.
|
||||
|
||||
|
|
@ -111,7 +111,7 @@ Model granted too many permissions or capabilities, enabling unintended high-imp
|
|||
|
||||
---
|
||||
|
||||
### LLM07 — System Prompt Leakage
|
||||
### LLM07 — System Prompt Leakage (MITRE ATLAS: AML.T0024)
|
||||
|
||||
System prompt or CLAUDE.md exposed through adversarial extraction, revealing security controls.
|
||||
|
||||
|
|
@ -125,7 +125,7 @@ System prompt or CLAUDE.md exposed through adversarial extraction, revealing sec
|
|||
|
||||
---
|
||||
|
||||
### LLM08 — Vector and Embedding Weaknesses
|
||||
### LLM08 — Vector and Embedding Weaknesses (MITRE ATLAS: AML.T0020)
|
||||
|
||||
Manipulated embeddings or vector store content used to inject malicious context into RAG pipelines.
|
||||
|
||||
|
|
@ -139,7 +139,7 @@ Manipulated embeddings or vector store content used to inject malicious context
|
|||
|
||||
---
|
||||
|
||||
### LLM09 — Misinformation
|
||||
### LLM09 — Misinformation (MITRE ATLAS: AML.T0031)
|
||||
|
||||
Model generates plausible but false information, leading to incorrect decisions.
|
||||
|
||||
|
|
@ -154,7 +154,7 @@ Model generates plausible but false information, leading to incorrect decisions.
|
|||
|
||||
---
|
||||
|
||||
### LLM10 — Unbounded Consumption
|
||||
### LLM10 — Unbounded Consumption (MITRE ATLAS: AML.T0029)
|
||||
|
||||
Model or agents consume excessive compute, tokens, or API calls, causing denial of service or cost overruns.
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue