1. Plan: AI Policy & Safe Experimentation
2. Code/No Code: AI Asset Discovery
3. Build: AI Security Posture Management
4. Test: AI Red Teaming
5. Deploy: Runtime Guardrails
6. Operate: Safe Execution Environment (Sandbox)
4.9
.
Limited Scope of Evasion Technique Testing
sail
4.9
Risk
Limited Scope of Evasion Technique Testing
Description
Red teaming misses common evasion tactics like hidden characters or encoding, allowing bypasses.
Example
Prompt injection using zero-width or base64-encoded input evades filters and triggers unintended actions.
Assets Affected
User Prompt
System Prompt
Mitigation
- Expand adversarial tests to include diverse evasion methods
- Regularly fuzz with obfuscated, encoded, and hidden payloads
Standards Mapping
- ISO 42001: A.6.2.4, A.9.2
- OWASP Top 10 for LLM: LLM01
- NIST AI RMF: MEASURE 2.6, MEASURE 2.7
