1. Plan: AI Policy & Safe Experimentation
2. Code/No Code: AI Asset Discovery
3. Build: AI Security Posture Management
4. Test: AI Red Teaming
5. Deploy: Runtime Guardrails
6. Operate: Safe Execution Environment (Sandbox)
7. Monitor: AI Activity Tracing
Risk
Limited Foreign Language Red Teaming
Description
Security testing focuses on a single language, missing vulnerabilities exploitable via other languages.
Example
Harmful prompts in non-English languages bypass safety filters.
Assets Affected
User Prompt
Model Response
Mitigation
- Include multilingual prompts in red-team scope
- prioritize based on user base and threat intel.
Standards Mapping
- ISO: A.6.2.4, A.5.4
- OWASP agentic: ASI01
- OWASP LLM: LLM01:2025
- EU AI Act: Art. 15
- DASF: Platform 12.2
- AIUC-1: B001, C010