1. Plan: AI Policy & Safe Experimentation
2. Code/No Code: AI Asset Discovery
3. Build: AI Security Posture Management
4. Test: AI Red Teaming
5. Deploy: Runtime Guardrails
6. Operate: Safe Execution Environment (Sandbox)
7. Monitor: AI Activity Tracing
Risk
Overly Permissive Permissions in Experimentation
Description
Users/code have admin/root rights in experimentation environments, risking privilege escalation or lateral movement.
Example
Researcher runs experiment as root, accidentally wipes shared storage.
Assets Affected
Agentic Platform
Notebook
AI Agent
Mitigation
- Principle of least privilege
- RBAC
- no-root-by-default
- periodic access reviews
- enforce sandbox policy.
Standards Mapping
- ISO: A.3.2, A.4.5
- OWASP agentic: ASI03
- OWASP LLM: LLM06:2025
- EU AI Act: Art. 14, Art. 15(5)
- DASF: Raw Data 1.1, Platform 12.4
- AIUC-1: B007, B008