8 free tools covering the full AI security landscape -- attacks on ML systems (MITRE ATLAS), how APTs use AI to augment existing TTPs, LLM-specific vulnerabilities, deepfake detection, DPDP Act compliance for AI deployments, and AI-specific incident response playbooks. Built for Indian SOC teams navigating the AI threat landscape.
MITRE ATLAS and OWASP LLM Top 10 -- the attacker's view of your ML models, training pipelines, and LLM deployments.
10 ATLAS techniques -- data poisoning, model inversion, adversarial examples, backdoor attacks, prompt injection, model theft. Each with real-world context, detection, and DPDP Act implications.
Full OWASP LLM Top 10 with attack examples, India-specific scenarios, and defences. Covers prompt injection, insecure output handling, training data poisoning, model theft, excessive agency, and more.
Score your ML system's attack surface across 5 dimensions: training pipeline, model storage, serving infrastructure, integrations, and access controls. Prioritised hardening actions.
How adversaries use AI to augment existing ATT&CK techniques -- and how your detection needs to adapt.
7 ATT&CK tactics transformed by AI -- before and after. AI-generated spearphishing, polymorphic malware, automated lateral movement, AI-guided exfil. India-specific threat context for each.
Detection tells for AI-generated images, deepfake video, voice cloning, and AI text. SOC and IR guidance for each type. Covers deepfake BEC fraud -- increasing in Indian financial sector.
DPDP Act 2023 obligations for AI systems and evaluation frameworks for AI-powered security tools.
Map your AI system's processing activities to DPDP Act 2023 obligations. Training data, inference inputs, automated decisions, data principal rights -- with specific section references and required actions.
18 questions for evaluating AI-powered security tools before purchase. Adversarial robustness, data handling, explainability, vendor AI security posture, DPDP compliance -- with good/bad answer flags.
Step-by-step playbooks for AI-specific security incidents with CERT-In notification guidance.