From 13b2697e4042d39e0babbe4b04a4c44871b0e3e3 Mon Sep 17 00:00:00 2001 From: Marco Morana Date: Tue, 18 Nov 2025 12:33:36 -0500 Subject: [PATCH] Update 4.7_References.md Added reference to MAESTRO and AI Powered TM course --- Document/content/4.7_References.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Document/content/4.7_References.md b/Document/content/4.7_References.md index c7b9a62..715d7f9 100644 --- a/Document/content/4.7_References.md +++ b/Document/content/4.7_References.md @@ -13,7 +13,7 @@ \[11\] MITRE Corporation. (2023). *MITRE ATLAS™:* Adversarial Threat Landscape for Artificial-Intelligence Systems. Retrieved from [https://atlas.mitre.org/](https://atlas.mitre.org/) \[12\] Wuyts, K., & Joosen, W. (2015). LINDDUN privacy threat modeling: A tutorial (CW Reports CW685). Department of Computer Science, KU Leuven. Retrieved from [https://linddun.org/publications/](https://linddun.org/publications/) \[13\] Google. (2023). *Secure AI Framework (SAIF): A Conceptual Framework for Secure AI Systems*. Retrieved from [https://safety.google/cybersecurity-advancements/saif/](https://safety.google/cybersecurity-advancements/saif/) -\[14\] *OWASP AI Red Teaming Framework*. Open Worldwide Application Security Project (OWASP), 2024\. Available at: [https://genai.owasp.org/resource/genai-red-teaming-guide/](https://genai.owasp.org/resource/genai-red-teaming-guide/) +\[14\] *OWASP AI Red Teaming Framework*. Open Worldwide Application Security Project (OWASP), 2024\. Available at: [https://genai.owasp.org/resource/genai-red-teaming-guide/](https://genai.owasp.org/resource/genai-red-teaming-guide/) \[15\] Lewis, P., Perez, E., Piktus, A., Karpukhin, V., Goyal, N., Küttler, H., … & Riedel, S. (2021). *Retrieval-Augmented Generation for Knowledge-Intensive NLP Tasks*. In *NeurIPS 2021*. Available from [https://arxiv.org/abs/2005.11401](https://arxiv.org/abs/2005.11401) \[16\] Angles of Attack Research Group. *Securing AI/ML Systems in the Age of Information Warfare*. Angles of Attack White Paper, 2024\. Available from [https://anglesofattack.io/Securing\_AIML\_Systems\_in\_IW\_Cox.pdf](https://anglesofattack.io/Securing_AIML_Systems_in_IW_Cox.pdf) \[17\] Scarfone, K., Souppaya, M., Cody, A., & Orebaugh, A. (2008). *Technical Guide to Information Security Testing and Assessment* (NIST Special Publication 800-115). National Institute of Standards and Technology. Retrieved from [https://csrc.nist.gov/publications/detail/sp/800-115/final](https://csrc.nist.gov/publications/detail/sp/800-115/final) @@ -21,5 +21,8 @@ \[19\] OWASP Foundation. (2023). *OWASP Web Security Testing Guide (WSTG), Version 4.2*. Open Worldwide Application Security Project. Retrieved from [https://owasp.org/www-project-web-security-testing-guide/](https://owasp.org/www-project-web-security-testing-guide/) \[20\] Yu, S. (2023). *Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape.* Wiley. ISBN: 978-1119895183. Available from: [https://www.wiley.com/en-us/Cyber+Defense+Matrix%3A+The+Essential+Guide+to+Navigating+the+Cybersecurity+Landscape-p-9781119895183](https://www.wiley.com/en-us/Cyber+Defense+Matrix%3A+The+Essential+Guide+to+Navigating+the+Cybersecurity+Landscape-p-9781119895183) \[21\] OWASP Agentic Security Initiative. (2025, February 17). *Agentic AI – Threats and Mitigations*. OWASP Generative AI Security Project. Retrieved from [https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/](https://genai.owasp.org/resource/agentic-ai-threats-and-mitigations/) -\[22\] OWASP Agentic Security Initiative. “Multi-Agentic System Threat Modeling Guide v1.0.” OWASP Generative AI Security Project. April 23, 2025\. [https://genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/](https://genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/) -\[23\] Jim Hoagland et al. "Prompt Injection Taxonomy for AI Applications." Pangea Security, 2024\. [https://pangea.cloud/securebydesign/aiapp-pi-taxonomy/](https://pangea.cloud/securebydesign/aiapp-pi-taxonomy/) +\[22\] OWASP Agentic Security Initiative. *Multi-Agentic System Threat Modeling Guide v1.0.* Retrieved from: +[https://genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/](https/genai.owasp.org/resource/multi-agentic-system-threat-modeling-guide-v1-0/) +\[23\] Jim Hoagland et al. "Prompt Injection Taxonomy for AI Applications." Pangea Security, 2024 (https://pangea.cloud/securebydesign/aiapp-pi-taxonomy/) +\[24\] Ken Huang. “Agentic AI Threat Modeling Framework: MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome).” Cloud Security Alliance, Feb. 6 2025 (https://cloudsecurityalliance.org/blog/2025/02/06/agentic-ai-threat-modeling-framework-maestro) +\[25\] M.Morana “AI-Powered Threat Modeling – Course Overview.” YouTube, Channel “@CodeRedPR0_Official”, CodeRed Pro. Available at: (https://www.youtube.com/@CodeRedPR0_Official/search?query=powered%20threat%20modeling)