CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-03-06 00:00:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revise suggested tools section formatting

Browse Source 
Updated the section on suggested tools for testing capability misuse by removing specific subheading and adjusting formatting.
This commit is contained in:
Matteo Meucci
2025-11-13 19:52:29 +01:00
committed by GitHub
parent d1003f94d8
commit 90ef697a5a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Document/content/tests/AITG-INF-04_Testing_for_Capability_Misuse.md
View File

@@ -44,7 +44,7 @@ The AI infrastructure should effectively:
- **Principle of Least Privilege**: Always assign users and AI agents the minimum set of capabilities required for their legitimate tasks. Avoid granting broad permissions.
- **Continuous Monitoring and Alerting**: Monitor the logs of capability invocations for suspicious activity, such as a single user attempting many different unauthorized actions, and trigger alerts for immediate review.
### Suggested Tools for This Specific Test
### Suggested Tools
- **Authorization and Policy Enforcement:** [Open Policy Agent (OPA)](https://www.openpolicyagent.org/), [Kyverno](https://kyverno.io/), [Casbin](https://casbin.org/)
- **Security and Ethical Controls (Guardrails):** [NVIDIA NeMo Guardrails](https://github.com/NVIDIA/NeMo-Guardrails), [LangChain Guardrails](https://python.langchain.com/docs/guides/guardrails)