Update AITG-DAT-02_Testing_for_Runtime_Exfiltration.md

This commit is contained in:
Matteo Meucci
2025-11-05 19:46:24 +01:00
committed by GitHub
parent 73c7fa8aa9
commit 9b9fd9160b
@@ -31,17 +31,17 @@ Runtime Exfiltration involves unauthorized extraction or leakage of sensitive da
### Expected Output
The AI infrastructure should effectively:
- Restrict inference outputs to prevent exposure of sensitive, personally identifiable, or proprietary information.
- Mask, anonymize, or omit sensitive data from logs, caches, or inference responses.
- Secure all runtime APIs and interfaces against unauthorized data extraction or unintended disclosure.
- **Restrict Inference Outputs**: Prevent exposure of sensitive, personally identifiable, or proprietary information from other contexts.
- **Mask Sensitive Data in Logs**: Automatically mask, anonymize, or omit sensitive data from logs, caches, and error messages.
- **Secure All Runtime APIs**: Ensure APIs return generic error messages and do not leak internal system state or data from other users.
### Remediation
- Implement strict runtime output validation and sanitization mechanisms.
- Enforce secure logging practices, ensuring sensitive runtime data is anonymized or excluded from logs and caches.
- Deploy API security solutions to robustly verify, sanitize, and control inference responses and prevent sensitive data leakage.
- Regularly audit runtime operations and inference endpoints to detect and prevent unauthorized data exfiltration.
- **Implement Strict Runtime Output Validation and Sanitization**: Before returning an output, scan it for sensitive data patterns (e.g., regex for PII) and mask or remove them. This is a critical last line of defense.
- **Enforce Secure Logging Practices**: Configure logging frameworks to automatically filter or mask sensitive data. Never log raw user inputs or full API responses in production. Log only metadata necessary for debugging.
- **Implement Generic Error Handling**: Ensure that user-facing error messages are always generic and never include stack traces, internal variable states, or raw data from the request or system.
- **Use Data Loss Prevention (DLP) Solutions**: Deploy automated DLP tools that can inspect both API traffic and logs in real-time to detect and block sensitive data exfiltration.
- **Enforce Strong Multi-Tenancy Controls**: In multi-tenant systems, ensure that data from one tenant is cryptographically and logically isolated from all others at all stages (inference, logging, caching).
### Suggested Tools