CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-06-01 03:51:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update AITG-APP-03_Testing_for_Sensitive_Data_Leak.md

Browse Source
This commit is contained in:
Matteo Meucci
2025-11-13 20:20:49 +01:00
committed by GitHub
parent 303a7c96b6
commit c317227cea
1 changed files with 5 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Document/content/tests/AITG-APP-03_Testing_for_Sensitive_Data_Leak.md
+5 -13
View File
@@ -77,9 +77,7 @@ A vulnerability is confirmed if the AI model:
- Provides confidential information embedded in system configurations or internal communications.
### Real Example
- **Title**: Sensitive Information Disclosure in AI Systems
- **Author**: Network Intelligence
- **URL**: [https://www.first.org/cvss/specification-document](https://www.first.org/cvss/specification-document)
- Sensitive Information Disclosure in AI Systems - Network Intelligence - [https://www.first.org/cvss/specification-document](https://www.first.org/cvss/specification-document)
### Remediation
- Implement robust filtering mechanisms to detect and redact sensitive information automatically.
@@ -87,19 +85,13 @@ A vulnerability is confirmed if the AI model:
- Regularly audit and sanitize the training datasets to prevent inadvertent sensitive data exposure.
- Continuously monitor and test model outputs for potential leakage of sensitive data.
### Suggested Tools for this Specific Test
### Suggested Tools
- **Garak Sensitive Information Disclosure Probe**: Specialized module within Garak specifically designed to detect sensitive data leaks.
- **URL**: [https://github.com/NVIDIA/garak/blob/main/garak/probes/leakreveal.py](https://github.com/NVIDIA/garak/blob/main/garak/probes/leakreveal.py)
- **Microsoft Counterfit**: An AI security tool capable of identifying sensitive data exposure in model outputs.
- **URL**: [https://github.com/Azure/counterfit](https://github.com/Azure/counterfit)
### References
- **Title**: OWASP Top 10 LLM02:2025 Sensitive Information Disclosure
- **Author**: OWASP Foundation
- **Link**: [https://genai.owasp.org](https://genai.owasp.org)
- **Title**: NIST AI 100-2e2025 - Privacy Attacks and Mitigations
- **Author**: NIST
- **Link**: [https://doi.org/10.6028/NIST.AI.100-2e2025](https://doi.org/10.6028/NIST.AI.100-2e2025)
- **Title**: Indirect Prompt Injection: Generative AIs Greatest Security Flaw
- **Author**: CETaS, Turing Institute
- **URL**: [https://cetas.turing.ac.uk/publications/indirect-prompt-injection-generative-ais-greatest-security-flaw](https://cetas.turing.ac.uk/publications/indirect-prompt-injection-generative-ais-greatest-security-flaw)
- OWASP Top 10 LLM02:2025 Sensitive Information Disclosure - [https://genai.owasp.org](https://genai.owasp.org/llmrisk/llm02-insecure-output-handling)
- NIST AI 100-2e2025 - Privacy Attacks and Mitigations - [https://doi.org/10.6028/NIST.AI.100-2e2025](https://doi.org/10.6028/NIST.AI.100-2e2025)
- Indirect Prompt Injection: Generative AIs Greatest Security Flaw - CETaS, Turing Institute - [https://cetas.turing.ac.uk/publications/indirect-prompt-injection-generative-ais-greatest-security-flaw](https://cetas.turing.ac.uk/publications/indirect-prompt-injection-generative-ais-greatest-security-flaw)