Table Test 1 - Fixed Width Columns (240px desktop; 200px mobile - not editable)
| Threat | Description | Risk Type | Development Stage | Mitigation | OWASP LLM Top 10 Mapping | NIST Mapping | MITRE ATLAS Mapping |
|---|---|---|---|---|---|---|---|
| Supply Chain - Infrastructure | Compromising infrastructure that host ML development pipelines and applications. Attackers may exploit vulnerabilities to gain unauthorized access, leading to further system or network compromise or compromise of model integrity. | Security | Supply Chain | Use trusted suppliers | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Supply Chain - Models | Tampering with or injecting malicious code into ML models before they are deployed. | Security | Supply Chain | File scanning (AI Validation); safe model file formats (e.g., safetensors) | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
Table Test 2 - Flexible Width Columns (no widths defined, resizes as you type)
| Threat | Description | Risk Type | Development Stage | Mitigation | OWASP LLM Top 10 Mapping | NIST Mapping | MITRE ATLAS Mapping |
|---|---|---|---|---|---|---|---|
| Supply Chain - Infrastructure | Compromising infrastructure that host ML development pipelines and applications. Attackers may exploit vulnerabilities to gain unauthorized access, leading to further system or network compromise or compromise of model integrity. | Security | Supply Chain | Use trusted suppliers | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Supply Chain - Models | Tampering with or injecting malicious code into ML models before they are deployed. | Security | Supply Chain | File scanning (AI Validation); safe model file formats (e.g., safetensors) | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
Table Test 3 - Flexible Width Columns (width defined by % value in 2nd row)
| Threat | Description | Risk Type | Development Stage | Mitigation | OWASP LLM Top 10 Mapping | NIST Mapping | MITRE ATLAS Mapping |
|---|---|---|---|---|---|---|---|
| 10% | 25% | 10% | 10% | 15% | 10% | 10% | 10% |
| Supply Chain - Infrastructure | Compromising infrastructure that host ML development pipelines and applications. Attackers may exploit vulnerabilities to gain unauthorized access, leading to further system or network compromise or compromise of model integrity. |
| Supply Chain | Use trusted suppliers | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Supply Chain - Models | Tampering with or injecting malicious code into ML models before they are deployed. |
| Supply Chain | File scanning (AI Validation); safe model file formats (e.g., safetensors) | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Insecure Output Handling | Failure to properly validate or secure the outputs from ML models, potentially leading to the propagation of malicious or misleading information. |
| Production | Guardrails (AI Protection); threat modeling | LLM02 - Insecure Output Handling | N/A | N/A |
| Excessive Agency | LLMs that are given agency (the ability to interact with external systems to perform actions) may perform undesirable actions. |
| Production | Restrict tool functionality; least privilege; authorizations in downstream systems (human-in-the-loop) | LLM08 - Excessive Agency | N/A | AML.T0048 - External Harms |
| Misalignment | Discrepancy between the model's behavior and the intended objectives or values of its developers and users. This may present as a misalignment of goals, safety, values, or other specifications. |
| Production | Algorithmic red teaming (AI Validation); RLHF | N/A | Integrity Violation | AML.T0048.002 - Societal Harm |
Table Test 4 - Defined Width Columns (using 'caption' text - 12pt)
| Threat | Description | Risk Type | Development Stage | Mitigation | OWASP LLM Top 10 Mapping | NIST Mapping | MITRE ATLAS Mapping |
|---|---|---|---|---|---|---|---|
| 12% | 26% | 8% | 8% | 16% | 10% | 10% | 10% |
| Supply Chain - Infrastructure | Compromising infrastructure that host ML development pipelines and applications. Attackers may exploit vulnerabilities to gain unauthorized access, leading to further system or network compromise or compromise of model integrity. |
|
| Use trusted suppliers | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Supply Chain - Models | Tampering with or injecting malicious code into ML models before they are deployed. |
|
| File scanning (AI Validation); safe model file formats (e.g., safetensors) | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Insecure Output Handling | Failure to properly validate or secure the outputs from ML models, potentially leading to the propagation of malicious or misleading information. |
|
| Guardrails (AI Protection); threat modeling | LLM02 - Insecure Output Handling | N/A | N/A |
| Excessive Agency | LLMs that are given agency (the ability to interact with external systems to perform actions) may perform undesirable actions. |
|
| Restrict tool functionality; least privilege; authorizations in downstream systems (human-in-the-loop) | LLM08 - Excessive Agency | N/A | AML.T0048 - External Harms |
| Misalignment | Discrepancy between the model's behavior and the intended objectives or values of its developers and users. This may present as a misalignment of goals, safety, values, or other specifications. |
|
| Algorithmic red teaming (AI Validation); RLHF | N/A | Integrity Violation | AML.T0048.002 - Societal Harm |
Table Test 5 - Defined Width Columns ('body' for Threat in 1st column, 'caption' for rest)
| Threat | Description | Risk Type | Development Stage | Mitigation | OWASP LLM Top 10 Mapping | NIST Mapping | MITRE ATLAS Mapping |
|---|---|---|---|---|---|---|---|
| 12% | 26% | 8% | 8% | 16% | 10% | 10% | 10% |
| Supply Chain - Infrastructure | Compromising infrastructure that host ML development pipelines and applications. Attackers may exploit vulnerabilities to gain unauthorized access, leading to further system or network compromise or compromise of model integrity. |
|
| Use trusted suppliers | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Supply Chain - Models | Tampering with or injecting malicious code into ML models before they are deployed. |
|
| File scanning (AI Validation); safe model file formats (e.g., safetensors) | LLM05 - Supply Chain Vulnerabilities | AI Supply Chain Attacks | AML.T0010 - ML Supply Chain Compromise |
| Insecure Output Handling | Failure to properly validate or secure the outputs from ML models, potentially leading to the propagation of malicious or misleading information. |
|
| Guardrails (AI Protection); threat modeling | LLM02 - Insecure Output Handling | N/A | N/A |
| Excessive Agency | LLMs that are given agency (the ability to interact with external systems to perform actions) may perform undesirable actions. |
|
| Restrict tool functionality; least privilege; authorizations in downstream systems (human-in-the-loop) | LLM08 - Excessive Agency | N/A | AML.T0048 - External Harms |
| Misalignment | Discrepancy between the model's behavior and the intended objectives or values of its developers and users. This may present as a misalignment of goals, safety, values, or other specifications. |
|
| Algorithmic red teaming (AI Validation); RLHF | N/A | Integrity Violation | AML.T0048.002 - Societal Harm |