GenAI Red Teaming Guide
- Publisher: OWASP
- Status:
final - Version:
1.0 - Release Date:
2025-01-03 - Date Added:
2025-09-05 - Source URL: https://genai.owasp.org/resource/genai-red-teaming-guide/
Summary
OWASP`s GenAI Red Teaming Guide is a practical playbook for evaluating AI/LLM systems across model, implementation, system, and runtime/agentic layers to surface security risks. It targets cybersecurity teams, AI/ML engineers, and red teamers, combining AI-specific threat modeling, scenario-based testing, and continuous monitoring to make testing repeatable and actionable.
Key Takeaways
- Frames GenAI red teaming as a structured approach combining traditional adversarial testing with AI-specific methods, e.g. prompt injection, data leakage
- 4 part evaluation blueprint - model evaluation, implementation testing, system evaluation, and runtime or human-agentic analysis
- Highlights key risk categories including security and robustness
- Expands the definition of adversary to include the model itself and its outputs
- Stresses scenario-based testing, multifaceted input coverage, and automated output analysis
- Continuous monitoring and observability to detect model drift, response degradation, and injection attempts in production environments
- Emphasizes governance and reporting with integration into enterprise risk frameworks like NIST AI RMF
- Provides appendices with metrics, tools, and datasets to support repeatable testing and automation
Additional Sources
Tags
red-teaming, threat-modelling, adversarial-ml, evaluation, governance, monitoring
License
CC-BY-SA-4.0