A security framework for testing generative AI systems

Organizations deploying generative AI lack systematic security practices, leaving systems exposed to model inversion, data poisoning, and prompt injection attacks. STRIDE-AI provides a six-phase assessment framework that translates high-level AI risk standards (NIST AI RMF) into technical vulnerability checks aligned with OWASP's LLM Top 10. The framework includes a web-based tool and has been validated on a deployed LLM chatbot, where it identified and helped remediate vulnerabilities that reduced attack success rates from 80% to 15%. Intended for security practitioners and organizations building AI systems.