AI Threat Alert
AI Security Explainers
Plain-English guides to the attack techniques, frameworks, and compliance concepts behind AI/ML security. Each explainer is written for security teams and CISOs, anchored to authoritative sources and the real CVEs tracked on AI Threat Alert.
- What is prompt injection? The #1 LLM security risk (OWASP LLM01): direct vs indirect attacks, how it works, a real CVE example, and defenses.
- What is an ISO 42001 gap assessment? How to measure your AI governance against ISO/IEC 42001, run the assessment step by step, and keep the security-control evidence audit-ready.
- What is MITRE ATLAS? The adversary framework for AI systems: how its tactics and techniques work, how it differs from MITRE ATT&CK, and how to map CVEs to it.
- What is LLM jailbreaking? Bypassing AI safety guardrails: how jailbreaking differs from prompt injection, common techniques, and how to defend language models.
- What is the GCG attack? Greedy Coordinate Gradient: how the attack computes adversarial suffixes against LLMs, why they transfer across models, and how to defend.