Guides, references, and API docs for running Breach & Attack Simulation against your LLM applications.
Learn how to set up your first attack simulation against an LLM-integrated endpoint.
Defense lattice methodology, engine probes, and grading rubric — how the engine actually scores.
REST API reference for programmatic access to the simulation engine.
Understanding risk scores, severity levels, and confidence intervals.
How to export and share signed evidence packs with your auditors.
Connect with Slack, PagerDuty, JIRA, and your SIEM tooling.
One controlled run of probes against an allowed target — what gets sent, how it's graded, and what comes back.
How attacker personas drive probe selection and why the same target can produce different findings across personas.
From a finding to a prioritized remediation action: which controls close which probes, traced back to the run.
How DoesItDefend maps probes to the OWASP LLM Top 10 — what each category covers and how scoring rolls up.
The grading lattice (covered / partial / gap / untested) and why aggregating across paraphrases matters.
Why a 100% score against literal probes can drop to 0% under paraphrase — and how we surface that drift up front.
Wire the CLI / GitHub Action into a repo so every PR runs the gate against the changed prompt files.
How findings translate to NIST AI RMF, EU AI Act, SOC 2 and ISO 27001 controls in the evidence pack.
Sandbox-only public score badge for READMEs and landing pages. SVG + JSON endpoints, embed in two lines.
How the gate decides PROMOTE / HOLD on a pull request from the diff alone — the data path from PR to verdict.
DNS TXT challenge to prove you control a target before any probe touches it. CFAA / Marco Civil layer.
Author scenarios from your own attack templates and run them like any built-in catalogue entry.
SAML 2.0 and OIDC for tenant logins. Metadata storage, enforced-domain routing, and what's not implemented yet.
How active-user seats work, how invites consume the quota, and how the gate re-checks at accept time.
Push run + finding events to Slack, PagerDuty, or any HTTPS endpoint. HMAC-signed payloads, retried with backoff.
Cron-style cadence (hourly / daily / weekly) on a saved RunRequest template. Continuous defense validation, hands-off.
Diff two runs by score, MITRE coverage, and finding deltas. The replay surface for change validation and brittleness drift.
Install once, gate every PR. The App listens to pull_request events and posts a Check Run + comment with the verdict.
Common questions about pricing, scoring, tenancy, audit posture, and sandbox usage — all in one place.
Coordinated attack chains, not parameterized scripts. Four-phase pipeline, finding-based routing, and what 'adaptive' means in practice.