You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: learn-pr/wwl-sci/specify-requirements-securing-saas-paas-iaas-services/includes/6-evaluate-ai-services-security.md
Evaluate groundedness detection configurations for RAG-based applications. Groundedness detection identifies when model outputs contain information not supported by provided source materials, reducing hallucination risks. Verify whether groundedness correction is enabled to automatically align responses with source documents.
53
+
Evaluate groundedness detection configurations for RAG-based applications. Groundedness detection identifies when model outputs contain information not supported by provided source materials, reducing risks of incorrect information. Verify whether groundedness correction is enabled to automatically align responses with source documents.
54
54
55
55
For applications using AI agents, assess Task Adherence API implementation. This capability detects when tool use by AI agents is misaligned, unintended, or premature, preventing agents from taking unauthorized actions.
56
56
@@ -76,7 +76,7 @@ Evaluate whether the solution implements human review for critical AI actions, e
76
76
77
77
## Evaluate threat protection capabilities
78
78
79
-
Microsoft Defender for Cloud provides AI-specific security posture management and threat protection. Evaluate whether solutions leverage these capabilities for comprehensive security monitoring. MCSB v2 controls AI-6 and AI-7 address monitoring and continuous red teaming requirements.
79
+
Microsoft Defender for Cloud provides AI-specific security posture management and threat protection. Evaluate whether solutions use these capabilities for comprehensive security monitoring. MCSB v2 controls AI-6 and AI-7 address monitoring and continuous red teaming requirements.
80
80
81
81
### AI security posture management
82
82
@@ -97,13 +97,13 @@ Evaluate alert integration with security operations. Verify that AI security ale
97
97
98
98
### Continuous AI red teaming (MCSB AI-7)
99
99
100
-
Assess whether the organization performs continuous adversarial testing of AI systems. AI red teaming uses tools like PyRIT (Python Risk Identification Tool) and the Azure AI Red Teaming Agent to simulate attacks including prompt injection, jailbreaking, and data poisoning. Evaluate whether red teaming is integrated into CI/CD pipelines for pre-deployment validation and whether test scenarios align with MITRE ATLAS tactics for AI-specific threats.
100
+
Assess whether the organization performs continuous adversarial testing of AI systems. AI red teaming uses tools like PyRIT (Python Risk Identification Tool) and the Azure AI Red Teaming Agent to simulate attacks including prompt injection, jailbreaking, and data poisoning. Evaluate whether red teaming is integrated into CI/CD pipelines for predeployment validation and whether test scenarios align with MITRE ATLAS tactics for AI-specific threats.
101
101
102
102
## Evaluate data protection and availability
103
103
104
104
Assess encryption configurations for data at rest, verifying customer-managed keys where compliance requires key management control. Evaluate data residency configurations to ensure AI services and connected resources (search indexes, storage accounts) meet data sovereignty requirements.
105
105
106
-
For fine-tuned models, verify data lifecycle policies ensure training data deletion after fine-tuning completes unless retention is specifically required.
106
+
For fine-tuned models, verify data lifecycle policies ensure training data deletion after fine-tuning completes unless retention is required.
107
107
108
108
Evaluate availability controls including quota monitoring and alerting, rate limiting at API Management, and Azure DDoS Protection for internet-facing deployments.
0 commit comments