This repository hosts the OWASP AI Testing Guide, an open-source initiative providing structured methodologies and best practices for testing artificial intelligence systems. It targets practitioners, researchers, and organizations seeking to ensure the reliability, security, and ethical alignment of AI deployments.

How It Works

The guide consolidates existing knowledge and aims to create a new, comprehensive methodology for AI testing. It leverages insights from related OWASP projects (GenAI Red Teaming, AI Exchange, AI Security and Privacy, Top 10 for LLM, AI VSS) and external resources like the CSA Agentic AI Red Teaming Guide and NIST AI 100. The approach emphasizes a holistic view, addressing model-level vulnerabilities, runtime behavior, and unique attack surfaces of agentic AI.

Quick Start & Requirements

This is a documentation project. No installation or execution is required.

Highlighted Details

• Consolidates and builds upon multiple OWASP AI security initiatives.
• Addresses testing methodologies for both general AI and specific areas like agentic AI and LLMs.
• Incorporates risk-based approaches and vulnerability scoring concepts (AI VSS).
• Aims to provide a comprehensive framework for AI system reliability, security, and ethical soundness.

Maintenance & Community

Project leaders for contributions and feedback are Matteo Meucci (matteo.meucci@owasp.org) and Marco Morana (marco.m.morana@gmail.com).

Licensing & Compatibility

The repository is hosted by the OWASP Foundation, implying a permissive open-source license suitable for commercial use and integration into closed-source projects. Specific license details would typically be found in a LICENSE file within the repository.

Limitations & Caveats

As a guide under development, it represents a consolidation and creation of new methodologies. Specific implementation details or tooling are not provided, as it focuses on the "what" and "how" of testing strategies rather than specific software.