ai · security · skills

Reskill · APP

Application & DevSecAIOps Security

A prompt injection turned an internal agent into an exfiltration path.

The pipeline gates never watched for it. Reskilling means teaching them to.

The rung you have to reach

Model Security

Security controls for AI models across deployment types (self-hosted, PaaS, API/SaaS), including model selection, integrity and provenance verification, secure configuration, adversarial robustness, and operational monitoring. Includes model safety (bias, harm, hallucinations).

L1 · Initial

Models deployed without security or safety review regardless of deployment type. For self-hosted models, no integrity controls or restrictions on unsafe file formats. For PaaS/API models, default configurations used without security assessment. No evaluation of third-party or open models before use. Model provider security posture not assessed.

L2 · Repeatable

Basic security requirements documented for model deployments (e.g., system prompt requirements). Third-party and open models undergo risk review for major deployments, including basic safety evaluation. For self-hosted models, unsafe file formats recognized but enforcement inconsistent. For PaaS/API models, initial configuration reviews performed. Model provider security assessments conducted for primary providers.

L3 · Defined

Standardized security and safety (bias/harm/hallucination) requirements for models based on deployment type and risk classification. Self-hosted models require integrity verification and secure file formats. PaaS/API model configurations hardened per documented standards. Formal risk assessment process for third-party and open models. Model versioning and rollback capability established. Initial monitoring for model behavior and performance in production.

L4 · Capable

Model signing and provenance verification enforced for self-hosted models. Automated configuration validation for PaaS/API deployments. Adversarial robustness testing standard for production use cases. Continuous monitoring for model drift, degradation, safety, and anomalous behavior across deployment types. Model risk metrics tracked and reported through governance processes.

L5 · Efficient

Automated model security verification across deployment types integrated into pipelines. Real-time monitoring with automated alerting on drift, safety issues, or anomalies. Adversarial testing integrated into CI/CD with defined thresholds. Proactive updates to model security controls as providers release changes or new attack vectors emerge.

This function also touches: App Security.

our model · calibrated to SAE J3016

Your syllabus

The plays that climb the rung.

Secure code-review assist

Security review of code changes: flag dangerous patterns, check fixes, reduce review queue time.

Moves: Security-review turnaround

Show the exact control IDs (for your security & GRC team)

L2 AIS-04, AIS-12, HRS-15 · L3 AIS-05, GRC-15, TVM-13 · L4 AIS-06, IAM-18

LLM guardrails / prompt-injection defense

Fit a guard to an LLM app’s real attack classes; verify against known and held-out attacks.

Moves: Attack catch rate

Show the exact control IDs (for your security & GRC team)

L2 MDS-06, TVM-13 · L3 MDS-07, LOG-15, LOG-16 · L4 MDS-10, AIS-13

AI SDLC tollgate reviews

Review every AI-assisted PR and model release against eight CI gates from Plan to Monitor; gate strength scales with the AI-CMM autonomy tier (our model) the stage runs at.

Moves: % of AI-assisted PRs passing all gates pre-merge

Show the exact control IDs (for your security & GRC team)

L2 AIS-04, AIS-12, DSP-17 · L3 AIS-05, MDS-06, MDS-07, GRC-15, LOG-16 · L4 AIS-13, MDS-10, LOG-12

Autonomy must not outrun maturity. The gate holds each rung until its controls are evidenced. The gate framework: eight gates, three lanes →

Baseline Application & DevSecAIOps SecurityBack to the maturity read