Skip to content

Methodology and Sources

This book is curated from public sources, research papers, standards, and documented incidents. The goal is to provide a practical, security-first reference for teams building or defending AI systems.

Selection Criteria

  • Relevance to LLMs, agents, MCP, or AI security engineering
  • Practicality of the attack or defense technique
  • Public documentation (papers, talks, standards, or incident reports)

Incident Mapping

Incidents are mapped to the closest OWASP entry based on the primary root cause and the most direct mitigations.

Sources

Authoritative sources are prioritized:

  • OWASP project pages and Top 10 lists
  • NIST AI RMF and GenAI Profile
  • MITRE ATLAS techniques and case studies
  • Peer‑reviewed papers and arXiv preprints