MITRE ATLAS MAPPING
Authentic ATLAS coverage, technique by technique.
RAIDER's catalog uses real MITRE ATLAS identifiers — AML.T* techniques under authentic AML.TA* tactics, with AML.M* mitigations and OWASP LLM Top 10 cross-references. Below is the full set of 27 techniques and how each is exercised.
Coverage legend.
auto executed via the LLM-chat / attacker-judge path ·
engine a Phase 1 probe engine (artifact scan · recon · RAG poison) ·
assessment checklist / evidence review (Phase 2+). All identifiers are authentic — cross-check at
atlas.mitre.org.
Reconnaissance · AML.TA0002
| Technique | Name | Coverage | OWASP |
AML.T0006 | Active Scanning | recon | — |
Resource Development · AML.TA0003
| Technique | Name | Coverage | OWASP |
AML.T0010.002 | AI Supply Chain Compromise: Data | artifact scan | LLM03 |
AML.T0010.003 | AI Supply Chain Compromise: Model | artifact scan | LLM03 |
Initial Access · AML.TA0004
| Technique | Name | Coverage | OWASP |
AML.T0051.000 | LLM Prompt Injection: Direct | auto | LLM01 |
AML.T0051.001 | LLM Prompt Injection: Indirect | auto | LLM01 |
AML.T0052 | Phishing | assessment | — |
Execution · AML.TA0005
| Technique | Name | Coverage | OWASP |
AML.T0053 | AI Agent Tool Invocation | auto | LLM06 |
AML.T0011.000 | User Execution: Unsafe AI Artifacts | artifact scan | LLM03 |
Persistence · AML.TA0006
| Technique | Name | Coverage | OWASP |
AML.T0070 | RAG Poisoning | RAG poison | LLM08 |
AML.T0020 | Poison Training Data | assessment | LLM04 |
AML.T0018.000 | Manipulate AI Model: Poison AI Model | assessment | LLM04 |
Privilege Escalation · AML.TA0012
| Technique | Name | Coverage | OWASP |
AML.T0054 | LLM Jailbreak | auto | LLM01 |
Defense Evasion · AML.TA0007
| Technique | Name | Coverage | OWASP |
AML.T0068 | LLM Prompt Obfuscation | auto | LLM01 |
AML.T0015 | Evade AI Model | assessment | — |
Discovery · AML.TA0008
| Technique | Name | Coverage | OWASP |
AML.T0056 | Extract LLM System Prompt | auto | LLM07 |
AML.T0069 | Discover LLM System Information | auto | LLM07 |
AML.T0062 | Discover LLM Hallucinations | auto | LLM09 |
AML.T0007 | Discover AI Artifacts | recon | — |
AI Attack Staging · AML.TA0001
| Technique | Name | Coverage | OWASP |
AML.T0043 | Craft Adversarial Data | assessment | — |
Exfiltration · AML.TA0010
| Technique | Name | Coverage | OWASP |
AML.T0057 | LLM Data Leakage | auto | LLM02 |
AML.T0024.000 | Exfiltration via AI Inference API: Infer Training Data Membership | assessment | LLM02 |
AML.T0024.001 | Exfiltration via AI Inference API: Invert AI Model | assessment | LLM02 |
AML.T0024.002 | Exfiltration via AI Inference API: Extract AI Model | assessment | LLM02 |
Impact · AML.TA0011
| Technique | Name | Coverage | OWASP |
AML.T0048 | External Harms | auto | LLM05, LLM09 |
AML.T0061 | LLM Prompt Self-Replication | auto | LLM01 |
AML.T0034.001 | Cost Harvesting: Resource-Intensive Queries | auto | LLM10 |
AML.T0029 | Denial of AI Service | auto | LLM10 |
Every finding carries its ATLAS technique, tactic, and mitigation IDs plus OWASP references into the chain-of-evidence report. See the Documentation and API reference, or request a demo.