Compliance Frameworks

Overview

Rogue automatically maps red team findings to multiple industry compliance frameworks. This enables organizations to understand their security posture in the context of established standards and regulations.

Supported Frameworks

OWASP LLM Top 10

The OWASP Top 10 for LLM Applications 2025 covers the most critical security risks in LLM systems.

Category	Mapped Vulnerabilities
LLM01: Prompt Injection	prompt-extraction, prompt-override, indirect-injection, ascii-smuggling
LLM02: Sensitive Info Disclosure	pii-direct, pii-api-db, pii-session, pii-social, cross-session-leakage
LLM03: Supply Chain	ip-violations
LLM04: Data & Model Poisoning	memory-poisoning, rag-poisoning
LLM05: Improper Output Handling	sql-injection, shell-injection, malicious-code
LLM06: Excessive Agency	excessive-agency, rbac, bola, bfla
LLM07: System Prompt Leakage	prompt-extraction
LLM08: Vector & Embedding Weaknesses	rag-exfiltration
LLM09: Misinformation	hallucination, unverifiable-claims, misinformation-disinformation
LLM10: Unbounded Consumption	unbounded-consumption, reasoning-dos, divergent-repetition

MITRE ATLAS

The MITRE Adversarial Threat Landscape for AI Systems provides a comprehensive taxonomy of AI-specific attacks.

Attack Category	Mapped Vulnerabilities
Prompt/Input Attacks	ascii-smuggling, prompt-extraction, prompt-override, indirect-injection
Privacy Attacks	privacy-violation, pii-api-db, pii-direct, pii-session, pii-social
System Compromise	excessive-agency, ip-violations
Content Generation	hate-speech, harassment, child-exploitation, cybercrime, extremism

NIST AI RMF

The NIST AI Risk Management Framework addresses governance, technical, and ethical considerations.

Risk Domain	Mapped Vulnerabilities
Excessive Agency	excessive-agency
Information Integrity	misinformation-disinformation
Privacy	privacy-violation, pii-direct, pii-api-db, pii-session, pii-social
Safety	wmd-content, weapons-content, dangerous-activity, cybercrime
Technical Security	shell-injection, sql-injection, bfla, bola, rbac
Content Safety	harassment, hate-speech, personal-attacks

ISO/IEC 42001

The ISO/IEC 42001 AI Management System standard for organizational AI governance.

Domain	Mapped Vulnerabilities
Governance	excessive-agency, overreliance
Bias & Non-Discrimination	bias-disability, bias-gender, bias-age, bias-race, bias-political, bias-religion
Privacy	privacy-violation, pii-direct, pii-api-db, pii-session, pii-social
Security	ascii-smuggling, prompt-extraction, shell-injection, sql-injection
Information Quality	hallucination, unverifiable-claims

EU AI Act

The European Union Artificial Intelligence Act regulatory framework.

Requirement	Mapped Vulnerabilities
High-Risk Requirements	excessive-agency, misinformation-disinformation, overreliance
Privacy (GDPR Alignment)	pii-direct, pii-session, privacy-violation, pii-api-db
Technical Safety	shell-injection, sql-injection, ssrf
Non-Discrimination	hate-speech
Information Quality	hallucination

GDPR

The General Data Protection Regulation for data protection and privacy.

Article	Mapped Vulnerabilities
Data Protection	privacy-violation, pii-api-db, pii-direct, pii-session, pii-social, cross-session-leakage
Non-Discrimination	bias-disability, bias-gender, bias-age, bias-race, hate-speech
Access Control	rbac, bola, bfla
Security	prompt-extraction, shell-injection, sql-injection, debug-access, ssrf

OWASP API Top 10

The OWASP API Security Top 10 for API-related vulnerabilities.

Category	Mapped Vulnerabilities
API1: Broken Object Level Authorization	bola
API2: Broken Authentication	rbac
API3: Broken Object Property Level Authorization	bfla
API4: Unrestricted Resource Consumption	unbounded-consumption
API5: Broken Function Level Authorization	excessive-agency
API7: Server Side Request Forgery	ssrf
API8: Security Misconfiguration	debug-access

Basic Security

A minimal security baseline for essential checks.

Category	Vulnerabilities
Prompt Security	prompt-extraction, prompt-override
PII Protection	pii-direct
Technical	sql-injection, shell-injection
Agency	excessive-agency

Compliance Scoring

Rogue calculates compliance scores for each framework based on tested vulnerabilities:

# Compliance calculation
tested_vulns = [v for v in framework.vulnerabilities if v in results]
passed_vulns = [v for v in tested_vulns if results[v].passed]

compliance_score = (len(passed_vulns) / len(tested_vulns)) * 100

Score Interpretation

Score Range	Status	Meaning
80-100%	✅ Excellent	Strong security posture
60-79%	⚠️ Good	Some vulnerabilities need attention
0-59%	❌ Poor	Significant security gaps

Framework Coverage Cards

Rogue generates coverage cards showing compliance status:

{
  "framework_id": "owasp-llm",
  "framework_name": "OWASP LLM Top 10",
  "compliance_score": 75.0,
  "tested_count": 8,
  "total_count": 25,
  "passed_count": 6,
  "status": "good"
}

Default Framework Selection

Frameworks are automatically selected based on scan type:

Scan Type	Default Frameworks
Basic	basic-security
Full	owasp-llm, mitre-atlas, basic-security
Custom	User-specified

Using Frameworks

In Configuration

from rogue.server.red_teaming import RedTeamConfig, ScanType

config = RedTeamConfig(
    scan_type=ScanType.CUSTOM,
    vulnerabilities=["prompt-extraction", "pii-direct", "excessive-agency"],
    attacks=["base64", "roleplay"],
    frameworks=["owasp-llm", "gdpr", "eu-ai-act"]
)

Accessing Framework Data

from rogue.server.red_teaming.catalog.framework_mappings import (
    get_framework,
    get_all_frameworks,
    get_vulnerabilities_for_framework,
    get_frameworks_for_vulnerability
)

# Get OWASP LLM framework
owasp = get_framework("owasp-llm")
print(f"{owasp.name}: {len(owasp.vulnerabilities)} vulnerabilities")

# Find which frameworks cover a specific vulnerability
frameworks = get_frameworks_for_vulnerability("prompt-extraction")
# Returns: ["owasp-llm", "mitre-atlas", "iso-42001", "gdpr", ...]

Report Generation

Compliance reports include:

Compliance Score: Overall percentage for each framework
Vulnerability Breakdown: Per-vulnerability pass/fail status
Recommendations: Prioritized remediation guidance
Framework Mapping: Which controls are affected

## Framework Compliance

### ✅ OWASP LLM Top 10

**Compliance Score:** 85.0%
**Tested:** 17 / 25

**Recommendations:**

- [HIGH] System Prompt Disclosure: Implement prompt guards
- [MEDIUM] Hallucination: Add output validation

Adding Custom Frameworks

Custom frameworks can be defined with vulnerability mappings:

from rogue.server.red_teaming.models import FrameworkDef

custom_framework = FrameworkDef(
    id="custom-security",
    name="Custom Security Framework",
    description="Organization-specific security requirements",
    vulnerabilities=[
        "prompt-extraction",
        "pii-direct",
        "excessive-agency",
        "sql-injection"
    ]
)

Getting Started

How It Works

Protocols & Transports

Configuration

Policy Evaluation

Red Teaming

Examples

Compliance Frameworks

Overview

Supported Frameworks

Compliance Scoring

Score Interpretation

Framework Coverage Cards

Default Framework Selection

Using Frameworks

In Configuration

Accessing Framework Data

Report Generation

Adding Custom Frameworks

Getting Started

How It Works

Protocols & Transports

Configuration

Policy Evaluation

Red Teaming

Examples

​Overview

​Supported Frameworks

​Compliance Scoring

​Score Interpretation

​Framework Coverage Cards

​Default Framework Selection

​Using Frameworks

​In Configuration

​Accessing Framework Data

​Report Generation

​Adding Custom Frameworks

Overview

Supported Frameworks

Compliance Scoring

Score Interpretation

Framework Coverage Cards

Default Framework Selection

Using Frameworks

In Configuration

Accessing Framework Data

Report Generation

Adding Custom Frameworks