> ## Documentation Index
> Fetch the complete documentation index at: https://docs.qualifire.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Compliance Frameworks

> Map security findings to industry standards like OWASP, MITRE, NIST, and more

## Overview

Rogue automatically maps red team findings to multiple industry compliance frameworks. This enables organizations to understand their security posture in the context of established standards and regulations.

## Supported Frameworks

<AccordionGroup>
  <Accordion title="OWASP LLM Top 10" icon="shield-check">
    The **OWASP Top 10 for LLM Applications 2025** covers the most critical security risks in LLM systems.

    | Category                                 | Mapped Vulnerabilities                                                  |
    | ---------------------------------------- | ----------------------------------------------------------------------- |
    | **LLM01: Prompt Injection**              | prompt-extraction, prompt-override, indirect-injection, ascii-smuggling |
    | **LLM02: Sensitive Info Disclosure**     | pii-direct, pii-api-db, pii-session, pii-social, cross-session-leakage  |
    | **LLM03: Supply Chain**                  | ip-violations                                                           |
    | **LLM04: Data & Model Poisoning**        | memory-poisoning, rag-poisoning                                         |
    | **LLM05: Improper Output Handling**      | sql-injection, shell-injection, malicious-code                          |
    | **LLM06: Excessive Agency**              | excessive-agency, rbac, bola, bfla                                      |
    | **LLM07: System Prompt Leakage**         | prompt-extraction                                                       |
    | **LLM08: Vector & Embedding Weaknesses** | rag-exfiltration                                                        |
    | **LLM09: Misinformation**                | hallucination, unverifiable-claims, misinformation-disinformation       |
    | **LLM10: Unbounded Consumption**         | unbounded-consumption, reasoning-dos, divergent-repetition              |
  </Accordion>

  <Accordion title="MITRE ATLAS" icon="globe">
    The **MITRE Adversarial Threat Landscape for AI Systems** provides a comprehensive taxonomy of AI-specific attacks.

    | Attack Category          | Mapped Vulnerabilities                                                  |
    | ------------------------ | ----------------------------------------------------------------------- |
    | **Prompt/Input Attacks** | ascii-smuggling, prompt-extraction, prompt-override, indirect-injection |
    | **Privacy Attacks**      | privacy-violation, pii-api-db, pii-direct, pii-session, pii-social      |
    | **System Compromise**    | excessive-agency, ip-violations                                         |
    | **Content Generation**   | hate-speech, harassment, child-exploitation, cybercrime, extremism      |
  </Accordion>

  <Accordion title="NIST AI RMF" icon="gavel">
    The **NIST AI Risk Management Framework** addresses governance, technical, and ethical considerations.

    | Risk Domain               | Mapped Vulnerabilities                                             |
    | ------------------------- | ------------------------------------------------------------------ |
    | **Excessive Agency**      | excessive-agency                                                   |
    | **Information Integrity** | misinformation-disinformation                                      |
    | **Privacy**               | privacy-violation, pii-direct, pii-api-db, pii-session, pii-social |
    | **Safety**                | wmd-content, weapons-content, dangerous-activity, cybercrime       |
    | **Technical Security**    | shell-injection, sql-injection, bfla, bola, rbac                   |
    | **Content Safety**        | harassment, hate-speech, personal-attacks                          |
  </Accordion>

  <Accordion title="ISO/IEC 42001" icon="certificate">
    The **ISO/IEC 42001 AI Management System** standard for organizational AI governance.

    | Domain                        | Mapped Vulnerabilities                                                           |
    | ----------------------------- | -------------------------------------------------------------------------------- |
    | **Governance**                | excessive-agency, overreliance                                                   |
    | **Bias & Non-Discrimination** | bias-disability, bias-gender, bias-age, bias-race, bias-political, bias-religion |
    | **Privacy**                   | privacy-violation, pii-direct, pii-api-db, pii-session, pii-social               |
    | **Security**                  | ascii-smuggling, prompt-extraction, shell-injection, sql-injection               |
    | **Information Quality**       | hallucination, unverifiable-claims                                               |
  </Accordion>

  <Accordion title="EU AI Act" icon="flag">
    The **European Union Artificial Intelligence Act** regulatory framework.

    | Requirement                  | Mapped Vulnerabilities                                        |
    | ---------------------------- | ------------------------------------------------------------- |
    | **High-Risk Requirements**   | excessive-agency, misinformation-disinformation, overreliance |
    | **Privacy (GDPR Alignment)** | pii-direct, pii-session, privacy-violation, pii-api-db        |
    | **Technical Safety**         | shell-injection, sql-injection, ssrf                          |
    | **Non-Discrimination**       | hate-speech                                                   |
    | **Information Quality**      | hallucination                                                 |
  </Accordion>

  <Accordion title="GDPR" icon="lock">
    The **General Data Protection Regulation** for data protection and privacy.

    | Article                | Mapped Vulnerabilities                                                                    |
    | ---------------------- | ----------------------------------------------------------------------------------------- |
    | **Data Protection**    | privacy-violation, pii-api-db, pii-direct, pii-session, pii-social, cross-session-leakage |
    | **Non-Discrimination** | bias-disability, bias-gender, bias-age, bias-race, hate-speech                            |
    | **Access Control**     | rbac, bola, bfla                                                                          |
    | **Security**           | prompt-extraction, shell-injection, sql-injection, debug-access, ssrf                     |
  </Accordion>

  <Accordion title="OWASP API Top 10" icon="code">
    The **OWASP API Security Top 10** for API-related vulnerabilities.

    | Category                                             | Mapped Vulnerabilities |
    | ---------------------------------------------------- | ---------------------- |
    | **API1: Broken Object Level Authorization**          | bola                   |
    | **API2: Broken Authentication**                      | rbac                   |
    | **API3: Broken Object Property Level Authorization** | bfla                   |
    | **API4: Unrestricted Resource Consumption**          | unbounded-consumption  |
    | **API5: Broken Function Level Authorization**        | excessive-agency       |
    | **API7: Server Side Request Forgery**                | ssrf                   |
    | **API8: Security Misconfiguration**                  | debug-access           |
  </Accordion>

  <Accordion title="Basic Security" icon="shield">
    A minimal security baseline for essential checks.

    | Category            | Vulnerabilities                    |
    | ------------------- | ---------------------------------- |
    | **Prompt Security** | prompt-extraction, prompt-override |
    | **PII Protection**  | pii-direct                         |
    | **Technical**       | sql-injection, shell-injection     |
    | **Agency**          | excessive-agency                   |
  </Accordion>
</AccordionGroup>

## Compliance Scoring

Rogue calculates compliance scores for each framework based on tested vulnerabilities:

```python theme={null}
# Compliance calculation
tested_vulns = [v for v in framework.vulnerabilities if v in results]
passed_vulns = [v for v in tested_vulns if results[v].passed]

compliance_score = (len(passed_vulns) / len(tested_vulns)) * 100
```

### Score Interpretation

| Score Range | Status      | Meaning                             |
| ----------- | ----------- | ----------------------------------- |
| 80-100%     | ✅ Excellent | Strong security posture             |
| 60-79%      | ⚠️ Good     | Some vulnerabilities need attention |
| 0-59%       | ❌ Poor      | Significant security gaps           |

## Framework Coverage Cards

Rogue generates coverage cards showing compliance status:

```json theme={null}
{
  "framework_id": "owasp-llm",
  "framework_name": "OWASP LLM Top 10",
  "compliance_score": 75.0,
  "tested_count": 8,
  "total_count": 25,
  "passed_count": 6,
  "status": "good"
}
```

## Default Framework Selection

Frameworks are automatically selected based on scan type:

| Scan Type | Default Frameworks                     |
| --------- | -------------------------------------- |
| Basic     | basic-security                         |
| Full      | owasp-llm, mitre-atlas, basic-security |
| Custom    | User-specified                         |

## Using Frameworks

### In Configuration

```python theme={null}
from rogue.server.red_teaming import RedTeamConfig, ScanType

config = RedTeamConfig(
    scan_type=ScanType.CUSTOM,
    vulnerabilities=["prompt-extraction", "pii-direct", "excessive-agency"],
    attacks=["base64", "roleplay"],
    frameworks=["owasp-llm", "gdpr", "eu-ai-act"]
)
```

### Accessing Framework Data

```python theme={null}
from rogue.server.red_teaming.catalog.framework_mappings import (
    get_framework,
    get_all_frameworks,
    get_vulnerabilities_for_framework,
    get_frameworks_for_vulnerability
)

# Get OWASP LLM framework
owasp = get_framework("owasp-llm")
print(f"{owasp.name}: {len(owasp.vulnerabilities)} vulnerabilities")

# Find which frameworks cover a specific vulnerability
frameworks = get_frameworks_for_vulnerability("prompt-extraction")
# Returns: ["owasp-llm", "mitre-atlas", "iso-42001", "gdpr", ...]
```

## Report Generation

Compliance reports include:

1. **Compliance Score**: Overall percentage for each framework
2. **Vulnerability Breakdown**: Per-vulnerability pass/fail status
3. **Recommendations**: Prioritized remediation guidance
4. **Framework Mapping**: Which controls are affected

```markdown theme={null}
## Framework Compliance

### ✅ OWASP LLM Top 10

**Compliance Score:** 85.0%
**Tested:** 17 / 25

**Recommendations:**

- [HIGH] System Prompt Disclosure: Implement prompt guards
- [MEDIUM] Hallucination: Add output validation
```

## Adding Custom Frameworks

Custom frameworks can be defined with vulnerability mappings:

```python theme={null}
from rogue.server.red_teaming.models import FrameworkDef

custom_framework = FrameworkDef(
    id="custom-security",
    name="Custom Security Framework",
    description="Organization-specific security requirements",
    vulnerabilities=[
        "prompt-extraction",
        "pii-direct",
        "excessive-agency",
        "sql-injection"
    ]
)
```
