AI Exposure
Assessment
Comprehensive AI security assessment — deterministic analysis, adversarial testing, and evidence-grade compliance outputs for internal AI applications.
Educational notice: This page describes a professional assessment service. The scope, depth, and deliverables are customized to each engagement based on your architecture, data types, regulatory environment, and risk tolerance. Contact Subodh KC to discuss your specific needs.
Synopsis
The HAIEC AI Exposure Assessment is a structured security evaluation of your internal AI application — covering prompt injection, RAG poisoning, tool abuse, authentication bypass, tenant isolation, and compliance documentation. Unlike generic security scans, HAIEC performs deterministic analysis of the AI-specific attack surface: prompts, tool definitions, retrieval pipelines, MCP servers, and model-driven authorization decisions. The output is evidence-grade documentation suitable for TRAIGA, EU AI Act, NIST AI RMF, and NYC LL 144 compliance.
What the Assessment Covers
Six core assessment areas, each with deterministic analysis and adversarial testing.
Prompt Injection Analysis
RAG Poisoning Detection
Tool Abuse & Permission Analysis
Authentication & Authorization Review
Tenant Isolation Testing
Evidence-Grade Compliance Output
Assessment Process
A structured six-phase process from scope to evidence.
Scope & Intake
Define the AI application boundary, data sources, tool integrations, user populations, and regulatory obligations. Identify critical assets and sensitive data flows.
Architecture Review
Map the complete architecture: interface, application logic, AI services, retrieval, tools, MCP servers, enterprise systems, and controls. Identify trust boundaries.
Deterministic Analysis
Automated static analysis of prompts, tool definitions, RAG configurations, authorization logic, caching patterns, and MCP server definitions for security weaknesses.
Adversarial Testing
Runtime testing with prompt injection, RAG poisoning, tool abuse, auth bypass, and cross-tenant access attempts. Tests both successful and failed attacks.
Risk Classification
Each finding is classified by severity, likelihood, and blast radius. Mapped to the AI risk register with recommended controls, owners, and remediation timeline.
Evidence & Reporting
Full evidence package: test results, attack transcripts, control gaps, remediation roadmap, and compliance-aligned documentation for regulators and auditors.
What Makes HAIEC Different
Generic security scans check for known vulnerabilities. HAIEC analyzes the AI-specific attack surface that traditional tools cannot see.
Deterministic, not probabilistic
Adversarial runtime testing
Evidence-grade outputs
Multi-framework compliance mapping
What You Receive
Every HAIEC AI Exposure Assessment includes these deliverables.
Architecture & Trust Boundary Map
A visual map of your AI application architecture showing all trust boundaries, data flows, tool integrations, MCP servers, and control points.
Findings Report
Each finding classified by severity, likelihood, and blast radius — with the attack transcript, control gap, and specific remediation recommendation.
Risk Register Integration
Findings pre-formatted for direct import into the AI risk register, with owners, controls, and remediation timeline.
Compliance Mapping
Cross-reference of each finding to applicable regulatory requirements under TRAIGA, EU AI Act, NIST AI RMF, NYC LL 144, HIPAA, and GDPR.
Remediation Roadmap
Prioritized remediation plan with P0/P1/P2 classification, estimated effort, and dependency mapping.
Evidence Package
All test results, attack transcripts, and analysis artifacts preserved in a structured format suitable for audit, regulatory inquiry, or litigation.
When to get an assessment: Before production launch, after significant architecture changes, when adding MCP integrations, when expanding to new data sources, after a security incident, or when preparing for regulatory audit.
Free AI Exposure Assessment Preview
FAQ
How long does an AI Exposure Assessment take?⌄
A typical assessment takes 2–4 weeks depending on the complexity of the application, the number of integrations (MCP servers, tools, data sources), and the regulatory frameworks in scope. Phase 1 (scope and intake) takes 2–3 days, phases 2–4 (analysis and testing) take 1–2 weeks, and phases 5–6 (classification and reporting) take 3–5 days.
Do you need access to our source code?⌄
Yes, for deterministic analysis. HAIEC performs static analysis on prompts, tool definitions, RAG configurations, authorization logic, and MCP server definitions. Source code access can be arranged through a mutual NDA with read-only access to a specific repository or branch. For runtime adversarial testing, we need access to a staging or test environment that mirrors production.
Can the assessment be done without exposing production data?⌄
Yes. Adversarial testing is performed against a staging or test environment with synthetic or anonymized data. HAIEC does not need access to real PHI, PII, or confidential business data. The assessment evaluates the architecture and controls — not your actual data.
How is this different from a penetration test?⌄
A traditional penetration test focuses on network, infrastructure, and web application vulnerabilities. HAIEC focuses on the AI-specific attack surface: prompt injection, RAG poisoning, tool abuse, model-driven authorization bypass, MCP supply-chain risks, and cross-tenant data leakage through vector search and caching. These are vulnerabilities that traditional pentesting tools and methodologies do not cover.
What if we have multiple AI applications?⌄
HAIEC can assess multiple applications in a single engagement. Each application gets its own findings report, risk register entries, and compliance mapping. A portfolio-level summary is provided showing aggregate risk across all assessed applications, prioritized by blast radius.