SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Effective AI Red Teaming & Penetration Testing of GenAI Solutions

Penetration Testing | Artificial Intelligence

Need for Secure LLM Deployments 

As businesses increasingly integrate AI-powered Large Language Models (LLMs) into their operations via GenAI (Generative AI) solutions, ensuring the security of these systems is on the top of  everyone’s mind. "AI Red Teaming" (which is closer to Penetration Testing than a Red Team Assessment) is a methodology to identify vulnerabilities within GenAI deployments proactively.  By leveraging industry-recognized frameworks, we can help your organization verify that your LLM infrastructure and execution is done securely. 

Identifying Security Challenges in AI Integration 

The integration of AI technologies, particularly LLMs, into business operations presents unique security challenges that require creative Penetration Testing strategies. Inadequate assessments can lead to undetected vulnerabilities, potentially resulting in data breaches or malicious exploitation, jeopardizing both the integrity of AI systems and customer trust. 

Establishing Objectives for Effective GenAI Security 

Our objective is to provide a structured approach for organizations seeking to enhance their GenAI deployments' security through thorough Red Teaming/Penetration Testing while adhering to best practices set forth from reviewing prior real-world attacks against past GenAI and LLM implementations. 

Our Approach to Securing LLM Deployments 

  • AI Red Team / Penetration Testing: Tailoring penetration tests for LLM environments, identifying potential security gaps based on real-world vulnerabilities and misconfigurations impacting LLM deployments. 
  • OWASP Security Guidelines Compliance: Ensuring that our testing methodologies align with the updated OWASP Top 10 guidelines specific to LLM applications, focusing on potential risks such as prompt injection, data poisoning, or adversarial attacks. 
  • MITRE ATLAS Framework Integration: Leveraging MITRE's ATLAS framework for systematic vulnerability assessment of LLM deployments, integrating its attack graphs to simulate realistic Red Team scenarios and uncover complex security weaknesses. 
  • Customized Security Assessment Plan Development: Developing a bespoke plan that addresses your organization's specific LLM architecture, data handling processes, and operational context while incorporating relevant frameworks above. 

Methodology 

Our approach includes initial vulnerability assessment using the NIST AI RMF (Risk Management Framework), and the supporting profile document focused on GenAI (600-1), MITRE ATLAS attack graphs, followed by an AI Red Team/Penetration Test exercise focused on scenarios identified as high-risk. Our team will collaboratively develop strategies and simulate attacks to test LLM resilience effectively. 

Engagement Timing Breakdown (overall 1 – 2 weeks) 

Testing begins with an initial assessment that takes roughly 1-2 days, where our team gathers essential information about your LLM environment—including but not limited to architecture, data sources, algorithms, and API details. This is done through a detailed review of the current setup. 

Following this, we move into the "tailored threat scenario" stage, which typically lasts between another 1-2 days. This involves collecting and analyzing information related to your LLM system performance, security controls, risk factors, and any compliance or specific customer requirements. Then a plan of attack relevant to your implementation is developed. 

Over the remainder of the engagement, focus shifts from executing attacks against the LLM itself, and focuses on your infrastructure. It may even include the employees supporting it via social engineering attacks. 

Once testing is complete, a penetration test report outlining assessment findings and identified vulnerabilities is generated. Findings will be clear, actionable, include supporting screenshots, and steps to reproduce them. 

Leave with Clear Next Steps 

Finally, we offer the option to host a close-out call session lasting approximately one hour. This offers an opportunity to address your questions or concerns and provides you with detailed next steps for enhancing AI security and compliance that will guide stakeholder decision-making. 

Throughout the process, we're committed to delivering assessments within this framework while ensuring they are both thorough and actionable. This enables your organization to confidently navigate its AI compliance journey with a clear understanding of where you stand and what steps you can take for improvement. 

Advantages for Your Organization 

  • Strengthened Security Posture: Proactive identification and mitigation of vulnerabilities in your LLM deployments, aligned with leading industry standards. 
  • Compliance Assurance: Demonstrate adherence to the security guidelines mentioned prior through validated testing results, ensuring regulatory compliance (e.g.; EU's AI Act and GDPR) and reinforcing your customer's confidence.
  • Risk Reduction & Mitigation Strategies: Development of targeted strategies to address identified vulnerabilities, minimizing potential impacts on operations and reputation. 

Ready to start the discussion around assessing your specific GenAI implementation? Complete our pen test scoping questionnaire now and we'll be in touch within 24 hours!

About Josh Tomkiel

Josh Tomkiel is a Managing Director on Schellman’s Penetration Testing Team based in the Greater Philadelphia area with over a decade of experience within the Information Security field. He has a deep background in all facets of penetration testing and works closely with all of Schellman's service lines to ensure that any penetration testing requirements are met. Having been a penetration tester himself, he knows what it takes to have a successful assessment. Additionally, Josh understands the importance of a positive client experience and takes great care to ensure that expectations are not only met but exceeded.