Segmentation of AI Agent Components - AI Mitigation
AI MitigationDefine security boundaries around agentic tools and data sources with methods such as API access, container isolation, code execution sandboxing, and rate limiting of tool invocation. When sandboxing, limit resource and network access and build the container or virtual machine from a clean base image before each run. This restricts untrusted processes or potential compromises from spreading throughout the system.
Overview
A source-backed snapshot of this defense.
Safeguard details
Where this defense applies and how the source classifies it.
- ATLAS ID
- AML.M0032
- Priority score
- 30
Covered techniques
Attacks this defense is designed to help with.
AML.T0098 - AI Agent Tool Credential Harvesting
Segmentation can prevent adversaries from utilizing tools in an agentic workflow to harvest credentials.
AML.T0053 - AI Agent Tool Invocation
Segmentation can prevent adversaries from utilizing tools in an agentic workflow to perform unsafe actions that affect other components.
AML.T0085.001 - AI Agent Tools
Segmentation can prevent adversaries from utilizing tools in an agentic workflow to collect sensitive data.
AML.T0085 - Data from AI Services
Segmentation can prevent adversaries from utilizing tools in an agentic workflow to collect sensitive data from AI services.
Showing 4 of 6
Source evidence
Original public records and references for this page.
Original source
Original source links
Open the public records and source datasets used for this page.
