MITRE ATLAS catalogs adversary tactics and techniques for AI-enabled systems. It is most useful for runtime threat modeling, incident analysis, control mapping, red-team planning, and identifying places where prompt-level policy is insufficient.
At a glance
- Organization
- MITRE
- Runtime role
- Adversary knowledge base
- Category
- Security and Governance
- Official documentation
- Visit official documentation opens in a new tab
Where it fits in the runtime stack
Cross-layer security: threat modeling and adversary behavior around models, tools, data, and deployment environments.
Primary runtime role
Use ATLAS when turning adversarial AI scenarios into runtime test cases, detection logic, and incident response playbooks.
Not the same as
ATLAS is not an enforcement mechanism and does not replace runtime authorization, sandboxing, or audit controls.
Integration notes
- Map tactics and techniques to runtime surfaces: prompt input, tool calls, model artifacts, context stores, and telemetry.
- Use incident scenarios to test whether traces preserve enough evidence for investigation.
- Keep control mappings updated when adding new tools, models, or memory paths.
Questions before production use
- Which AI-specific attack techniques are credible for this deployment?
- What runtime evidence would prove or disprove a suspected technique?
- Which controls are preventative, detective, or responsive?
Review and deprecation posture
This profile is reviewed as part of the aRuntime.com quarterly resource audit. If the official documentation moves, the project is archived, or the resource changes scope, this page should be updated with a dated status note rather than silently removed.
Sources and further reading
- MITRE ATLAS opens in a new tab — MITRE; official knowledge base; accessed 2026-06-20 UTC.
Last reviewed: .