← All controls
SEC
Security
Operational controls for security — with maturity levels, evidence requirements, and implementation guidance.
3 controls matching filters
SEC-001
Agentmedium
Prompt Injection Prevention
Detect and block adversarial inputs designed to override AI system instructions, extract sensitive information, or cause the model to behave in unintended ways.
SEC-002
Agentmedium
AI System Access Controls
Apply authentication, authorization, and role-based access controls to AI systems, APIs, and the sensitive data they process.
SEC-003
Agentmedium
Sensitive Data Handling in AI Pipelines
Prevent personally identifiable information, credentials, health data, and other sensitive content from entering AI models, prompts, or logs inappropriately.