OWASP Artificial Intelligence Security Verification Standard AISVS Docs
The AI Security Verification Standard (AISVS) provides developers, architects, testers, and security professionals with a structured checklist for reviewing the security and safety posture of AI-enabled systems. Modeled after OWASP verification standards such as ASVS, AISVS is being developed as a practical set of requirements covering:
- Training Data Governance & Bias Management
- User Input Validation
- Model Lifecycle Management & Change Control
- Infrastructure, Configuration & Deployment Security
- Access Control & Identity
- Supply Chain Security for Models, Frameworks & Data
- Model Behavior, Output Control & Safety Assurance
- Memory, Embeddings & Vector Database Security
- Autonomous Orchestration & Agentic Action Security
- MCP Security
- Adversarial Robustness & Attack Resistance
- Privacy Protection & Personal Data Management
- Monitoring, Logging & Anomaly Detection
- Human Oversight and Trust
Road Map
This site is the public documentation wrapper for the main OWASP/AISVS content repository.
| Phase | Status | Focus |
|---|---|---|
| Phase 1: Research and Category List Creation | Done | Establish the research base and define the AISVS category structure. |
| Phase 2: Requirement Creation | Current Phase | Create requirements for each category and refine them with community, partner, and subject matter expert input. |
| Phase 3: Beta Release and Pilot Testing | Planned | Release a beta version of AISVS and gather feedback from early adopters using it on real-world AI applications. |
| Phase 4: Final 1.0 Release | Planned | Incorporate pilot feedback and publish Version 1.0 with full documentation and a lightweight checklist. |
| Phase 5: Continuous Improvement | Ongoing | Maintain AISVS as an open source project and update it to address emerging threats, new AI approaches, and regulatory change. |
Example
Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.