AI Security Glossary

The practice of finding, validating, and reducing risks created by AI models, agents, prompts, tools, data pipelines, and model supply chains.

An attack pattern where instructions hidden in user input, tools, files, or retrieved content override the intended behavior of an AI system.

Controls for AI systems that can plan, call tools, browse data, trigger workflows, or act across systems where autonomy increases blast radius.

The process of discovering, validating, reporting, and tracking software vulnerabilities through coordinated disclosure and public identifiers.

Automated vulnerability discovery that feeds many generated or mutated inputs into software to expose crashes, memory errors, and logic failures.

A validation step where suspected memory-safety bugs are reproduced under AddressSanitizer with normal-input controls and malicious-input crash evidence.

A structured review of smart contracts, bridge logic, account abstraction flows, and economic assumptions before or after on-chain deployment.

Security analysis of protocols that move messages or assets across chains, where validator logic, signatures, replay handling, and liquidity design intersect.

Threat-intelligence work that maps long-running attacker behavior, infrastructure, malware, objectives, and tactics to actionable defensive decisions.

Investigation of ransomware tooling, initial access, lateral movement, encryption behavior, infrastructure, and recovery signals for defense planning.

The practice of inspecting binaries, mobile apps, protocols, or obfuscated code to recover behavior, identify weaknesses, and validate security controls.

A mobile testing technique that uses runtime instrumentation to inspect or bypass TLS validation paths during authorized application security research.