Skip to main content

Introduction

The DeepTeam Frameworks define structured methodologies for AI red teaming and risk assessment. Each framework maps to a recognized safety or security standard, helping you test your model's robustness against real-world adversarial behavior, dataset risks, and system vulnerabilities.

DeepTeam supports multiple frameworks — from dataset-based testing (BeaverTails, Aegis) to security and governance standards (MITRE ATLAS, NIST AI RMF, OWASP Top 10 for LLMs).

Available Frameworks

Here are the list of frameworks available in deepteam:

OWASP Top 10

OWASP Top 10 for Agents 2026

The OWASP Top 10 for Agentic Applications (ASI) identifies the most critical security risks introduced by autonomous and semi-autonomous AI agents. It focuses on failures arising from goal misalignment, tool misuse, delegated trust, inter-agent communication, persistent memory, and emergent autonomous behavior.

  • Tests for goal hijacking, tool misuse, identity abuse, memory poisoning, and rogue agents
  • Simulates cascading failures and inter-agent communication vulnerabilities
  • Ideal for multi-agent systems, tool-using agents, and autonomous AI applications
from deepteam.frameworks import OWASP_ASI_2026
owasp_asi = OWASP_ASI_2026(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=owasp_asi
)

Learn more about OWASP Top 10 for Agents 2026

OWASP Top 10 for LLMs 2025

The OWASP Top 10 for LLMs framework identifies the most critical security risks in LLM applications. It reflects the 2025 OWASP edition, covering vulnerabilities in RAG systems, agents, and model integrations.

  • Tests for prompt injection, system prompt leakage, vector weaknesses, and more
  • Simulates real-world exploit attempts and harmful outputs
  • Ideal for application-level AI security assessments
from deepteam.frameworks import OWASPTop10
owasp = OWASPTop10(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=owasp
)

Learn more about OWASP Top 10 for LLMs

NIST AI RMF

The NIST AI Risk Management Framework (RMF) provides a structured approach to identifying, managing, and mitigating AI risks. It focuses on trustworthiness, robustness, and accountability — aligning LLM behavior with regulatory and ethical standards.

  • Tests safety, fairness, and robustness dimensions
  • Suitable for compliance-driven AI governance workflows
from deepteam.frameworks import NIST
nist = NIST(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=nist
)

Learn more about NIST AI RMF

MITRE ATLAS

The MITRE ATLAS framework integrates the MITRE ATLAS knowledge base, focusing on adversarial tactics and techniques used against AI systems.
It evaluates system resilience across attack phases like Reconnaissance, Resource Development, Initial Access, and Impact.

  • Tests adversarial behavior patterns from the ATLAS taxonomy
  • Detects vulnerabilities such as prompt injection, data poisoning, and exfiltration
  • Ideal for AI security simulation and penetration testing
from deepteam.frameworks import MITREATLAS
from deepteam import red_team
from somewhere import your_model_callback

atlas = MITREATLAS(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=atlas
)

Learn more about MITRE ATLAS

EU AI Act

The EU Artificial Intelligence Act (Regulation (EU) 2024/1689) is the world's first comprehensive legal framework for AI. DeepTeam's EU AI Act module operationalises Article 5 prohibited practices and Annex III high-risk use cases so you can red-team against the obligations regulators actually check.

  • Tests Article 5 prohibited practices — subliminal manipulation, exploitation of vulnerable groups, social scoring, biometric categorisation, and remote biometric identification
  • Tests Annex III high-risk use cases — critical infrastructure, education, employment, essential services, law enforcement, migration, and justice/democracy
  • Ideal for EU-market AI compliance, regulatory risk assessments, and fundamental-rights impact assessments
from deepteam.frameworks import EUAIAct
eu_ai_act = EUAIAct()

risk = red_team(
    model_callback=your_model_callback,
    framework=eu_ai_act
)

Learn more about EU AI Act

BeaverTails

The BeaverTails framework integrates the PKU BeaverTails dataset — a large, human-labeled dataset of harmful and borderline prompts. It performs dataset-driven red teaming, surfacing model weaknesses across categories like abuse, misinformation, and privacy violations.

  • Uses real-world harmful prompts instead of synthetic generation
  • Validates content safety and refusal behavior
from deepteam.frameworks import BeaverTails
beaver = BeaverTails(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=beaver
)

Learn more about BeaverTails

Aegis

The Aegis framework integrates the NVIDIA Aegis AI Content Safety Dataset, which follows NVIDIA's content safety taxonomy across 13 harm categories. It provides a comprehensive safety evaluation using real human-labeled harmful content.

  • Tests for harmful user messages across multiple safety dimensions
  • Useful for evaluating model robustness under real-world safety challenges
from deepteam.frameworks import Aegis
aegis = Aegis(num_attacks=10)

risk = red_team(
    model_callback=your_model_callback,
    framework=aegis
)

Learn more about Aegis

tip

You can customize and add more attacks and vulnerabilities to already existing frameworks to specialise red-teaming to your LLM's use case.

Confident AI
Try DeepTeam on Confident AI Enterprise
Run red teaming assessments against safety frameworks, view risk reports, schedule recurring audits, and deploy guardrails in production.
Book a demo