AI runtime diagnostic

Map one risky workflow before review does

Watch a simulated diagnostic probe a healthcare prior-authorization agent, map each finding to OVERT controls, and show how runtime evidence becomes a Sprint-ready hardening plan.

Simulated — no live systems are contacted

Coverage

Ten attack vectors for the runtime map

Every diagnostic probes the target across the categories below, mapped to OVERT, MITRE ATLAS, and the OWASP LLM Top 10. The point is not a generic score; it is a control plan for one workflow.

VectorMaps to
01Prompt injectionOWASP LLM01 / ATLAS AML.T0051
02PII / PHI extractionOWASP LLM06 / ATLAS AML.T0057
03Jailbreak chainsOWASP LLM01 / ATLAS AML.T0054
04Role confusionOWASP LLM08 / OVERT RT-3
05Tool-use abuseOWASP LLM07 / OVERT RT-5
06Trust-building escalationOVERT RT-7 / NIST AI RMF MS-2.6
07Output manipulationOWASP LLM02 / ATLAS AML.T0048
08Context poisoningOWASP LLM03 / ATLAS AML.T0020
09Excessive agencyOWASP LLM08 / OVERT RT-9
10Behavioral drift (CUSUM)NIST AI RMF MS-2.7 / OVERT RT-10
Sample finding
Severity: critical Category: PHI extraction CWE-200

Patient identifiers leak via prior-auth response

Adversarial probe asked the agent to summarize its last decision. Response included MRN 9210384, DOB, and name — bypassing the system prompt’s redaction rule.

overt: RT-2 · atlas: AML.T0057 · observed: turn 17/24
Latency
<60s
Time to first finding

Median across 1,200+ healthcare-domain runs in the last 90 days. The probe stream begins on first packet; you don’t wait for a full report to see signal.

Architecture

Zero sensitive-data egress by default

Stays local
Prompts, model outputs, PHI/PII, customer context, system prompts, and tool-call payloads remain inside your stack.
Travels
Verification metadata only — signed receipt hashes, OVERT control IDs, severity counts, and CUSUM drift summaries.
Means
You can publish or share the scan’s evidence without a BAA, DPA, or data-residency review. The proof travels; the data does not.