https://github.com/edward-playground/aidefense-framework

An open-source knowledge base of defensive countermeasures to protect AI/ML systems. Features interactive views and maps defenses to known threats from frameworks like MITRE ATLAS, MAESTRO, and OWASP.
https://github.com/edward-playground/aidefense-framework

ai-security aidefend atlas cybersecurity defensive-security knowledge-base llm-security maestro mitigation mitre-d3fend ml-security owasp threat-modeling

Last synced: 4 months ago
JSON representation

An open-source knowledge base of defensive countermeasures to protect AI/ML systems. Features interactive views and maps defenses to known threats from frameworks like MITRE ATLAS, MAESTRO, and OWASP.

• Host: GitHub
• URL: https://github.com/edward-playground/aidefense-framework
• Owner: edward-playground
• Created: 2025-06-03T16:30:37.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2026-01-16T00:57:31.000Z (5 months ago)
• Last Synced: 2026-01-16T05:34:13.209Z (5 months ago)
• Topics: ai-security, aidefend, atlas, cybersecurity, defensive-security, knowledge-base, llm-security, maestro, mitigation, mitre-d3fend, ml-security, owasp, threat-modeling
• Language: JavaScript
• Homepage:
• Size: 2.51 MB
• Stars: 117
• Watchers: 3
• Forks: 27
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• Awesome-AI-Security - AIDEFEND - AI Defense Framework - playground/aidefense-framework?logo=github&label=&style=social)](https://github.com/edward-playground/aidefense-framework) - Interactive defensive countermeasures knowledge base with Tactics / Pillars / Phases views; maps mitigations to MITRE ATLAS, MAESTRO, and OWASP LLM risks. • **Live demo:** https://edward-playground.github.io/aidefense-framework/ ([↑](#table-of-contents)Attack & Defense Matrices <a name="attack--defense-matrices"></a> / Defense)

README

          
# 🛡️ AIDEFEND: An AI Defense Framework

[![License: CC BY 4.0](https://img.shields.io/badge/License-CC_BY_4.0-lightgrey.svg?style=for-the-badge)](https://creativecommons.org/licenses/by/4.0/)

[![Live Demo](https://img.shields.io/badge/Live-Demo-brightgreen?style=for-the-badge)](https://edward-playground.github.io/aidefense-framework/)

> AIDEFEND (Artificial Intelligence Defense Framework) is an open, AI-focused knowledge base of defensive countermeasures designed to help security professionals protect AI/ML systems from emerging threats.

---

### 🚀 Framework Website

**[Go to the AIDEFEND framework site](https://edward-playground.github.io/aidefense-framework/)**

---

### 💡 Key Features

* **Three Strategic Views**: Organize and explore defenses from multiple perspectives to suit different roles and use cases:

    * **Tactics View**: Aligned with the seven high-level tactics of MITRE D3FEND.

    * **Pillars View**: Organized by technology stack components (Data, Model, Infrastructure, Application).

    * **Phases View**: Structured around the AI development and operational lifecycle.

* **Comprehensive Technique Details**: Each defensive technique includes a detailed description, implementation strategies with code examples, and lists of relevant open-source and commercial tools.

* **Threat Mapping**: Techniques are explicitly mapped to known threats from established frameworks like **MITRE ATLAS**, **MAESTRO**, the **OWASP Top 10** for LLMs, ML, and Agentic Applications, **Cisco Integrated AI Security and Safety Framework**, and **NIST Adversarial Machine Learning 2025**.

* **Interactive Interface**: A clean, responsive UI with powerful search functionality to quickly find relevant techniques and threats.

* **Light & Dark Modes**: A comfortable viewing experience for any environment.

---

### 🏛️ The Framework Views

AIDEFEND allows you to view the defensive landscape through three distinct lenses, helping you answer key strategic questions.

#### **1. Tactics View**

> **Question:** *What high-level approach and concept is being used for this defense?*

This view organizes techniques by their strategic security function, aligned with the seven defensive tactics: **Model, Harden, Detect, Isolate, Deceive, Evict, and Restore**. It is ideal for security strategists and architects designing a defense-in-depth plan.

#### **2. Pillars View**

> **Question:** *What part (component) of the AI system is being protected?*

This view organizes defenses by the technology stack component they secure: **Data, Model, Infrastructure, or Application**. This component-centric view helps technical roles like ML Engineers and Cloud Security Engineers find controls relevant to their work.

#### **3. Phases View**

> **Question:** *When (what stage) in the AI lifecycle should this defense be applied?*

This view organizes defenses by the development stage where they are most relevant, from initial **Design & Scoping** through **Building, Validation, Operation, Incident Response, and Restoration**. This process-driven view helps MLOps and DevSecOps teams embed security throughout the entire AI lifecycle.

---

### ⚙️ How to Use This Tool

1.  **Select a View**: Use the "View by:" switcher at the top of the page to choose between Tactics, Pillars, or Phases.

2.  **Explore Techniques**: Click on any column header to learn more about that tactic, pillar, or phase. Click on any individual defensive technique to open a detailed modal view.

3.  **Search Everything**: Use the search bar to filter all content by keywords, technique IDs, or threat mappings (e.g., "Prompt Injection", "AID-H-002", "MAESTRO", "LLM01").

4.  **AIDEFEND MCP/REST API Service**: Now available! A 100% Local, private RAG system for the AIDEFEND framework. [Try it now](https://github.com/edward-playground/aidefend-mcp).

---

### 📚 Acknowledgments & Disclaimer

This work is a personal initiative led by Edward Lee. It is intended for informational and educational purposes only.

**Please note:** This work was inspired by, and references, numerous incredible open-source security frameworks. However, **AIDEFEND is not affiliated with, endorsed by, or otherwise connected to The MITRE Corporation, the Cloud Security Alliance (creator of the MAESTRO framework), Google, OWASP, Cisco, or NIST.**

The framework synthesizes concepts and knowledge from the following foundational resources:

* [MAESTRO Framework](https://cloudsecurityalliance.org/blog/2025/02/06/agentic-ai-threat-modeling-framework-maestro/)

* [MITRE D3FEND™](https://d3fend.mitre.org/)

* [MITRE ATLAS™](https://atlas.mitre.org/)

* [MITRE ATT&CK®](https://attack.mitre.org/)

* [Google Secure AI Framework (SAIF)](https://saif.google/)

* [OWASP Top 10 for LLM Applications](https://owasp.org/www-project-top-10-for-large-language-model-applications/)

* [OWASP Top 10 for Machine Learning Security](https://owasp.org/www-project-machine-learning-security-top-10/)

* [OWASP Top 10 for Agentic Applications 2026](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/)

* [Cisco Integrated AI Security and Safety Framework](https://learn-cloudsecurity.cisco.com/ai-security-framework)

* [NIST Adversarial Machine Learning 2025](https://csrc.nist.gov/pubs/ai/100/2/e2025/final)

---

### 📬 Contact

This work is led by **Edward Lee**. You can [connect with me on LinkedIn](https://www.linkedin.com/in/go-edwardlee/).

### 📜 License

This work is licensed under a [Creative Commons Attribution 4.0 International License](http://creativecommons.org/licenses/by/4.0/).