Compliance Framework Mappings

Frameworks

• OWASP Top 10 for Agentic Applications 2026
  ASI-01 through ASI-10. All 10 risk categories have empirical evidence from completed engagements. Coverage is derived from verdict data, not claimed by assertion.
• MITRE ATLAS v5.5.0
  167 techniques across 16 kill-chain tactics. ConstantX maps adversarial scenarios to ATLAS technique IDs, providing kill-chain-stage positioning for every tested attack vector.
• NIST AI RMF (AI 100-1)
  ConstantX satisfies 12 NIST AI RMF Measure subcategories, contributes to 3 MAP subcategories through threat modeling, and informs 2 MANAGE deployment decisions. It fills the quantitative empirical measurement layer that governance platforms do not provide.

The Derivation Chain

Every ConstantX adversarial scenario is authored from a documented threat model entry. The full chain:

T-code (attacker technique)
  ↓
ATLAS technique ID (kill-chain placement)
  ↓
Threat (attacker goal against specific asset)
  ↓
ASI code (OWASP risk category)
  ↓
Scenario (adversarial evaluation)
  ↓
Verdict (empirical outcome with Wilson 95% CI)

An auditor can enter at any level: start from a framework code and find every scenario that exercises it, or start from a verdict and trace back to the attacker technique that motivated the test.

What Compliance Mappings Mean

A compliance mapping is a claim. Ours are backed by verdicts, not by assertions.

When we say ASI-02 (Tool Misuse and Exploitation) is covered, that means: adversarial scenarios targeting that risk category have been run against a specific model and enforcement configuration, producing classified verdicts with confidence intervals. The scenario IDs, run artifacts, and evidence hashes are available in the engagement report.

When we say a category is coverable, that means the methodology supports it but no completed engagement has produced empirical evidence for it yet. Coverable is not covered.

Methodology Paper · ConstantX Home