HomeIntelligenceBrief
BREACH BRIEF⚪ Informational Advisory

ASAPP Launches Continuous Red Teaming to Provide Real‑Time Security Metrics for Enterprise AI

ASAPP has integrated Promptfoo’s adversarial testing into its AI model pipeline, delivering continuous verification of over 50 LLM vulnerability types. The service supplies real‑time risk scores aligned with OWASP and NIST AI frameworks, giving third‑party risk teams concrete evidence of a vendor’s AI security posture.

LiveThreat™ Intelligence · 📅 May 21, 2026· 📰 helpnetsecurity.com
Severity
Informational
AD
Type
Advisory
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
3 recommended
📰
Source
helpnetsecurity.com

ASAPP Introduces Continuous Red‑Team Testing to Secure Enterprise AI Systems

What Happened – ASAPP unveiled “Continuous Red Teaming,” a service that embeds Promptfoo’s adversarial AI testing into its model‑evaluation pipeline. The platform now runs automated checks for more than 50 LLM‑specific vulnerability types, delivering real‑time risk metrics for customers.

Why It Matters for TPRM

  • AI‑driven SaaS solutions can become attack surfaces once they move from static Q&A to autonomous actions.
  • Continuous, metric‑driven testing gives third‑party risk teams verifiable evidence of a vendor’s security posture, reducing reliance on one‑off audits.
  • The framework aligns with OWASP Top 10 for LLMs and the NIST AI Risk Management Framework, providing audit‑ready artifacts for procurement and compliance reviews.

Who Is Affected – Enterprises that embed large‑language‑model (LLM) agents in customer‑facing or internal workflows (e.g., contact‑center SaaS, knowledge‑base RAG solutions, AI‑enabled automation platforms).

Recommended Actions

  • Request ASAPP’s Attack Success Rate (ASR) dashboards and benchmark data during vendor due‑diligence.
  • Verify that the Continuous Red Teaming controls map to your organization’s AI‑risk policies (OWASP LLM, NIST AI RMF).
  • Incorporate continuous AI‑security testing clauses into contracts and SLA metrics for all AI‑model providers.

Technical Notes – The testing covers core model integrity (jailbreak, hallucinated authority), data‑privacy (prompt injection, cross‑session PII leakage), and agentic/operational security (unauthorized tool‑calling, internal reconnaissance). It leverages automated graders to reduce human bias and continuously tracks the Attack Success Rate for each model update. Source: Help Net Security

📰 Original Source
https://www.helpnetsecurity.com/2026/05/21/asapp-expands-adversarial-testing-for-enterprise-ai-systems/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Could you prove your access controls held up here?

Credential and access failures map directly to SOC 2 access-control criteria. The Verisq AI Trust Operations platform shows where your evidence is thin before an auditor — or an attacker — finds out.

Explore the Verisq AI Trust Operations platform →