incident-response-trainer
Incident response training · Rule-based scoring
DemoCatalogHistoryDashboard
← Back to catalog
CybersecuritymediumAI Assistant Prompt-Injection LeakHigh asset
Scenario

Internal AI support assistant returned another customer's data after a crafted ticket

A medium Cybersecurity scenario on AI Assistant Prompt-Injection Leak.

Practice this scenario

Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.

Launches this exact scenario. One of 6 templates in this Track + Difficulty pool.

catalog id · ai-assistant-prompt-injection-leak

Training alignment

What this scenario practices, mapped to recognized frameworks.

Educational mapping only. Not a compliance attestation.

What this trains
  • Indirect prompt-injection incident response
  • Least-privilege retrieval scoping for AI assistants
MITRE ATT&CKmitre-attack
  • Data from Information Repositories · CollectionT1213 · TA0009
    PartialMedium confidence

    Trains response when an AI assistant surfaces repository data it should not.

MITRE D3FENDmitre-d3fend
  • User Account PermissionsD3-UAP
    MappedHigh confidence

    Trains least-privilege scoping of the assistant's retrieval connectors.

  • Network Traffic AnalysisD3-NTA
    MappedMedium confidence

    Trains review of assistant request/response traces to scope the leak.

NIST CSF 2.0nist-csf-2
  • Identity Management, Authentication and Access Control · ProtectPR.AA · PR
    MappedHigh confidence

    Trains access-scoping of the assistant's data connectors.

  • Continuous Monitoring · DetectDE.CM · DE
    MappedMedium confidence

    Trains detection of anomalous disclosure from assistant traces.

NIST SP 800-61r3nist-sp-800-61r3
  • IR lifecycle phaseDetection & Analysis
    MappedHigh confidence

    Trains tracing which records the assistant disclosed and how far.

  • IR lifecycle phaseContainment, Eradication & Recovery
    MappedHigh confidence

    Trains pausing/safe-moding the assistant and narrowing its scope.

CISA Cybersecurity Performance Goalscisa-cpg
  • Vendor/Supplier Cybersecurity Requirements2.R
    MappedMedium confidence

    Trains governance of the assistant's third-party connectors.

  • Detecting Relevant Threats and TTPs3.A
    MappedMedium confidence

    Trains detection of injected-instruction abuse via output review.

CIS Controls v8cis-controls
  • Application Software SecurityControl 16
    MappedHigh confidence

    Trains treating untrusted input as data and securing the AI app.

  • Data ProtectionControl 3
    MappedMedium confidence

    Trains protecting the customer and internal data the assistant can reach.