Independent AI security assessment · est. 2025FILE NO. 015 / EU · ISO · NIST · OWASP

Ship AI
with proof,
not promises.

Q: What does an AI security audit actually deliver?

A Technical Assessment Report documenting every vulnerability found in your AI endpoint — with severity, evidence, remediation, and a cross-mapping to OWASP LLM Top 10, ISO 42001, NIST AI RMF and EU AI Act Article 15. Deliverable formats: PDF, HTML, JSON and Markdown.

Q: Is this a compliance certification?

No. TestMy.AI is an independent technical assessor — not a certification body. The deliverable is a Technical Assessment Report with evidence designed to support your compliance filing alongside qualified legal counsel. The EU AI Act conformity-assessment framework for Article 15 is still being established; no one yet holds formal certification authority.

Q: Will the audit damage production or trip our rate limits?

Tests run against the endpoint you designate — staging, shadow, or production — at a throttle you set. We coordinate test windows, respect your rate limits, and pause on the first 5xx pattern. No destructive payloads, no data exfiltration beyond what your model itself surfaces.

Q: What access do you need to my system?

Just an endpoint URL and authentication. No source code, no model weights, no infrastructure access. The audit is performed black-box — exactly the way an external attacker would see your AI.

Q: Which frameworks do you cover?

Every test is pre-mapped to four frameworks at once: EU AI Act Article 15, ISO/IEC 42001, NIST AI RMF 1.0, and OWASP LLM Top 10. The same evidence answers all four.

Q: How fast can a report be in my hands?

Discovery audits ship in 5 business days. Technical Compliance assessments in 10–14. High-Assurance engagements typically close in 2–3 weeks. Rush delivery is available at +30% on every tier.

Q: Can I upgrade from Discovery later?

Yes. Upgrade within 30 days and the full $3,500 from Discovery is credited toward the Technical Compliance Assessment — so the upgrade lands at $6,000. Existing evidence is reused, not rerun.

Q: What if findings change after we patch?

Every Technical Compliance assessment includes one re-test within 30 days. We re-run only the tests that previously failed, score your fix rate, and re-issue the evidence package. Additional re-tests are $2,000.

An independent technical assessment of your AI endpoint. 600+ adversarial tests, every finding evidenced, and a report your compliance team can file — mapped to EU AI Act Article 15, ISO 42001, NIST AI RMF and OWASP LLM Top 10.

Start an audit See a sample report →

ScopeBlack-box · endpoint only

Coverage600+ adversarial tests

TurnaroundFrom 5 business days

FrameworksEU AI Act · ISO · NIST · OWASP

01 / DeliverablesWhat you walk away with

A binder your regulator, your board and your engineers can all read.

Four artefacts. Each one stands alone — and together they cover every conversation an AI security audit needs to settle.

01 · Primary deliverable

The Technical Assessment Report

A Technical Assessment Report is an evidenced, framework-mapped document detailing every vulnerability discovered in your AI endpoint — with severity, the exact prompt and response that triggered it, the remediation, and a clause-level mapping to OWASP LLM Top 10, ISO 42001, NIST AI RMF and EU AI Act Article 15. PDF, HTML, JSON and Markdown — ready for filing, procurement, and the board.

20–40 pages · multi-format

An evidence package on every finding

The exact prompt sent. The exact response received. The pattern or judge that flagged it. Reproducible proof — not just claims.

Forensic-grade · timestamped

Severity, mapped four ways

OWASP category, EU clause, ISO control, NIST function — every vulnerability tagged across all four frameworks.

Cross-framework

Remediation guidance, per finding

What to change, where to change it, and how to test it. Written for engineers, not auditors.

Actionable

A fix-verification re-test

You patch. We retest. You get a fix rate — and the artefacts to prove it. One re-test included on every audit.

Closure proof

02 / CoverageWhat every audit looks for

Eight attack surfaces. Six hundred ways in.

Every category in the OWASP LLM Top 10 — and the adversarial chains real attackers use to stitch them together.

LLM01

Prompt injection

Hijacking the model's instructions through crafted input — direct, indirect, and multi-turn.

Tests142

LLM02

Sensitive data leakage

System prompts, training data, customer records and credentials surfacing in responses.

Tests96

LLM06

Jailbreaks & guardrail bypass

Personas, encodings, roleplay and obfuscation — every published jailbreak family, plus adaptive variants.

Tests118

LLM05

Output manipulation

Weaponised responses — malicious code, links, instructions, or content that misleads downstream systems.

Tests64

LLM08

Excessive agency

Tools, plugins and autonomy gone wrong. Actions taken outside of authorised scope.

Tests52

LLM03

Supply chain risk

Compromised dependencies, model weights, fine-tunes and embedded third-party services.

Tests38

LLM04

Denial of service

Resource exhaustion, recursive prompts, and traffic patterns that take your AI offline.

Tests46

15.5

Bias & fairness

Demographic skew, protected-class disparities, and decisions that don't survive a fairness audit.

Tests44

03 / FrameworksSame tests, four filings

One audit. Four compliance conversations.

Every finding is pre-mapped to the four frameworks that matter for AI today — so the same evidence answers the regulator, the procurement team, the security review, and the board.

European Regulation

EU AI Act, Article 15

Accuracy, robustness and cybersecurity for high-risk AI. Enforcement begins in 2026–2027.

15.115.215.315.415.5

International Standard

ISO/IEC 42001

The recognised standard for AI management systems and governance maturity.

A.6A.7A.8A.9A.10

US Framework

NIST AI RMF 1.0

The risk-management framework expected for US federal AI procurement.

GovernMapMeasureManage

Industry Standard

OWASP LLM Top 10

The de-facto security checklist for any application built on a large language model.

LLM01LLM02LLM…LLM10

04 / Deliverable previewThe artefact you file

A report that looks like a document, not a dashboard.

Designed to be printed, filed, and forwarded. Cover sheet, executive summary, findings ledger, evidence appendix — and a separate cross-framework mapping table for the legal team.

SAMPLE EXTRACT · FINDINGS LEDGER

Every finding, on one page.

Severity, OWASP category, regulator clause, and a one-line summary — so a non-technical reader can scan the risk surface in under sixty seconds. Detail and evidence sit one page deeper.

PDFHTMLJSONMarkdown

Technical Assessment Report

Endpoint · api.acme.com/v1/chat

REF · TMA-2026-0418
ART. 15 · ISO 42001

CRTF-001System-prompt extractionLLM0115.3 / A.8

CRTF-002Multi-turn jailbreakLLM0615.3 / A.10

HIF-003PII echo in tool outputLLM0215.2 / A.7

HIF-004Indirect injection via RAGLLM0115.3 / Manage

MEDF-005Token-flood DoS patternLLM0415.4 / A.9

MEDF-006Demographic response skew15.515.5 / Measure

LOF-007Verbose error disclosureLLM0515.2 / A.8

Findings · 7 of 612 testsRISK SCORE · 62

05 / EngagementsPick the right depth

Three engagements. One straight upgrade path.

Start with Discovery to map the risk. Move to Technical Compliance when it's time to file. Step to High-Assurance when stakes — or stakeholders — call for it.

01 / Discovery Assessment

Discovery

A first read on the risk — fully credited toward Technical Compliance if you upgrade within 30 days.

$3,500/ system

5 business days · 3 endpoints

Full vulnerability sweep across all OWASP LLM categories
Critical & high-severity findings with summary remediation
Executive summary (5 pages) plus findings list
Framework mapping at the summary level
Credit applies in full toward a Technical Compliance upgrade — upgrade lands at $6,000

Begin discovery

Recommended for filing02 / Technical Compliance Assessment

Technical Compliance

The core offering — security validation plus the evidence package your filing actually needs.

$9,500/ system

10–14 business days · 5 endpoints

Full 600+ test suite plus adaptive escalation on critical findings
Accuracy verification against the metrics you've declared
Multi-framework mapping — OWASP, ISO 42001, NIST AI RMF, EU AI Act
Full evidence package suitable for compliance filing
Detailed engineering-grade remediation per finding
One re-test within 30 days included

Book the engagement

03 / High-Assurance Audit

High-Assurance

For regulated industries and the systems where the answer has to be defensible at every level.

Customtailored quote

2–3 weeks · unlimited endpoints

Everything in Technical Compliance, scaled to your environment
Unlimited adaptive red-team escalation
Industry-specific attack scenarios (finance, health, infra)
Board-level risk narrative and remediation roadmap
Multi-round retest cycles and forensic-grade evidence
Direct advisory time with senior assessors

Request a scope

Add-ons available on every tier · additional endpoint $1,500 · extra re-test $2,000 · rush delivery +30%

06 / FAQDirect answers

Questions we get every week.

Plain answers, written for the people who'll actually read the report — security leads, compliance officers, and the engineers on the receiving end of the remediation.

Q · 01

What does an AI security audit actually deliver?

A Technical Assessment Report documenting every vulnerability found in your AI endpoint — with severity, evidence, remediation, and a cross-mapping to OWASP LLM Top 10, ISO 42001, NIST AI RMF and EU AI Act Article 15. Deliverable formats: PDF, HTML, JSON and Markdown.

Q · 02

Is this a compliance certification?

No. TestMy.AI is an independent technical assessor — not a certification body. The deliverable is a Technical Assessment Report with evidence designed to support your compliance filing alongside qualified legal counsel. The EU AI Act conformity-assessment framework for Article 15 is still being established; no one yet holds formal certification authority.

Q · 03

What happens to our prompts, responses, and findings after the audit?

Test artefacts are retained encrypted for 90 days post-delivery, then destroyed on written request — or extended for your audit-trail retention period. We sign mutual NDA before scoping and never use client data to train or tune models.

Q · 04

Will the audit damage production or trip our rate limits?

Tests run against the endpoint you designate — staging, shadow, or production — at a throttle you set. We coordinate test windows, respect your rate limits, and pause on the first 5xx pattern. No destructive payloads, no data exfiltration beyond what your model itself surfaces.

Q · 05

What access do you need to my system?

Just an endpoint URL and authentication. No source code, no model weights, no infrastructure access. The audit is performed black-box — exactly the way an external attacker would see your AI.

Q · 06

Which frameworks do you cover?

Every test is pre-mapped to four frameworks at once: EU AI Act Article 15, ISO/IEC 42001, NIST AI RMF 1.0, and OWASP LLM Top 10. The same evidence answers all four. You pick the primary framework for the report; the cross-mapping comes with it.

Q · 07

How fast can a report be in my hands?

Discovery audits ship in 5 business days. Technical Compliance assessments in 10–14. High-Assurance engagements typically close in 2–3 weeks. Rush delivery is available at +30% on every tier.

Q · 08

Can I upgrade from Discovery later?

Yes. Upgrade within 30 days and the full $3,500 from Discovery is credited toward the Technical Compliance Assessment — so the upgrade lands at $6,000. Existing evidence is reused, not rerun.

Q · 09

What if findings change after we patch?

Every Technical Compliance assessment includes one re-test within 30 days. We re-run only the tests that previously failed, score your fix rate, and re-issue the evidence package. Additional re-tests are $2,000.

Q · 10

Who is the audit written for?

Security teams validating AI before production; compliance officers preparing evidence for ISO 42001 or NIST filings; legal teams preparing EU AI Act dossiers; and procurement teams responding to enterprise security reviews. The report has a section for each audience.

● Begin · Endpoint to report, in time for the next board review

An audit before the next
board review.

Hand us an endpoint and an auth header. We hand you a report your legal team, your security team and your board can all open.