Start a Scan

Table of Contents

Start a Scan

Learn how to start a scan in AI Red Teaming for Prisma AIRS.

Where Can I Use This?	What Do I Need?
Prisma AIRS (AI Red Teaming)	Prisma AIRS AI Red Teaming License Prisma AIRS AI Red Teaming Deployment Profile

One complete assessment of an AI system using AI Red Teaming is considered as a scan. A scan is carried out by sending attack payloads to an AI system in the form of attack prompts.

AI Red Teaming offers three modes of scanning an AI system: Attack Library, Agent, and Custom Attack. Attack library uses a regularly updated list of attack prompts against a target to check for its resilience against that attack technique. Agent uses a power LLM Agent that crafts attack prompts customized to the target and enhances the attacks based on the responses, and a Custom Attack scan allows you to upload and run your own prompt sets against target LLM endpoints alongside AI Red Teaming's built-in attack library.

This page is organized into the following sections:

Red Teaming using Attack Library Scan
Red Teaming using Agent Scan
Red Teaming using Custom Prompt Sets

In addition to the completed scan reports, AI Red Teaming also helps you to view the Error Logs and Scan Reports for in progress, failed, and partially completed scans.

Red Teaming using Attack Library Scan

To run an Attack Library Scan:

Log in to Strata Cloud Manager.
Navigate to AI SecurityAI Red TeamingScans.

In the AI Red Teaming dashboard, select + New Scan.

You can also start a new scan from the Scans page.

If a scan was previously configured, it appears in the list of past scans. The list of past scans includes the fields described in the following table:

Field	Scan Name	Scan Type	Target	Status	Risk Score	Actions
Description	The name of the scan.	The type of scan.	The target of the scan.	The scan status.	The risk score.	Any actions taken as a result of the scan. Select View Report for more information.

In the Start a new Scan screen, configure Scan Details:

The Scan Details page illustrates the number of scans available for each Scan Type.
1. Enter the Scan Name
2. Use the drop-down to Select Target. If a target fails to appear in the list of available targets, it means that no target has been configured. Before you initiate a scan, you'll need to add a target; you can reuse the target for future scans. To create a new target, click Go to Targets:
3. Select Red Teaming using Attack Library for the Scan Type. This scan type uses a curated library of pre-defined attacks to simulate comprehensive threats against your target.
Select Next: Attack Library Specification.
In the Attack Library Specifications page, configure Scan Categories:
1. Select Security categories for adversarial testing of security vulnerabilities and potential exploits.
  
  Multi-turn category is automatically enabled when the selected scan target is configured with a multi-turn configuration during target addition.
  
  In some cases, some categories require prerequisites on the target to run successfully. In such cases, a dialog appears indicating that the categories requires additional configuration. For example, Indirect Prompt Injection, the target must be able to upload files.
2. Select Safety categories for testing harmful or toxic content and ethical misuse scenarios.
3. Select Brand Reputation Risk categories to identify potential Brand Reputation risks in your AI systems before they reach production. Brand Reputation Risk category helps to proactively discover vulnerabilities that could damage brand reputation, create legal liabilities, or violate company policies.
  
  Brand Reputation Risk Detection evaluates your AI systems across four critical risk categories:
  Competitor Endorsements—Detects inappropriate promotion or recommendation of competing products or services.
  Brand Tarnishing/Self Criticism—Discovers instances where AI systems make negative statements about your organization.
  Discriminating Claims—Finds potentially discriminatory or biased responses that could expose your organization to legal risk.
  Political Endorsements—Identifies political statements or endorsements that may conflict with your organization's neutrality policies
4. Select a Compliance framework across security and safety standards.
Click Start Scan.
It will take a few minutes to complete a scan.
View the scan results.
1. Navigate to AI SecurityAI Red TeamingScans to view the scan results in the Scans page.
2. View the status of your scan and risk score.
3. Select View Report for the detailed report.
  
  In addition to the completed scan reports, AI Red Teaming also helps you to view the Error Logs and Scan Reports for in progress, failed, and partially completed scans.

Red Teaming using Agent Scan

Use the information in this section to run an agent scan:

Log in to Strata Cloud Manager.
Navigate to AI SecurityAI Red TeamingScans.

In the Red Teaming dashboard, select + New Scan.

You can also start a new scan from the Scans page.

If a scan was previously configured, it appears in the list of past scans. The list of past scans includes the fields described in the following table:

Field	Scan Name	Scan Type	Target	Status	Risk Score	Actions
Description	The name of the scan.	The type of scan.	The target of the scan.	The scan status.	The risk score.	Any actions taken as a result of the scan. Select View Report for more information.

In the Start a new Scan page, configure Scan Details:

The Scan Details page illustrates the number of scans available for each Scan Type.
1. Enter the Scan Name.
2. Use the drop-down to Select Target. If a target fails to appear in the list of available targets, it means that no target has been configured. Before you initiate a scan, you'll need to add a target; you can reuse the target for future scans. To create a new target, click Go to Targets:
3. Select Red Teaming using Agent for the Scan Type. This scan type uses an autonomous multi-agent system to dynamically simulate and evaluate threats against your target.
Start Scan.

When a target has not been profiled, a dialog box prompts you to either select Profile Target & Start Scan (to run profiling before initiating the scan), or Continue Anyway (to skip target profiling and proceed directly with the scan).

Target Profiling is an optional but recommended step. Running target profiling before initiating a scan ensures better and more accurate results.
Target Profiling is an automated reconnaissance process that sends discovery prompts to your target's AI endpoint to map its system goal, tools, capabilities, and architecture. AI Red Teaming uses this information to build a comprehensive knowledge base about the target, which populates the Target Background fields such as Industry, Use Case, and System Goal.
Profiling data is primarily used by Agent-led scans to generate precise, target-specific attacks. Without profiling data, the Agent may not have enough context about your target, resulting in less focused attacks and potentially missing target-specific vulnerabilities.

It will take a few minutes to complete the scan.
View the scan results.
1. Navigate to AI SecurityAI Red TeamingScans to view the scan results in the Scans page.
2. View the status of your scan and risk score.
3. Select View Report for the detailed report.
  
  In addition to the completed scan reports, AI Red Teaming also helps you to view the Error Logs and Scan Reports for in progress, failed, and partially completed scans.

Red Teaming using Custom Prompt Sets Scan

To run a Custom Attack scan:

Log in to Strata Cloud Manager.
Navigate to AI SecurityAI Red TeamingCustom Attacks.

The Custom Attack Prompts Sets screen is empty if prompt sets are not configured.
Add Prompt Set to get started. After you add one you can reuse it across scans.
1. In the Add Prompt Set screen:
  Specify a Prompt set name, for example, Precision Strike Set.
  (Optional) Include a Description.
  (Optional) Include a Custom Property.
2. Add Prompt Set
  The new Prompt Set screen (for Precision Strike Set) appears.
  
  You can use the option to Upload .csv file. Once uploaded, the Prompt Set screen refreshes to display additional prompts.
  
  If you attempt to upload a CSV file containing properties that don't match the properties defined for the prompt set, you're prompted to either Ignore CSV Properties, or, Override CSV Properties:
  
  Some prompts require manual validation. In such cases, an error message appears:
3. Select Add Prompt to complete the process.
All prompts undergo automatic validation. This can take up to 5-10 minutes. The process of validating a prompt involves interpreting and generating an attack goal for the prompt. This is done by our proprietary LLMs.
If automatic validation fails, you'll be prompted to manually validate the prompt by adding a goal for the prompt. Else you can also choose to skip the prompt.
Manage prompt sets and take actions based on the validation status.
Run Red Teaming using Custom Prompt Sets.
1. Navigate to AI SecurityAI Red TeamingScans and start a + New Scan.
2. Enable Red Teaming using Custom Prompt Sets scan type. This scan type simulates attacks using your own custom-defined prompt sets against your target.
3. Select your desired custom prompt sets in the Custom Attack Specifications. Only enabled prompt sets are displayed in the Custom Attack Specifications drop-down list.
4. Select Start Scan.
  It will take few minutes to complete the scan.
5. View the scan results.
  Navigate to AI SecurityAI Red TeamingScans to view the scan results in the Scans page.
  View the status of your scan and risk score.
  Select View Report for the detailed report.
  
  In addition to the completed scan reports, AI Red Teaming also helps you to view the Error Logs and Scan Reports for in progress, failed, and partially completed scans.