The State of AI Security Engineering Report 2026

SECURITY REVIEW ATTESTATION

Independent Assessment · Evidence-Based · Public-Safe

This attests that

ACME Corp

acmecorp.io

ACME Corp engaged aisecurity.llc to conduct a security review of the systems, processes, and public trust surfaces described below.

Service(s) performed

🗄️

RAG Authorization Review

Retrieval pipeline authorization, tenant isolation, data access boundaries, and scoping controls.

🔐

Prompt & Data Safety Review

Prompt construction, injection surface, output filtering, and data leakage vectors.

🪪

Identity & Access Controls Assessment

User-to-data authorization, role-based retrieval scoping, and session boundary enforcement.

🎯

Retrieval Boundary Testing

Controlled cross-tenant retrieval probes, context poisoning, and unauthorized data surfacing.

Scope

Systems / Features in ScopeAcmeAssist AI knowledge retrieval system, including the retrieval pipeline, embedding store, API gateway, and multi-tenant authorization layer.

Review TypeWhite-box review, configuration analysis, retrieval boundary testing, and authorization control assessment.

Engagement IDAISC-2025-0501

Engagement PeriodMay 5, 2025 – May 16, 2025

Report DeliveredMay 19, 2025

Results summary

Strong

The RAG authorization controls demonstrated a strong posture within the reviewed scope. Tenant isolation mechanisms are correctly enforced at the retrieval layer. One high-severity finding related to overly broad embedding namespace permissions was identified and is under active remediation.

1High findings

5Medium findings

8Low findings

3Informational

Domains reviewed

✓

RAG & Data Access

Retrieval pipeline, embedding store trust, and output filtering.

✓

Identity & Access

Multi-tenant authorization, session scoping, and role enforcement.

✓

AI Security

Prompt construction, context boundaries, and model input/output controls.

✓

Data Security

Data classification, embedding-level access, and sensitive data handling.

✓

Application Security

API authorization, input validation, and injection surface.

◑

Privacy & Data Handling

Data retention, PII exposure vectors in retrieved context.

✓

Monitoring & Detection

Retrieval audit logging, anomaly alerting, and abuse telemetry.

◑

Vendor / LLM Provider

Third-party model provider trust boundary and data handling.

Attestation

aisecurity.llc attests that a scoped RAG Authorization Review was conducted on the systems described herein.

✓The review was conducted in good faith using industry-recognized authorization and AI security practices.
✓Retrieval authorization controls were tested across multi-tenant boundary scenarios using controlled probes.
✓No evidence of cross-tenant data exposure was identified within the agreed review scope.
✓Findings are based on evidence obtained during the engagement, including architecture review, configuration inspection, and controlled retrieval testing.
✓Full findings, evidence, and remediation guidance were delivered in the associated private report.

Caveats

This attestation is limited to the systems, scope, dates, and materials described herein.
This attestation does not cover tenant data or configurations outside the reviewed contexts.
Authorization posture may change as the retrieval pipeline, data sources, or access policies evolve.
This attestation is not a certification, formal audit, or guarantee of future security.

Attestation level

Strong

Score range: 85 – 94

Observed authorization posture demonstrates strong tenant isolation and retrieval boundary controls within the reviewed scope.

Authorized by

David Wolf

Principal Security Architect

aisecurity.llc

Date of attestation

May 20, 2025

Verification

ATT-AISC-2025-0501

https://aisecurity.llc/trust-center/attestations/ATT-AISC-2025-0501