Security Due Diligence

Run security due diligence on an AI vendor. Learn the security questionnaire landscape (SIG, CAIQ, the new AI-specific extensions), attestation review (SOC 2 Type 2, ISO 27001, ISO 42001, FedRAMP for US public sector), penetration testing report review, AI red-team posture (jailbreaks, prompt injection, model extraction defenses), and the on-site security assessment for critical vendors.