OWASP recommends evaluating generative AI systems in phases, including models, implementation, systems, and runtime, as seen below:
OWASP
Each of these phases has key considerations, such as the model’s provenance and data pipelines, testing guardrails that are in place for implementation, examining the deployed systems for exploitable components, and targeting runtime business processes for potential failures or vulnerabilities in how multiple AI components interact at runtime in production.
This phased approach allows for efficient risk identification, implementing a multi-layered defense, optimizing resources, and pursuing continuous improvement. Tools should also be used for model evaluation to support speed of evaluation, efficient risk detection, consistency, and comprehensive analysis. The complete OWASP generative AI Red Teaming guide provides a detailed checklist for each blueprint phase, which can be referenced.