MITRE ATLAS Grows through Collaboration with CTID and Industry

By Mike Cunningham and Marissa Dotter • May 6, 2026

Artificial intelligence systems have quickly moved from experimental to personal tasks, and now full-on operational platforms that perform business processes, decision-making, and customer-facing services. As adoption accelerates, so does the need to understand how adversaries may target, abuse, manipulate, or exploit these systems. Traditional cybersecurity models remain essential, but they do not fully capture the unique attack paths introduced by AI. This is why MITRE ATLAS™ was created. ATLAS is the definitive knowledge base for adversary tactics, techniques, and mitigations targeting AI-enabled systems.

Our members recognized early on that AI security would require the same rigor, shared language, and operational focus that transformed traditional cybersecurity. They sit at the forefront of AI adoption and research, giving them a direct view of both the opportunity and the emerging risk. We created the Secure AI project in 2024 so our members could have the opportunity to strengthen ATLAS. The initial effort was such a successful partnership that we committed to making Secure AI an enduring effort. With the April updates of ATLAS, we conclude this phase of research and are grateful for the contributions from AttackIQ, Inc, Booz Allen Hamilton Inc, CitiGroup, CrowdStrike, Ensign InfoSecurity, Fortinet, Fujitsu, HCA Healthcare, JPMorganChase, Lloyds Banking Group, Microsoft Corporation, National Australia Bank, Siemens AG, Sopra Steria, Standard Chartered, and Verizon Business.

A major area of progress during this phase was the continued evolution of the ATLAS Matrix and supporting website. Secure AI delivered new submissions and contribution workflows that make it easier for the community to propose techniques, mitigations, case studies, and broader updates across the knowledge base.

The team added a new Technique Maturity filter within the ATLAS Matrix, allowing users to better prioritize emerging versus mature threats. Additional website and tooling improvements strengthened usability and access for defenders who rely on the framework. The team also transitioned ATLAS to a monthly release cadence to deliver faster updates.

Secure AI also helped produce the first ATLAS Rapid Response Report, establishing a faster model for analyzing emerging AI security incidents and adversary tradecraft. As major AI events occur, this process enables quicker investigation and more timely defensive guidance.

Another accomplishment was expanding ATLAS coverage for Agentic AI and Large Language Model threats. Agentic systems can independently make decisions, take actions, and interact across environments with reduced human oversight, creating new opportunities for adversaries and introduces new risks to an organization’s threat landscape.

Through Secure AI, we helped develop, update, and expand the ATLAS matrix through:

• 45+ new Techniques and Sub-Techniques
• 10+ new Mitigations
• 20+ new Case Studies

Secure AI also supported the development of the ATLAS Knowledge Graph, which provides a new interactive way to explore and query the ATLAS Knowledge Base. The Knowledge Graph will also serve as the knowledge source for the planned ATLAS AI Agent.

The project also advanced threat emulation for AI systems, helping defenders move from theory to practice. Secure AI supported the creation of guidance, best practices, and playbook structures for emulating threats against AI-enabled environments. Initial scenarios included prompt injection against organizational chatbots, with supporting code written in Ansible playbooks to allow flexible model selection.

To support broader adoption, the team developed an initial codebase planned for public release through the ATLAS GitHub environment, with planned integration into MITRE Caldera™ through new emulation plugins. This work will continue into Secure AI 2026.

Secure AI strengthened ATLAS as both a knowledge base and an operational resource. By expanding threat content, improving community workflows, accelerating rapid response reporting, and enabling practical threat emulation, defenders can prepare for the next generation of adversary behavior targeting AI.

© 2026 The MITRE Corporation. Approved for Public Release. ALL RIGHTS RESERVED. Document number 26-1026.

---