Jump to Content

SAIF Map

The SAIF Map is a visual guide for navigating AI security and is at the heart of understanding SAIF as a security framework.

Many AI risks are new to developers, such as Prompt Injection, Data Poisoning, or Rogue Actions. The SAIF Map shows the AI development process to locate the risks—and crucially, potential controls for those risks.

Explore the map

How to use the SAIF Risk Map

You can use the SAIF map to:

  • follow a single risk throughout the AI development process
  • see the specific risks that affect a certain component area or type of organization
  • or better understand how your own organization’s development structure might be affected by AI risks

The SAIF map is divided into four component areas: Data, Infrastructure, Model, and Application. Some approaches to AI security focus primarily on the model, whereas SAIF addresses risks and controls throughout the entire AI development lifecycle.

The top half of the map shows the path a model takes to deployment in an application and how a user queries the model through that application. This content is most relevant to Model Consumers—those who use AI models to build AI-powered products and applications.

The bottom half of the map shows the path to developing a model and is most relevant to Model Creators—those who train or finetune models for use by themselves or others.

Depending on how you use AI, certain risks may be more relevant to you than others. Use the SAIF Map and the Risk Self Assessment to discover which risks you should investigate.