genai-security-crosswalk 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/LICENSE.md +28 -0
  2. package/README.md +618 -0
  3. package/data/entries/ASI01.json +911 -0
  4. package/data/entries/ASI02.json +850 -0
  5. package/data/entries/ASI03.json +854 -0
  6. package/data/entries/ASI04.json +759 -0
  7. package/data/entries/ASI05.json +764 -0
  8. package/data/entries/ASI06.json +817 -0
  9. package/data/entries/ASI07.json +789 -0
  10. package/data/entries/ASI08.json +788 -0
  11. package/data/entries/ASI09.json +754 -0
  12. package/data/entries/ASI10.json +833 -0
  13. package/data/entries/DSGAI01.json +779 -0
  14. package/data/entries/DSGAI02.json +728 -0
  15. package/data/entries/DSGAI03.json +671 -0
  16. package/data/entries/DSGAI04.json +752 -0
  17. package/data/entries/DSGAI05.json +689 -0
  18. package/data/entries/DSGAI06.json +673 -0
  19. package/data/entries/DSGAI07.json +680 -0
  20. package/data/entries/DSGAI08.json +698 -0
  21. package/data/entries/DSGAI09.json +687 -0
  22. package/data/entries/DSGAI10.json +627 -0
  23. package/data/entries/DSGAI11.json +663 -0
  24. package/data/entries/DSGAI12.json +695 -0
  25. package/data/entries/DSGAI13.json +688 -0
  26. package/data/entries/DSGAI14.json +703 -0
  27. package/data/entries/DSGAI15.json +655 -0
  28. package/data/entries/DSGAI16.json +716 -0
  29. package/data/entries/DSGAI17.json +690 -0
  30. package/data/entries/DSGAI18.json +613 -0
  31. package/data/entries/DSGAI19.json +638 -0
  32. package/data/entries/DSGAI20.json +671 -0
  33. package/data/entries/DSGAI21.json +881 -0
  34. package/data/entries/LLM01.json +975 -0
  35. package/data/entries/LLM02.json +868 -0
  36. package/data/entries/LLM03.json +817 -0
  37. package/data/entries/LLM04.json +797 -0
  38. package/data/entries/LLM05.json +761 -0
  39. package/data/entries/LLM06.json +848 -0
  40. package/data/entries/LLM07.json +749 -0
  41. package/data/entries/LLM08.json +750 -0
  42. package/data/entries/LLM09.json +760 -0
  43. package/data/entries/LLM10.json +763 -0
  44. package/data/incidents-schema.json +121 -0
  45. package/data/incidents.json +1484 -0
  46. package/data/schema.json +134 -0
  47. package/dist/index.d.ts +97 -0
  48. package/dist/index.d.ts.map +1 -0
  49. package/dist/index.js +124 -0
  50. package/dist/index.js.map +1 -0
  51. package/dist/index.test.d.ts +2 -0
  52. package/dist/index.test.d.ts.map +1 -0
  53. package/dist/index.test.js +97 -0
  54. package/dist/index.test.js.map +1 -0
  55. package/package.json +62 -0
package/data/entries/DSGAI19.json ADDED
@@ -0,0 +1,638 @@
1
+ {
2
+ "id": "DSGAI19",
3
+ "name": "Human-in-Loop and Labeler Overexposure",
4
+ "source_list": "DSGAI-2026",
5
+ "version": "2026-Q1",
6
+ "severity": "Medium",
7
+ "aivss_score": null,
8
+ "audience": [
9
+ "red-teamer",
10
+ "security-engineer",
11
+ "ciso",
12
+ "compliance",
13
+ "ml-engineer",
14
+ "ot-engineer",
15
+ "auditor",
16
+ "developer",
17
+ "data-engineer"
18
+ ],
19
+ "mappings": [
20
+ {
21
+ "framework": "MITRE ATLAS",
22
+ "control_id": "AML.T0035",
23
+ "control_name": "Exfiltrate via ML Inference API",
24
+ "tier": "Foundational",
25
+ "scope": "Both",
26
+ "notes": "Sensitive data in labelling tasks accessed by adversary-controlled or compromised labelling vendor"
27
+ },
28
+ {
29
+ "framework": "MITRE ATLAS",
30
+ "control_id": "AML.T0057",
31
+ "control_name": "Data from Information Repositories",
32
+ "tier": "Foundational",
33
+ "scope": "Both",
34
+ "notes": "Labelling vendor's data stores containing sensitive annotation tasks accessed as information repositories"
35
+ },
36
+ {
37
+ "framework": "MITRE ATLAS",
38
+ "control_id": "AML.T0020",
39
+ "control_name": "Poison Training Data",
40
+ "tier": "Foundational",
41
+ "scope": "Both",
42
+ "notes": "Adversary-controlled labelling vendor introduces biased or poisoned annotations into training data"
43
+ },
44
+ {
45
+ "framework": "NIST AI RMF 1.0",
46
+ "control_id": "GV-1.6",
47
+ "control_name": "Policies for data privacy",
48
+ "tier": "Foundational",
49
+ "scope": "Both",
50
+ "notes": "HITL data governance policy — data minimisation, contractor handling requirements, retention limits"
51
+ },
52
+ {
53
+ "framework": "NIST AI RMF 1.0",
54
+ "control_id": "MP-5.1",
55
+ "control_name": "Interdependencies",
56
+ "tier": "Foundational",
57
+ "scope": "Both",
58
+ "notes": "All labelling vendors and HITL providers mapped — data access scope, contractual protections"
59
+ },
60
+ {
61
+ "framework": "NIST AI RMF 1.0",
62
+ "control_id": "MS-2.6",
63
+ "control_name": "Testing — data leakage",
64
+ "tier": "Foundational",
65
+ "scope": "Both",
66
+ "notes": "Privacy assessment of labelling workflows — annotator data access scope, anonymisation effectiveness"
67
+ },
68
+ {
69
+ "framework": "NIST AI RMF 1.0",
70
+ "control_id": "MG-3.2",
71
+ "control_name": "Residual risk",
72
+ "tier": "Foundational",
73
+ "scope": "Both",
74
+ "notes": "Residual privacy risk from labelling vendor access documented and treated"
75
+ },
76
+ {
77
+ "framework": "EU AI Act",
78
+ "control_id": "Training data governance includes human annotation workflows",
79
+ "control_name": "Art. 10 — Data and data governance",
80
+ "tier": "Foundational",
81
+ "scope": "Both",
82
+ "notes": "Labeller data access controls and data minimisation are Art. 10 requirements for high-risk training data"
83
+ },
84
+ {
85
+ "framework": "EU AI Act",
86
+ "control_id": "Labelling vendors are part of the AI value chain — obligations distributed accordingly",
87
+ "control_name": "Art. 25 — Value chain responsibilities",
88
+ "tier": "Foundational",
89
+ "scope": "Both",
90
+ "notes": "Labelling vendor security requirements and contractual controls are Art. 25 value chain obligations"
91
+ },
92
+ {
93
+ "framework": "ISO/IEC 27001:2022",
94
+ "control_id": "A.5.34",
95
+ "control_name": "Privacy and PII protection",
96
+ "tier": "Foundational",
97
+ "scope": "Both",
98
+ "notes": "Data minimisation and privacy controls for all HITL labelling workflows"
99
+ },
100
+ {
101
+ "framework": "ISO/IEC 27001:2022",
102
+ "control_id": "A.6.3",
103
+ "control_name": "Information security awareness training",
104
+ "tier": "Foundational",
105
+ "scope": "Both",
106
+ "notes": "Security training for all labellers — internal and third-party — covering data handling requirements"
107
+ },
108
+ {
109
+ "framework": "ISO/IEC 27001:2022",
110
+ "control_id": "A.5.20",
111
+ "control_name": "Supplier agreements",
112
+ "tier": "Foundational",
113
+ "scope": "Both",
114
+ "notes": "Contractual data handling requirements for labelling vendors and HITL service providers"
115
+ },
116
+ {
117
+ "framework": "ISO/IEC 27001:2022",
118
+ "control_id": "A.8.11",
119
+ "control_name": "Data masking",
120
+ "tier": "Foundational",
121
+ "scope": "Both",
122
+ "notes": "Anonymisation and redaction applied to labelling tasks before exposure to annotators"
123
+ },
124
+ {
125
+ "framework": "ISO/IEC 42001:2023",
126
+ "control_id": "Data — minimisation",
127
+ "control_name": "A.7.2",
128
+ "tier": "Foundational",
129
+ "scope": "Both",
130
+ "notes": "Foundational"
131
+ },
132
+ {
133
+ "framework": "ISO/IEC 42001:2023",
134
+ "control_id": "Third-party",
135
+ "control_name": "A.10.1",
136
+ "tier": "Foundational",
137
+ "scope": "Both",
138
+ "notes": "Hardening"
139
+ },
140
+ {
141
+ "framework": "ISO/IEC 42001:2023",
142
+ "control_id": "Internal organisation — roles",
143
+ "control_name": "A.3.3",
144
+ "tier": "Foundational",
145
+ "scope": "Both",
146
+ "notes": "Foundational"
147
+ },
148
+ {
149
+ "framework": "ISO/IEC 42001:2023",
150
+ "control_id": "Support",
151
+ "control_name": "Cl.7",
152
+ "tier": "Foundational",
153
+ "scope": "Both",
154
+ "notes": "Foundational"
155
+ },
156
+ {
157
+ "framework": "CIS Controls v8.1",
158
+ "control_id": "CIS 3",
159
+ "control_name": "3.3 — Access control lists",
160
+ "tier": "Foundational",
161
+ "scope": "Both"
162
+ },
163
+ {
164
+ "framework": "CIS Controls v8.1",
165
+ "control_id": "CIS 6",
166
+ "control_name": "6.5 — Require MFA",
167
+ "tier": "Foundational",
168
+ "scope": "Both"
169
+ },
170
+ {
171
+ "framework": "CIS Controls v8.1",
172
+ "control_id": "CIS 14",
173
+ "control_name": "14.3 — Train workforce to identify attacks",
174
+ "tier": "Foundational",
175
+ "scope": "Both"
176
+ },
177
+ {
178
+ "framework": "OWASP ASVS 4.0.3",
179
+ "control_id": "V4 Access Control",
180
+ "control_name": "V4.1.2 — Least privilege",
181
+ "tier": "Foundational",
182
+ "scope": "Both"
183
+ },
184
+ {
185
+ "framework": "OWASP ASVS 4.0.3",
186
+ "control_id": "V8 Data Protection",
187
+ "control_name": "V8.3.3 — Consent for personal data processing",
188
+ "tier": "Foundational",
189
+ "scope": "Both"
190
+ },
191
+ {
192
+ "framework": "OWASP ASVS 4.0.3",
193
+ "control_id": "V2 Authentication",
194
+ "control_name": "V2.1.1 — Strong authentication",
195
+ "tier": "Foundational",
196
+ "scope": "Both"
197
+ },
198
+ {
199
+ "framework": "ISA/IEC 62443",
200
+ "control_id": "SR 3.2",
201
+ "control_name": "Software and information integrity",
202
+ "tier": "Foundational",
203
+ "scope": "Both",
204
+ "notes": "Labelling vendors with OT data access assessed under 62443-2-4 — same requirements as OT software vendors"
205
+ },
206
+ {
207
+ "framework": "ISA/IEC 62443",
208
+ "control_id": "SR 4.1",
209
+ "control_name": "Data confidentiality",
210
+ "tier": "Foundational",
211
+ "scope": "Both",
212
+ "notes": "OT data minimisation in labelling tasks — annotators see minimum content needed, not full process records"
213
+ },
214
+ {
215
+ "framework": "ISA/IEC 62443",
216
+ "control_id": "Supplier security requirements",
217
+ "control_name": "62443-2-4",
218
+ "tier": "Foundational",
219
+ "scope": "Both",
220
+ "notes": "All labelling vendors with OT data access assessed before engagement"
221
+ },
222
+ {
223
+ "framework": "NIST SP 800-82 Rev 3",
224
+ "control_id": "Availability risks",
225
+ "control_name": "§5.6",
226
+ "tier": "Hardening",
227
+ "scope": "Both",
228
+ "notes": "OT GenAI pipeline failure as availability risk"
229
+ },
230
+ {
231
+ "framework": "NIST SP 800-82 Rev 3",
232
+ "control_id": "Risk assessment",
233
+ "control_name": "§6.2",
234
+ "tier": "Hardening",
235
+ "scope": "Both",
236
+ "notes": "Cascade failure scenarios in OT risk register"
237
+ },
238
+ {
239
+ "framework": "NIST SP 800-82 Rev 3",
240
+ "control_id": "Security controls",
241
+ "control_name": "§7.2",
242
+ "tier": "Hardening",
243
+ "scope": "Both",
244
+ "notes": "Circuit breakers between OT data pipeline layers"
245
+ },
246
+ {
247
+ "framework": "NIST CSF 2.0",
248
+ "control_id": "GV.SC-01",
249
+ "control_name": "Supply Chain Risk Management",
250
+ "tier": "Foundational",
251
+ "scope": "Both",
252
+ "notes": "Labelling vendors treated as suppliers — data handling requirements in contracts, compliance monitored"
253
+ },
254
+ {
255
+ "framework": "NIST CSF 2.0",
256
+ "control_id": "PR.AA-05",
257
+ "control_name": "Identity Management, Authentication & Access Control",
258
+ "tier": "Foundational",
259
+ "scope": "Both",
260
+ "notes": "Data minimisation — annotators access minimum content required for annotation function"
261
+ },
262
+ {
263
+ "framework": "NIST CSF 2.0",
264
+ "control_id": "GV.OC-01",
265
+ "control_name": "Organisational Context",
266
+ "tier": "Foundational",
267
+ "scope": "Both",
268
+ "notes": "Acceptable use policy covers labelling activities — what data may be used in labelling workflows"
269
+ },
270
+ {
271
+ "framework": "NIST CSF 2.0",
272
+ "control_id": "PR.AT-01",
273
+ "control_name": "Awareness and Training",
274
+ "tier": "Foundational",
275
+ "scope": "Both",
276
+ "notes": "Labelling staff trained on data handling — classification, prohibited use, incident reporting"
277
+ },
278
+ {
279
+ "framework": "SOC 2",
280
+ "control_id": "Labelling vendors assessed in vendor risk programme — data access scope, handling requirements, sub-processor chain",
281
+ "control_name": "CC9.1 — Vendor risk",
282
+ "tier": "Foundational",
283
+ "scope": "Both"
284
+ },
285
+ {
286
+ "framework": "SOC 2",
287
+ "control_id": "Contractual data handling obligations for labelling vendors — data minimisation, retention, permitted use",
288
+ "control_name": "CC9.2 — Vendor agreements",
289
+ "tier": "Foundational",
290
+ "scope": "Both"
291
+ },
292
+ {
293
+ "framework": "SOC 2",
294
+ "control_id": "Personal information accessed by labellers documented — purpose, scope, and safeguards",
295
+ "control_name": "P3.1 — Personal information collection",
296
+ "tier": "Foundational",
297
+ "scope": "Both"
298
+ },
299
+ {
300
+ "framework": "SOC 2",
301
+ "control_id": "Labelling vendor use of personal information restricted — no secondary use, training, or retention beyond task",
302
+ "control_name": "P5.1 — Personal information use",
303
+ "tier": "Foundational",
304
+ "scope": "Both"
305
+ },
306
+ {
307
+ "framework": "PCI DSS v4.0",
308
+ "control_id": "Req 12.8.1",
309
+ "control_name": "TPSP programme",
310
+ "tier": "Foundational",
311
+ "scope": "Both",
312
+ "notes": "Labelling vendors with access to CHD are TPSPs — add to TPSP list, initiate compliance process"
313
+ },
314
+ {
315
+ "framework": "PCI DSS v4.0",
316
+ "control_id": "Req 12.8.3",
317
+ "control_name": "TPSP agreements",
318
+ "tier": "Foundational",
319
+ "scope": "Both",
320
+ "notes": "Written agreements with labelling vendors acknowledging CHD security responsibility"
321
+ },
322
+ {
323
+ "framework": "PCI DSS v4.0",
324
+ "control_id": "Req 3.3.1",
325
+ "control_name": "SAD prohibition",
326
+ "tier": "Foundational",
327
+ "scope": "Both",
328
+ "notes": "SAD must never appear in labelling tasks — labels cannot expose CVV or full magnetic stripe data"
329
+ },
330
+ {
331
+ "framework": "PCI DSS v4.0",
332
+ "control_id": "Req 7.2.1",
333
+ "control_name": "Restrict access",
334
+ "tier": "Foundational",
335
+ "scope": "Both",
336
+ "notes": "Labelling task data minimised — annotators see minimum CHD required for annotation function"
337
+ },
338
+ {
339
+ "framework": "ENISA Multilayer Framework",
340
+ "control_id": "L2",
341
+ "control_name": "Governance and Risk (GOV)",
342
+ "tier": "Foundational",
343
+ "scope": "Both",
344
+ "notes": "Data labeling and human review services governed as AI supply chain components — DPA, access controls, and data handling requirements contractually mandated"
345
+ },
346
+ {
347
+ "framework": "ENISA Multilayer Framework",
348
+ "control_id": "L2",
349
+ "control_name": "Data and Model Security (DMS)",
350
+ "tier": "Foundational",
351
+ "scope": "Both",
352
+ "notes": "Data provided to human reviewers classified and minimised — no unnecessary sensitive data in labeling batches"
353
+ },
354
+ {
355
+ "framework": "ENISA Multilayer Framework",
356
+ "control_id": "MON",
357
+ "control_name": "Monitoring and Detection",
358
+ "tier": "Foundational",
359
+ "scope": "Both",
360
+ "notes": "All human reviewer data access logged — access scope, duration, and data volume tracked"
361
+ },
362
+ {
363
+ "framework": "ENISA Multilayer Framework",
364
+ "control_id": "L2",
365
+ "control_name": "Supply Chain Security (SCS)",
366
+ "tier": "Foundational",
367
+ "scope": "Both",
368
+ "notes": "Labeling service providers assessed as supply chain components — security controls, sub-contractor restrictions, jurisdiction reviewed"
369
+ },
370
+ {
371
+ "framework": "OWASP SAMM v2.0",
372
+ "control_id": "D-SA",
373
+ "control_name": "Design / Security Architecture",
374
+ "tier": "Hardening",
375
+ "scope": "Both",
376
+ "notes": "Design circuit breakers and isolation boundaries between data pipeline stages"
377
+ },
378
+ {
379
+ "framework": "OWASP SAMM v2.0",
380
+ "control_id": "O-IM",
381
+ "control_name": "Operations / Incident Management",
382
+ "tier": "Hardening",
383
+ "scope": "Both",
384
+ "notes": "Detect correlated failures across pipeline stages; alert before full cascade"
385
+ },
386
+ {
387
+ "framework": "OWASP SAMM v2.0",
388
+ "control_id": "O-EM",
389
+ "control_name": "Operations / Environment Management",
390
+ "tier": "Hardening",
391
+ "scope": "Both",
392
+ "notes": "Continuous health checks across all pipeline components"
393
+ },
394
+ {
395
+ "framework": "OWASP SAMM v2.0",
396
+ "control_id": "V-AA",
397
+ "control_name": "Verification / Architecture Assessment",
398
+ "tier": "Hardening",
399
+ "scope": "Both",
400
+ "notes": "Verify blast radius containment design before deployment"
401
+ },
402
+ {
403
+ "framework": "OWASP SAMM v2.0",
404
+ "control_id": "O-IM",
405
+ "control_name": "Operations / Incident Management",
406
+ "tier": "Hardening",
407
+ "scope": "Both",
408
+ "notes": "Documented runbook for data pipeline cascade scenarios"
409
+ },
410
+ {
411
+ "framework": "CWE/CVE",
412
+ "control_id": "CWE-285",
413
+ "control_name": "CWE-285",
414
+ "tier": "Foundational",
415
+ "scope": "Both",
416
+ "url": "https://cwe.mitre.org/data/definitions/285.html"
417
+ },
418
+ {
419
+ "framework": "CWE/CVE",
420
+ "control_id": "CWE-359",
421
+ "control_name": "CWE-359",
422
+ "tier": "Foundational",
423
+ "scope": "Both",
424
+ "url": "https://cwe.mitre.org/data/definitions/359.html"
425
+ },
426
+ {
427
+ "framework": "MAESTRO",
428
+ "control_id": "L2",
429
+ "control_name": "Data Operations",
430
+ "tier": "Foundational",
431
+ "scope": "Both"
432
+ },
433
+ {
434
+ "framework": "MAESTRO",
435
+ "control_id": "L6",
436
+ "control_name": "Security & Compliance",
437
+ "tier": "Foundational",
438
+ "scope": "Both"
439
+ },
440
+ {
441
+ "framework": "MAESTRO",
442
+ "control_id": "L7",
443
+ "control_name": "Agent Ecosystem",
444
+ "tier": "Foundational",
445
+ "scope": "Both"
446
+ },
447
+ {
448
+ "framework": "AIUC-1",
449
+ "control_id": "D",
450
+ "control_name": "Reliability domain (all)",
451
+ "tier": "Hardening",
452
+ "scope": "Both",
453
+ "notes": "Foundational"
454
+ },
455
+ {
456
+ "framework": "AIUC-1",
457
+ "control_id": "B006",
458
+ "control_name": "Prevent unauthorized AI actions",
459
+ "tier": "Hardening",
460
+ "scope": "Both",
461
+ "notes": "Foundational"
462
+ },
463
+ {
464
+ "framework": "AIUC-1",
465
+ "control_id": "E",
466
+ "control_name": "Audit trails and logging",
467
+ "tier": "Hardening",
468
+ "scope": "Both",
469
+ "notes": "Foundational"
470
+ },
471
+ {
472
+ "framework": "OWASP NHI Top 10",
473
+ "control_id": "Shared credential across pipeline stages — one failure affects all",
474
+ "control_name": "NHI-9 NHI Reuse",
475
+ "tier": "Hardening",
476
+ "scope": "Both",
477
+ "notes": "Separate credentials per pipeline stage"
478
+ },
479
+ {
480
+ "framework": "OWASP NHI Top 10",
481
+ "control_id": "Single credential covering multiple pipeline stages amplifies cascade",
482
+ "control_name": "NHI-5 Over-Privileged NHI",
483
+ "tier": "Hardening",
484
+ "scope": "Both",
485
+ "notes": "Per-stage minimum scope credentials"
486
+ },
487
+ {
488
+ "framework": "NIST SP 800-218A",
489
+ "control_id": "PW.4.1-PS",
490
+ "control_name": "Reuse existing well-secured software — third-party data vetting",
491
+ "tier": "Foundational",
492
+ "scope": "Both",
493
+ "notes": "Vet all third-party data sources, APIs, and pre-trained components for security, quality, compliance, and provenance before use in AI pipelines"
494
+ },
495
+ {
496
+ "framework": "NIST SP 800-218A",
497
+ "control_id": "PS.2.1-PS",
498
+ "control_name": "Verify software integrity — third-party data integrity",
499
+ "tier": "Foundational",
500
+ "scope": "Both",
501
+ "notes": "Verify integrity of all third-party data deliveries using checksums, signatures, or schema validation; detect tampering or corruption before pipeline ingestion"
502
+ },
503
+ {
504
+ "framework": "NIST SP 800-218A",
505
+ "control_id": "RV.1.1-PS",
506
+ "control_name": "Identify and confirm vulnerabilities — third-party monitoring",
507
+ "tier": "Foundational",
508
+ "scope": "Both",
509
+ "notes": "Monitor for security advisories and quality issues from third-party data providers; establish triage procedures for third-party data incidents"
510
+ },
511
+ {
512
+ "framework": "FedRAMP",
513
+ "control_id": "SA-9",
514
+ "control_name": "External Information System Services — third-party data controls",
515
+ "tier": "Foundational",
516
+ "scope": "Both",
517
+ "notes": "Require FedRAMP authorisation for third-party data service providers; establish SLAs covering data security, privacy, and incident notification"
518
+ },
519
+ {
520
+ "framework": "FedRAMP",
521
+ "control_id": "SR-2",
522
+ "control_name": "Supply Chain Risk Management Plan — data provider risk",
523
+ "tier": "Foundational",
524
+ "scope": "Both",
525
+ "notes": "Include third-party data providers in supply chain risk management; assess data handling practices and security posture"
526
+ },
527
+ {
528
+ "framework": "FedRAMP",
529
+ "control_id": "SR-3",
530
+ "control_name": "Supply Chain Controls — data provenance from third parties",
531
+ "tier": "Foundational",
532
+ "scope": "Both",
533
+ "notes": "Verify provenance and integrity of data from third-party sources; implement validation before ingestion into AI pipelines"
534
+ },
535
+ {
536
+ "framework": "DORA",
537
+ "control_id": "Art. 28–44",
538
+ "control_name": "Third-Party Risk — data provider and processor oversight",
539
+ "tier": "Foundational",
540
+ "scope": "Both",
541
+ "notes": "Include all third-party data providers and processors in DORA third-party risk management; conduct due diligence, establish contracts, and monitor ongoing compliance"
542
+ },
543
+ {
544
+ "framework": "DORA",
545
+ "control_id": "Art. 8",
546
+ "control_name": "Identification — third-party data inventory",
547
+ "tier": "Foundational",
548
+ "scope": "Both",
549
+ "notes": "Register all third-party data sources in ICT asset inventory; document provenance, contracts, and dependency relationships"
550
+ },
551
+ {
552
+ "framework": "DORA",
553
+ "control_id": "Art. 45",
554
+ "control_name": "Information Sharing — third-party threat intelligence",
555
+ "tier": "Foundational",
556
+ "scope": "Both",
557
+ "notes": "Participate in information sharing arrangements for third-party AI data risks; share threat intelligence on data provider compromises"
558
+ }
559
+ ],
560
+ "tools": [
561
+ {
562
+ "name": "Label Studio",
563
+ "type": "open-source",
564
+ "url": "https://labelstud.io"
565
+ },
566
+ {
567
+ "name": "Scale AI",
568
+ "type": "commercial",
569
+ "url": "https://scale.com"
570
+ },
571
+ {
572
+ "name": "Presidio",
573
+ "type": "open-source",
574
+ "url": "https://github.com/microsoft/presidio"
575
+ },
576
+ {
577
+ "name": "Great Expectations",
578
+ "type": "open-source",
579
+ "url": "https://greatexpectations.io"
580
+ },
581
+ {
582
+ "name": "CycloneDX",
583
+ "type": "open-source",
584
+ "url": "https://cyclonedx.org"
585
+ },
586
+ {
587
+ "name": "Sigstore",
588
+ "type": "open-source",
589
+ "url": "https://www.sigstore.dev"
590
+ },
591
+ {
592
+ "name": "OWASP Dependency-Check",
593
+ "type": "open-source",
594
+ "url": "https://owasp.org/www-project-dependency-check/"
595
+ },
596
+ {
597
+ "name": "OneTrust Vendorpedia",
598
+ "type": "commercial",
599
+ "url": "https://www.onetrust.com"
600
+ },
601
+ {
602
+ "name": "ServiceNow VRM",
603
+ "type": "commercial",
604
+ "url": "https://www.servicenow.com"
605
+ }
606
+ ],
607
+ "incidents": [
608
+ {
609
+ "name": "Scale AI / Sama contractor data exposure — third-party AI labeling workforce privacy violations",
610
+ "url": "https://github.com/emmanuelgjr/GenAI-Security-Crosswalk/blob/main/data/incidents.json",
611
+ "year": 2024,
612
+ "incident_id": "INC-044"
613
+ }
614
+ ],
615
+ "crossrefs": {
616
+ "dsgai_2026": [
617
+ "DSGAI07",
618
+ "DSGAI08"
619
+ ],
620
+ "llm_top10": [
621
+ "LLM02",
622
+ "LLM05",
623
+ "LLM03"
624
+ ],
625
+ "agentic_top10": [
626
+ "ASI10",
627
+ "ASI04"
628
+ ]
629
+ },
630
+ "changelog": [
631
+ {
632
+ "date": "2026-03-27",
633
+ "version": "1.0.0",
634
+ "change": "Initial entry — generated from GenAI Security Crosswalk v1.5.1 mapping files",
635
+ "author": "emmanuelgjr"
636
+ }
637
+ ]
638
+ }