Tessera Launches Open-Source Framework for OWASP AI Security Testing Across Major Models
Key Takeaways
- ▸Tessera is the first open-source framework to automate all 32 OWASP AI security tests for LLMs and computer vision models via single CLI command
- ▸Framework covers four OWASP categories and supports every major AI provider including OpenAI, Anthropic, Google, Meta, and Mistral
- ▸Addresses regulatory compliance requirements from EU AI Act and NIST AI RMF by providing unified, comprehensive AI security testing solution
Summary
Tessera has released an open-source framework designed to run all 32 OWASP AI security tests against major AI models including GPT-4o, Claude, Gemini, Llama 3, and Mistral. The framework implements a comprehensive 3-phase methodology—Attack, Measure, Defend—to evaluate the security posture of both Large Language Models and Computer Vision systems across four OWASP AI categories. Users can execute security testing with a single CLI command and receive detailed security reports in JSON and HTML formats.
The framework addresses a critical gap in AI security tooling by unifying fragmented security testing solutions into one comprehensive platform. With regulatory frameworks like the EU AI Act and NIST AI RMF now requiring organizations to demonstrate security testing of AI systems, Tessera provides enterprises, researchers, and security teams with an accessible solution for compliance and threat assessment. The framework has been validated with 375 total tests—32 OWASP security implementations, 261 unit/integration tests, and 82 end-to-end tests—and supports deployment from local research environments to enterprise Kubernetes clusters.
- Includes benchmarking results for top 5 AI models and has been thoroughly tested with 375 passing tests across security, unit, integration, and end-to-end test suites
Editorial Opinion
Tessera's open-source framework represents a significant step forward in democratizing AI security testing at a critical moment when regulators and enterprises are demanding rigorous security validation. By consolidating fragmented security tools into a single unified platform supporting both LLMs and computer vision, Tessera removes major barriers to compliance and threat assessment. However, the framework's effectiveness will depend on ongoing updates to match evolving attack vectors and its adoption across industry—the testing landscape will benefit from community contributions and real-world deployment feedback.
