MITRE ATLAS v5.5.0 — Sunglasses Technique Mapping
Our 65 threat categories mapped to MITRE ATLAS v5.5.0 techniques — the standard knowledge base for adversarial threats against AI systems. 16 tactics, 101 techniques, 66 sub-techniques in ATLAS total; we map directly to the LLM and agent-focused subset.
ATLAS is behavior-and-adversary focused: each technique describes what an attacker does. Our mapping shows which ATLAS techniques a Sunglasses finding provides detection evidence for, at the content/input layer.
Priority technique mappings
Core prompt-injection detection surface
Encoding and obfuscation evasion
Parasitic and indirect injection via public surfaces
System-prompt extraction probes
Data-exfiltration detection
Context and memory poisoning
Tool-metadata poisoning (MCP + tool layer)
Supply-chain runtime signals
Agent workflow and configuration attacks
Jailbreak and sandbox-escape attempts
Command injection and code execution payloads
Credential and secret detection
UI-layer deception and trust-component manipulation
Social engineering patterns
C2 and back-channel indicators
Full quick-reference table
Non-ATLAS categories (traditional AppSec)
These Sunglasses categories catch attacks that aren’t AI-specific and therefore don’t have ATLAS techniques — they’re traditional AppSec payloads that agents may be manipulated into executing:
path_traversalmaps to CWE-22, not ATLAS
deserializationmaps to CWE-502, not ATLAS
ssrfmaps to CWE-918, not ATLAS
dns_tunnelingmaps to MITRE ATT&CK T1572, not ATLAS
These are still first-class detection categories — they just live on the ATT&CK / CWE side of the taxonomy.
Official source: atlas.mitre.org · Data: github.com/mitre-atlas/atlas-data (v5.5.0 as of Apr 2026).