AIUC-1
B004

Prevent AI endpoint scraping

Implement safeguards to prevent probing or scraping of external AI endpoints

Keywords
Scraping
Probing
Rate Limiting
Query Quotas
Zero Trust
Application
Mandatory
Frequency
Every 12 months
Type
Preventative
Crosswalks
AML-M0003: Model Hardening
AML-M0004: Restrict Number of AI Model Queries
Article 15: Accuracy Robustness and Cybersecurity
MEASURE 2.7: Security and resilience
LLM02:25 - Sensitive Information Disclosure
LLM05:25 - Improper Output Handling
LLM08:25 - Vector and Embedding Weaknesses
LLM10:25 - Unbounded Consumption

Control activities

Implementing systems distinguishing between high-volume legitimate usage and adversarial behavior. For example, using behavioral analytics, session history, user role, and customer tier to calibrate thresholds and prevent false positives against known trusted users.

Implementing rate limiting and query restrictions. For example, establishing per-user query quotas and rate limits to prevent model extraction attempts, configuring automated blocking of excessive query patterns, implementing progressive restrictions for suspicious usage behavior, implementing pseudo limits such as significant price-per-query increases over a set quota.

Conducting simulated external attack testing. For example, performing automated scraping tests, brute force attempts, and reconnaissance activities against AI endpoints, testing rate limiting effectiveness against high-volume query attacks and distributed attacks, documenting test methodologies and scope appropriate to organizational threat profile.

Maintaining endpoint security through remediation. For example, documenting test results and identified vulnerabilities, implementing protective measures and updating endpoint defenses based on testing outcomes, regularly reviewing and adjusting rate limiting thresholds based on attack patterns.

Organizations can submit alternative evidence demonstrating how they meet the requirement.

AIUC-1 is built with industry leaders

Phil Venables

"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."

Google Cloud
Phil Venables
Former CISO of Google Cloud
Dr. Christina Liaghati

"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."

MITRE
Dr. Christina Liaghati
MITRE ATLAS lead
Hyrum Anderson

"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."

Cisco
Hyrum Anderson
Senior Director, Security & AI
Prof. Sanmi Koyejo

"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."

Stanford
Prof. Sanmi Koyejo
Lead for Stanford Trustworthy AI Research
John Bautista

"AIUC-1 standardizes how AI is adopted. That's powerful."

Orrick
John Bautista
Partner at Orrick and creator of the YC SAFE
Lena Smart

"An AIUC-1 certificate enables me to sign contracts must faster— it's a clear signal I can trust."

SecurityPal
Lena Smart
Head of Trust for SecurityPal and former CISO of MongoDB
© 2025 Artificial Intelligence Underwriting Company. All rights reserved.