Big Cranium Logo White.png
TrainingHelp Center
Find the insights and best practices about our product.
General
FAQs
System & Network Requirements
Getting Started
My AI Dashboard Overview
Release Notes
2026.4.2 Release Notes
2026.4.1 Release Notes
2026.3.1 Release Notes
2026.2.2 Release Notes
2026.2.1 Release Notes
2026.1.1 Release Notes
2025.12.1 Release Notes
2025.11.1 Release Notes
2025.10.3 Release Notes
2025.10.1 Release Notes
2025.9.1 Release Notes
2025.8.1 Release Notes
2025.7.1 Release Notes
2025.4.1 Release Notes
2025.3.1 Release Notes
2025.1.1 Release Notes
2024.12.1 Release Notes
AI Manager
My AI Systems
My AI Systems Overview
AI System Details Overview
Adding a New AI System
Self-Attesting to a Compliance Framework
Compliance Scoring
Compliance Agent [Beta]
My AI Supply Chain
Supply Chain Overview
Managing Outgoing AI Card Requests
Responding to an AI Card Request
Publishing an AI Card Without a Request
My Vendors Overview
Artifacts
Bill of Materials
Bill of Materials Overview
Creating a Bill of Materials with CodeSensor
Self-Attest to a Bill of Materials
AgentSensor Overview
Technology Search Overview
Document Library
Document Library Overview
Vulnerability Management
Arena Shield
Arena Shield Overview
Shield YAML Implementation Guide
Arena
AI Arena Overview
Vulnerability Assessment
Vulnerability Management
Vulnerability Assessment Overview
Accessing a Vulnerability Assessment
Adversarial Inputs Detector
Vulnerabilities Overview
Settings
User Manager Overview
Detect AI
Integrations
Accessing a Private VCS
Registering SSH for CodeSensor
Integrating Bitbucket with Cranium
Integrating GitHub with Cranium
Integrating GitLab with Cranium
Integrating Azure DevOps with Cranium
Continuous Monitoring Overview
VCS Service Rate Limits
CloudSensor
CloudSensor Overview
Public API
Public API Overview
Authentication & Generating Credentials
Pagination & Incremental Sync
Rate Limits & Error Handling
Endpoint Reference
Bills of Materials
Technology Vulnerabilities
Arena Models
Arena Model Vulnerabilities
Home
Vulnerability Manage...
Vulnerability Assess...
Vulnerability Assess...
Vulnerability Assessment Overview

Introduction

Vulnerability Assessments identify and evaluate security weaknesses within AI Systems. Cranium analyzes components listed in AI Bills of Materials, results from AI Arena penetration tests, and Adversarial Inputs Detector to uncover potential risks. Cranium generates insights into known vulnerabilities and weaknesses by examining software dependencies, configurations, code patterns, and model behaviors, helping organizations proactively mitigate threats.

Cranium automatically conducts a Vulnerability Assessment once a Bill of Materials is generated. Assessments combine detailed component inventories with model penetration test results and security findings from code analysis to provide comprehensive risk visibility across models, technologies, and other security findings. Once identified, vulnerabilities can be resolved or ignored with documented justification, creating an audit trail for compliance and security review."

A Vulnerability Assessment is an artifact scoped to a single Bill of Materials. For a tenant-wide view of findings across all Vulnerability Assessments and Arena-tested models in your organization, see the Vulnerabilities page.

Accessing Vulnerability Assessments

Via Bill of Materials

Navigate to the Bill of Materials List by opening the navigation drawer and selecting Artifacts, then Bill of Materials.

In the Bill of Materials List, either create a new Bill of Materials or locate an existing Bill of Materials you want to assess. Take note of the BOM name, then navigate to the Vulnerability Assessment Tab. When you first visit the Vulnerability Assessment tab, the vulnerabilities list is empty. Use the Artifact dropdown to select a Bill of Materials by name.

Once selected, the BOM's Vulnerability Assessment and associated metadata populate the Vulnerabilities List. Use the Models, Technologies, and Other Vulnerabilities tabs to view each category's discovered vulnerabilities and weaknesses.

Via AI System Manager

Navigate to the AI System you want to assess by opening the navigation drawer and selecting AI Manager, then My AI Systems. Locate the AI System and click View Details.

In the Artifacts Overview, add a Bill of Materials as an artifact or locate an existing Bill of Materials you want to assess. Take note of the BOM name, then navigate to the Vulnerability Assessment Tab. If you have more than one BOM attached to the AI System, the vulnerabilities list will be empty when you first visit the Vulnerability Assessment tab. Use the Artifact dropdown to select a Bill of Materials by name.

Once selected, the BOM's Vulnerability Assessment and associated metadata populate the Vulnerabilities List. Use the Models, Technologies, and Other Vulnerabilities tabs to view each category's discovered vulnerabilities and weaknesses.

Via Vulnerabilities page

Navigate to the Vulnerabilities page by opening the navigation drawer and selecting Artifacts, then Vulnerabilities.

Unlike a Vulnerability Assessment, which represents the findings for a single Bill of Materials, this view displays all vulnerability findings across every Vulnerability Assessment and Arena model in your tenant.

Use the Models and Technologies tabs to browse by category. On the Models tab, filter results by model name or severity level. On the Technologies tab, filter by severity level. Customize visible columns using the Customize Table control, and export results using the Export Vulnerability Report button.

Understanding Vulnerability Data

Vulnerability assessments display different information depending on the category being reviewed. All vulnerabilities include severity classifications and detection sources.

Severity Classifications

Cranium uses three severity classification systems depending on vulnerability type:

  • Model Vulnerabilities: Attack categories for Arena-tested models receive Critical, High, Medium, or Low classifications. Severity levels automatically classify based on Shield testing results.
  • Technology Vulnerabilities: CVE-identified vulnerabilities display industry-standard CVSS base scores alongside unified severity classifications. CVSS scores enable consistent risk evaluation aligned with enterprise security policies and facilitate comparison across security tools. The vulnerability table shows both scoring systems, providing flexibility for different organizational workflows. Filter vulnerabilities by CVSS score range to prioritize remediation using standardized metrics.
  • Other Vulnerabilities: Security findings detected through Adversarial Inputs Detector scans receive High severity classifications. These informational findings help identify potential AI-mediated security threats that traditional scanners cannot detect.

Model Vulnerabilities

Models that have undergone AI Arena Penetration Testing display quantitative risk metrics directly in the Vulnerability Assessment. Each model shows its vulnerable attack categories with success rates indicating the percentage of successful attacks versus total attempts. Severity levels automatically classify as Critical, High, Medium, or Low based on Shield testing results.

Expand a model row to reveal individual attack categories with their specific success rates and severity classifications. The vulnerability count header combines model, technology, and other vulnerabilities for a complete risk overview. This consolidation reduces model assessment time from over 15 minutes to under 2 minutes.

The Arena Findings column provides a count of associated vulnerabilities categories. The Vulnerability Likelihood column shows the model's overall risk score as a percentage. The score is the average attack success rate across all tested attack categories, with each category contributing equally to the result. This means a model with one highly vulnerable category and several resilient ones will reflect a blended risk level. No single category dominates the score based on how many tests were run against it.


Note: The vulnerability likelihood calculation method was updated in Release 2026.3.1. Scores for previously assessed models may reflect updated values as a result of this change.

Technology Vulnerabilities

Technology vulnerabilities show the specific package version affected by each CVE and the programming language. The interface displays exact version numbers when possible and labels inferred versions when the scanner estimates based on dependency files. Teams can determine whether their deployed version is vulnerable without additional research.

Technology vulnerabilities display CVSS base scores alongside unified severity classifications for all CVE-identified vulnerabilities. The vulnerability table shows both scoring systems, providing flexibility for different organizational workflows. Use the filter controls to narrow vulnerabilities by CVSS score range.

Each vulnerability includes:

  • Source: Detection origin (Code Sensor, etc.)
  • Detected: Timestamp of discovery
  • Description: Vulnerability details and impact
  • CVSS Score: Industry-standard risk score (CVE-identified vulnerabilities only)
  • Identifier: CVE number or internal reference
  • Version: Package version affected
  • Tool: Detected with Cranium CodeSensor

Other Vulnerabilities

The Other Vulnerabilities tab displays security findings detected through Adversarial Inputs Detector scans. This category detects patterns that may indicate attempts to exploit AI coding assistants in software development workflows, where malicious actors could attempt to use trusted development tools to propagate harmful code through AI-mediated channels.

Other Vulnerabilities uses pattern analysis to identify suspicious artifacts that may indicate active exploitation attempts or compromise indicators specifically targeting AI-assisted development environments.

Self Propagation Patterns

These findings indicate potential attempts to exploit AI coding assistants like Cursor, GitHub Copilot, Windsurf, and similar tools. The detector identifies code patterns that could be designed to influence AI models to generate or suggest malicious code in other contexts.

Invisible Characters

This detection identifies hidden text embedded within source code files using Unicode manipulation, zero-width characters, or other steganographic techniques.

The View Decoded Text button reveals the actual hidden content, allowing security teams to assess the concealed text.

Managing Vulnerabilities

Resolving and Ignoring Vulnerabilities

Document remediation decisions by marking model and technology vulnerabilities as resolved or ignored. Each action requires a mandatory justification and records the user and timestamp for audit purposes. The system recalculates the vulnerability count when vulnerabilities are resolved or ignored, and recalculates the parent model's Vulnerability Likelihood for model vulnerabilities. Resolving a category excludes it from the score's numerator while keeping it in the denominator, lowering the overall score. Ignoring a category removes it from the calculation entirely. Please note that resolve and ignore actions are not available for other vulnerabilities, which are informational findings only.

To close or ignore a model vulnerability:

  1. Navigate to the Models tab in the Vulnerability Assessment
  2. Expand the model row to show individual attack categories
  3. Select the attack categories you want to mark
  4. Choose "Close" or "Ignore" from the actions column
  5. Enter justification text explaining the decision
  6. Confirm the action

To close or ignore a technology vulnerability

  1. Navigate to the Technologies tab in the Vulnerability Assessment
  2. Select the vulnerabilities you want to mark
  3. Choose "Close" or "Ignore" from the actions column
  4. Enter justification text explaining the decision
  5. Confirm the action

All actions appear in the Resolved Vulnerabilities tab for tracking security decisions over time.

Important: Vulnerability status does not persist across model rescans. Closed or ignored vulnerabilities reset when you rescan the model. Status persistence is planned for a future release.

Vulnerability Categories

Models Tab

Displays AI models detected in the AI System with their associated security risks. For models that have undergone penetration testing, this tab shows attack categories, success rates, and severity classifications. Each entry links to detailed Arena analysis showing attack types, frameworks, algorithms, and conversation logs for successful attacks.

Key information includes:

  • Model name and detection timestamp
  • Vulnerable attack categories count
  • Attack success rates (percentage of successful vs. total attempts)
  • Overall vulnerability likelihood
  • Link to comprehensive Arena breakdown

Technologies Tab

Displays third-party libraries, frameworks, and dependencies with known Common Vulnerabilities and Exposures (CVE). Each entry shows:

  • Package or library name
  • Specific version affected
  • Programming language
  • CVSS base score (for CVE-identified vulnerabilities)
  • CVE identifier
  • Detection source and timestamp

Technology vulnerabilities support filtering by CVSS score range to prioritize remediation efforts.

Other Vulnerabilities Tab

Displays security findings detected through automated analysis of your code repositories. This tab identifies potential AI-mediated attack patterns including:

  • Self Propagation Patterns: Suspicious patterns that may indicate malicious code propagation through AI coding assistants like Cursor, GitHub Copilot, or Windsurf
  • Invisible Characters: Hidden text embedded in code files using Unicode manipulation or zero-width characters

Each entry shows:

  • Source file name
  • Vulnerability type (Self Propagation Patterns or Invisible Characters)
  • File path within the repository
  • Detected pattern or tool reference
  • Severity level

Unlike model and technology vulnerabilities, other vulnerabilities cannot be resolved or ignored through the platform. These are informational findings that provide early warning indicators for security teams to investigate potential threats.

Tips and Best Practices

  • Prioritize using CVSS scores: For technology vulnerabilities, use CVSS score filtering to align remediation with enterprise security policies.
  • Review attack success rates and severity: Model vulnerabilities display quantitative risk metrics and severity classifications. Higher success rates and Critical/High severity ratings indicate greater exploitation likelihood and may warrant immediate attention.
  • Document remediation decisions: Always provide detailed justification when resolving or ignoring vulnerabilities. This creates an audit trail for compliance and helps teams understand past security decisions.
  • Plan for rescans: Remember that vulnerability status resets when models are rescanned. Develop processes to revalidate closed vulnerabilities after updates.
  • Combine vulnerability sources: The vulnerability count header combines model and technology vulnerabilities. Review both categories to understand complete system risk.
  • Use Arena for detailed analysis: When model vulnerabilities show high success rates, click "View in Arena" to examine specific attack patterns, conversation logs, and exploitation techniques.
Did this answer your question?
Related Articles
Arena Shield Overview
Bill of Materials Overview
AI Arena Overview
Accessing a Vulnerability Assessment
Adversarial Inputs Detector
Technology Search Overview