Microsoft חושפת את Rampart ו-Clarity: כלי red-team agentic לפיתוח מאובטח

Rampart is the more novel of the two. It extends PyRIT (Microsoft's existing open-source GenAI red-team framework) from post-hoc scanning to continuous in-development probing. The agent injects adversarial prompts and benign test cases into CI so vulnerabilities — prompt injection, data exfil paths, jailbreaks — get caught at merge time rather than after a model is in production. Clarity targets explainability of the resulting findings.

The timing is loud: a max-severity RCE in ChromaDB's FastAPI build rattled the AI-app community this week, underscoring how vector DBs remain an under-audited attack surface for LLM stacks. A CISPA Helmholtz Center audit (covered separately) found 'shadow' LLM API proxies misrepresenting underlying models — a Gemini-2.5-branded proxy scoring 37% on a medical benchmark where the real endpoint scored 84%, contaminating 116 of 187 surveyed academic papers. AI security is moving from theoretical to operational fast.

Competitive context: this is also Microsoft moving the agentic-security narrative onto its own turf rather than ceding it to Anthropic's Mythos or Mistral's banking-cyber model. Rampart's PyRIT lineage gives Microsoft credibility with security teams; Clarity's explainability layer is the enterprise sales argument.