Methodology
One repeatable method,run against every engagement
Contributor, OWASP Top 10 for Agentic Applications 2026 · CISSP · PhD · 15+ years enterprise security
Every Molntek review follows the same four-phase method, mapped to the OWASP Top 10 for Agentic Applications 2026 and cross-referenced to NIST AI RMF, MITRE ATLAS, and EU AI Act Article 15. The method is fixed, which is why the price is too — and why the deliverable reads the same whether it lands in front of your engineers or your auditors.
The four phases
Scope narrows the work, the threat model finds where it breaks, testing proves it, and the walkthrough makes sure your team can act on it.
01 · Scope
We agree the one system in focus — an agent, an MCP integration, or a RAG pipeline — its trust boundaries, tools, and data paths. No production data is accessed; everything runs against staging.
02 · Threat model
A structured walkthrough of where untrusted text meets privileged tools. Each entry point is mapped to the OWASP Top 10 for Agentic Applications 2026 (ASI01–ASI10) and ranked by exploitability.
03 · Test & verify
Findings are reproduced against staging — prompt injection, confused-deputy, tool hijacking, exfiltration. Every issue ships with a concrete reproduction, not a theoretical risk.
04 · Report & walkthrough
A written deliverable with severity-ranked findings, OWASP/NIST/MITRE/EU AI Act mapping, and a sequenced remediation roadmap — followed by a live session with your engineering and security teams.
What the threat model covers
Every finding is mapped to a category in the OWASP Top 10 for Agentic Applications 2026, so the report speaks the same language as the standard your customers and auditors already reference.
How severity is scored
Each finding is rated on exploitability and impact, then mapped to a single severity. The model is deliberately simple so engineering and leadership read it the same way.
Cross-referenced to the frameworks you report against
OWASP Top 10 for Agentic Applications 2026 — the primary taxonomy. Every finding carries an ASI mapping.
NIST AI RMF — findings reference the relevant Measure/Manage functions so the work slots into an existing AI risk program.
MITRE ATLAS — adversary techniques are named with their ATLAS IDs where they apply.
EU AI Act Article 15 — accuracy, robustness, and cybersecurity obligations are noted where the system falls in scope.
See the deliverable before you buy
A sanitized sample report shows the full structure, severity model, and remediation roadmap you receive at the end of a real engagement.
Read the sample report →Want this run against your system?
30 minutes to scope which system to start with and how the method applies to your stack.