MITRE ATLAS / AML.T0040

AML.T0040: ML Model Inference API Access

Attacker probes a deployed inference API to discover model behaviour.

Last reviewed June 2026

Problem

The gap AML.T0040 closes

ML Model Inference API Access sits in the reconnaissance surface, and MITRE ATLAS rates it medium. Attacker probes a deployed inference API to discover model behaviour. For teams shipping LLM and agentic features, a control like this is only as good as the evidence that it was actually tested - an unverified control is a finding waiting for an auditor.

How Penaxtra approaches it

How Penaxtra delivers AML.T0040

Penaxtra maps its probe families to this ATLAS technique, so adversarial activity matching ml model inference api access surfaces as a finding carrying the AML.T0040 technique identifier - ready for ATT&CK-style threat tracking and reporting. Every relevant finding is created with the MITRE ATLAS AML.T0040 identifier already attached, so it lands in the audit-evidence pack mapped to the control rather than as a screenshot someone has to translate later. Where the same weakness touches another framework, the cross-framework overlap means one finding satisfies several control cells at once.

Technical capabilities

AML.T0040 capabilities

Probe and check coverage aligned to AML

T0040 (ML Model Inference API Access).

Findings tagged with the MITRE ATLAS AML

T0040 control identifier.

Severity context (MITRE ATLAS rates this medium)

Cross-framework overlap so one finding maps to several control cells

PDF and JSON audit-evidence export with the control id attached

Compliance mapping

AML.T0040 compliance mapping

Findings for AML.T0040 carry the MITRE ATLAS AML.T0040 identifier and cross-map to the related controls in the other five frameworks Penaxtra covers.

FAQ

Frequently asked

What is AML.T0040 (ML Model Inference API Access)?

Attacker probes a deployed inference API to discover model behaviour. It is part of MITRE ATLAS, rated medium.

How does Penaxtra test for AML.T0040?

Penaxtra maps its probe families to this ATLAS technique, so adversarial activity matching ml model inference api access surfaces as a finding carrying the AML.T0040 technique identifier - ready for ATT&CK-style threat tracking and reporting.

Does a finding for AML.T0040 help with an audit?

Yes. Each finding is tagged with the MITRE ATLAS AML.T0040 control identifier and exported in the PDF and JSON evidence pack, so it maps straight onto the auditor control list instead of needing manual translation.

Related

Explore further

MITRE ATLAS overview AML.T0024 Exfiltration via LLM Inference AML.T0034 Cost Harvesting OWASP LLM, Agentic and MITRE ATLAS ID crosswalk AI-SPM platform overview

Request a demo

Scoped walkthrough of the MITRE ATLAS / AML.T0040 surface against your environment. No credit card.

Request a demo Explore AI-SPM platform