Safety

Red Teaming

Deliberately trying to make an AI model misbehave — find jailbreaks, exploits, and failure modes — before adversaries do.

01 ——

In plain English

Red teaming, borrowed from cybersecurity, is the practice of attacking your own AI system to find weaknesses. A team of humans (or other AI models) probes the model with edge cases, jailbreaks, prompt injections, and adversarial inputs to discover how it fails — so the developers can fix it.

What red teamers look for:

  • Jailbreaks — prompts that bypass safety training
  • Prompt injections — instructions embedded in data the model reads
  • Bias and unfair behaviour — does the model treat similar inputs differently based on protected attributes?
  • Capability surprises — can the model help with something it wasn't supposed to?
  • Hallucinations — confident wrong answers on topics that look real

Who does it: Frontier labs (OpenAI, Anthropic, Google DeepMind, Meta) all run formal red teaming programs before model releases. AISIs (UK, US) red-team frontier models pre-deployment. Enterprises increasingly red-team their own AI deployments before launch.

Automated red teaming: Tools like PyRIT (Microsoft), Garak, and Anthropic's automated red team use AI to attack AI at scale.

02 ——

Related terms

Jailbreak
A prompt or technique that tricks an AI model into ignoring its safety rules and producing content it would normally refuse.
Prompt Injection
A security attack where malicious instructions hidden in user input or external content trick an AI model into ignoring its real instructions.
Adversarial Attack
Deliberately crafted inputs that trick an AI model into producing wrong or harmful outputs — a key category of AI security threat.
Alignment
The challenge of making AI systems behave in ways that match human values and intentions — not just their literal instructions.
Guardrails
Rules and filters that constrain what an AI model can output — used to block harmful, off-topic, or non-compliant responses.
AI Evaluation
The structured process of measuring how well an AI model performs — accuracy, safety, cost, latency — usually with a fixed test set called an eval.
Back to glossaryLast reviewed May 2026
Vol. 4 · Issue 19 · Last reviewed 2026-05-30

Sign up for our newsletter

Receive weekly updates so you can stay up-to-date with the world of AI

Discover, explore, and compare the most innovative AI tools in the industry

Explore

All AI tools

Top 100 AI tools

Curated collections

AI tool alternatives

AI categories

Pricing

AI glossary

Compare AI tools

Blog

Methodology

Editorial team

AI graveyard

Latest collections
Policy

Terms & conditions

Privacy policy

FAQ

Refund policy

Affiliate disclosure