>
    Strata Copilot
    Reports
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. AI Red Teaming
    4. Identify AI System Risks with AI Red Teaming
    5. Get Started with Prisma AIRS AI Red Teaming
    6. Reports
    Download PDF
    Prisma AIRS

    Reports

    Table of Contents

    Reports

    Learn about AI Red Teaming reports using Prisma AIRS.
    Where Can I Use This?What Do I Need?
    • Prisma AIRS (AI Red Teaming)
    • Prisma AIRS AI Red Teaming License
    • Prisma AIRS AI Red Teaming Deployment Profile
    Every AI Red Teaming scan on completion will generate a report. The report will contain a Risk Score, overall metrics and all successful attack prompts along with the compromised response. Supported scans include:
    • Red Teaming using Attack Library Report
    • Red Teaming using Agent Report
    • Red Teaming using Custom Prompt Sets Report
    In addition to the completed scan reports, AI Red Teaming also helps you to view the Error Logs and Scan Reports for in progress, failed, and partially completed scans.

    AI Red Teaming using Attack Library Report

    Reports for Attack Library scans.
    AI Red Teaming using Attack Library report is divided in to the following three sections that will give you the information for each scan:
    • Overview
      • AI Summary—Contains the scan configuration, key risks, and implications.
      • Overall Attack Success Rate—This chart will show the percentage of total attacks that were successful.
      • Risk Score—This is the overall risk score assigned to the AI system based on the findings of the attack library scan. It points to the safety and security risk susceptibility of the system. A higher risk score indicates that the AI system is more vulnerable to safety and security attacks. Risk Score ranges from 0-100, 0 being practically no risk and 100 being very high risk. The number of successful attacks and their severity determine the risk score.
      • Attacks by Severity—This chart will show you the split of successful attack by severity. Each attack prompt is run multiple times to test for the probabilistic nature of LLMs. Even if the same attack is successful on multiple attempts, it will be counted only once for all metrics.
      • Attacks by Category—This table and chart will show you the success rate of attacks across the categories you picked when starting the scan.
      Following is the sample attack library report for Brand Reputation Risk scan category:
    • Attack Details—All attack prompts that have one or more compromised responses will be shown in this table along with the severity and category. View Details to look at all the response for that attack and ones that got marked as a compromised response.
    • Recommendations—Suggestions for an Ideal Security Profile and Other Remediation Measures that can safeguard against future threats in your system. AI Red Teaming analyzes successfully exploited vulnerabilities in your environment and guides to:
      • Configure Appropriate Runtime Security Policies that provides the list of suggested runtime security policy configurations.
      • Adopt Other Recommended Measures provides prioritized remediation measures for the successfully compromised vulnerabilities. Displays top three recommendations. Select View all recommendations to review all the recommended measures.
    After viewing (using View Report in the Scans page) a successfully completed scan report, you can do the following with the report:
    • Download as CSV—The CSV download format is best suited for practitioner and provides comprehensive scan data that includes all information visible in the strata cloud manager user interface. CSV format provides details of all attack iterations in addition to the overview data, making it ideal for security practitioners who need full data access for analysis, reporting, or remediation purposes.
    • Download as PDF—Exportable PDF reports help you share the AI Red Teaming assessment results with the executive stakeholders. The PDF report transforms the detailed technical findings from your AI Red Teaming scans into executive summaries that communicate key security insights and risk assessments without requiring deep technical expertise to interpret.
      • The AI Summary contains the scan configuration, key risks, and implications.
      • The Overview section (Security Risk Overview, Safety Risk Overview, Brand Reputation Risk Overview, Compliance Risk Overview) presents all charts and metrics in their expanded state as they appear in the web interface, providing immediate visual context for security posture and risk levels.
      • The Successful Attacks section displays a comprehensive information of identified vulnerabilities and successful attacks.
      You can download reports only for the completed scans.
      To download the PDF reports for your AI Red Teaming assessments, navigate to your completed AI Red Teaming assessment, View Report, select
      and Download as PDF. When you access the download options, select the PDF format from the available export choices, which will include both the traditional CSV format and the new executive PDF option. Once a scan report is generated, you can download the PDF report directly to your local system for distribution to executive stakeholders or inclusion in security briefings and presentations.

    AI Red Teaming using Agent Report

    Reports for Agent scans.
    AI Red Teaming using Agent report is divided in to the following three sections that will give you the information for each scan:
    • Overview
      • AI Summary—Contains the scan configuration, key risks, and implications.
      • Overall Attack Success Rate—This chart will show the percentage of total attacks that were successful.
      • Risk Score—Similar to Red Teaming using Attack Library Reports, these reports also have an overall Risk Score pointing to the safety and security risk susceptibility of the AI system. The Risk Score is calculated based on the number of attack goals crafted by the agent which were successful and the number of techniques which had to be used to achieve them. The Agent always starts with simpler techniques to attack and progressively makes the attacks more sophisticated. The level of complexity that was needed for a goal to succeed is also accounted for in the risk score.
      • Goals and Attack Metrics—Next to the Risk Score you will be able to see the number of unique attack goals that the agent attempted to achieve and how many were successful. For each Goal, the agent will try multiple attack trees and the total attacks and successful number of attacks are shown as well.
    • Attack Details—In this section you will be able to see conversation that the agent has with the target in order to achieve the goal. All compromised responses are also marked in the conversation.
    • Recommendations—Suggestions for an Ideal Security Profile and Other Remediation Measures that can safeguard against future threats in your system. AI Red Teaming analyzes successfully exploited vulnerabilities in your environment and guides to:
      • Configure Appropriate Runtime Security Policies that provides the list of suggested runtime security policy configurations.
      • Adopt Other Recommended Measures provides prioritized remediation measures for the successfully compromised vulnerabilities. Displays top three recommendations. Select View all recommendations to review all the recommended measures.
    After viewing (using View Report in the Scans page) a successfully completed scan report, you can do the following with the report:
    • Download as CSV—The CSV download format is best suited for practitioner and provides comprehensive scan data that includes all information visible in the strata cloud manager user interface. CSV format provides details of all attack iterations in addition to the overview data, making it ideal for security practitioners who need full data access for analysis, reporting, or remediation purposes.
    • Download as PDF—Exportable PDF reports help you share the AI Red Teaming assessment results with the executive stakeholders. The PDF report transforms the detailed technical findings from your AI Red Teaming scans into executive summaries that communicate key security insights and risk assessments without requiring deep technical expertise to interpret.
      • The AI Summary contains the scan configuration, key risks, and implications.
      • The Overview section (Overall Attack Success Rate, Risk Score, Total Attack Goals, Goals Achieved) presents all charts and metrics in their expanded state as they appear in the web interface, providing immediate visual context for security posture and risk levels.
      • The Attack Details section displays a comprehensive information of identified vulnerabilities and details of both successful and failed attacks.
      You can download reports only for the completed scans.
      To download the PDF reports for your AI Red Teaming assessments, navigate to your completed AI Red Teaming assessment, View Report, select
      and Download as PDF. When you access the download options, select the PDF format from the available export choices, which will include both the traditional CSV format and the new executive PDF option. Once a scan report is generated, you can download the PDF report directly to your local system for distribution to executive stakeholders or inclusion in security briefings and presentations.

    AI Red Teaming using Custom Prompt Sets Report

    Reports for Custom Prompt Sets scans.
    AI Red Teaming using Custom Prompt Sets report is divided in to the following two sections that will give you the information for each scan:
    • Overview
      • Overall Attack Success Rate—This chart will display the percentage of total attacks that were successful.
      • Attack Success Rate by Prompt Set—This table will display the total prompts in the prompt set along with the number of total attacks, successful attacks, and failed attacks for selected prompt sets.
      • Successful Attacks by Custom Property—This chart will display the distribution of successful attacks across semantic category.
      The image below illustrates a custom attack report:
    • Attack Details—All attack prompts that have one or more compromised responses will be shown in this table along with the severity and category. View Details to look at all the response for that attack and ones that got marked as a compromised response.
    For each report, you can access Conversation Details:
    For each report, you can access details about the scan. Select Scan Details in the upper right portion of the scan to display additional information:
    After viewing (using View Report in the Scans page) a successfully completed scan report, you can do the following with the report:
    • Download as CSV—The CSV download format is best suited for practitioner and provides comprehensive scan data that includes all information visible in the strata cloud manager user interface. CSV format provides details of all attack iterations in addition to the overview data, making it ideal for security practitioners who need full data access for analysis, reporting, or remediation purposes.
    • Download as PDF—Exportable PDF reports help you share the AI Red Teaming assessment results with the executive stakeholders. The PDF report transforms the detailed technical findings from your AI Red Teaming scans into executive summaries that communicate key security insights and risk assessments without requiring deep technical expertise to interpret.
      • The Overview section (Overall Attack Success Rate, Attack Success Rate by Prompt Set, Successful Attacks by Custom Tag) presents all charts and metrics in their expanded state as they appear in the web interface, providing immediate visual context for security posture and risk levels.
      • The Successful Attacks section displays a comprehensive information of identified vulnerabilities and successful attacks.
      You can download reports only for the completed scans.
      To download the PDF reports for your AI Red Teaming assessments, navigate to your completed AI Red Teaming assessment, View Report, select
      and Download as PDF. When you access the download options, select the PDF format from the available export choices, which will include both the traditional CSV format and the new executive PDF option. Once a scan report is generated, you can download the PDF report directly to your local system for distribution to executive stakeholders or inclusion in security briefings and presentations.

    Partial Scan Reports

    The AI Red Teaming partial scan reports provide you with enhanced visibility and control over your AI red teaming operations when scans encounter issues.
    The AI Red Teaming partial scan reports provide you with enhanced visibility and control over your AI red teaming operations when scans encounter issues or complete with limited responses. This feature addresses common enterprise scenarios where target AI systems may experience intermittent availability, network connectivity issues, or rate limiting that prevents complete scan execution.
    When you initiate a scan, AI Red Teaming tracks the simulation progress and response collection separately.
    It distinguishes between four completion states that determine the actions available to you.
    • Failed scans occur when the simulation cannot complete due to critical errors or target unavailability.
    • Partially complete scans represent successful simulations where the target system responded to a subset of attacks above your configured threshold.
    • In Progress scans that are currently executing their attack simulation against the target system, with real-time error visibility available on the progress page.
    • Complete scans indicate full simulation and response collection without significant errors.
    When the status of a scan is Partially Completed, Generate Report which will provide you two options: to View Error Logs and Generate Report.
    When you choose to generate reports from partially complete scans, AI Red Teaming presents you with credit cost information before processing, enabling you to review error logs and make informed decisions about report generation value. Once you confirm report generation, AI Red Teaming deducts credits according to your scan type configuration and produces a comprehensive report clearly marked with partial completion indicators and response percentage metrics.
    Generate Report to generate a detailed report.

    Error Logs

    Error logs for the scans.
    Error logs integrate directly into your existing scan workflow through two primary access points within the AI Red Teaming interface.
    • During active scan execution, you can monitor real-time error information on the Scans page, enabling you to make informed decisions about continuing or terminating problematic scans.
    • After scan completion, comprehensive error logs become accessible through the Scans page, providing detailed diagnostic information for troubleshooting and root cause analysis.
    When the status of a scan is Failed, then you can View Error Logs from the Actions column in the Scans page.
    When the status of a scan is Partially Complete, Generate Report which will provide you two options: to View Error Logs and Generate Report. Select Error Logs to review the error logs.
    You can also view the Error Logs for a scan that is In progress from the Scans page.

    © 2026 Palo Alto Networks, Inc. All rights reserved.