Kore.ai — agentic threat model
Kore.ai is an enterprise-grade conversational AI platform with moderate-to-high agentic risk, driven primarily by its deep integration into sensitive business systems (Banking, Healthcare, HR) and multi-channel deployment, though its structured no-code framework limits autonomous drift.
OWASP AIVSS score rationale
| Autonomy of Action | 0.60 | |
| Goal-Driven Planning | 0.50 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.70 | |
| Persistent Memory | 0.50 | |
| Contextual Awareness | 0.60 | |
| Dynamic Identity | 0.30 | |
| Multi-Agent Interactions | 0.40 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.40 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — Kore.ai is a platform that likely supports multiple LLMs or proprietary models, but the listing does not specify the exact foundation models used or their specific alignment and robustness controls.
Not certain from the listing — The platform integrates with enterprise systems and handles customer/employee data across sensitive verticals (Healthcare, Banking), but specific data operations, vector databases, or lineage controls are not detailed.
Kore.ai provides a robust no-code orchestration framework for designing, training, testing, and managing virtual assistants. It manages tool integration and dialog flows, presenting risks of insecure tool integration if enterprise APIs are connected without strict input validation.
Not certain from the listing — The platform is deployed across multiple channels and enterprise systems, but the hosting infrastructure, sandboxing of execution environments, and secrets management details are not provided.
The listing highlights tools for 'testing, and managing' virtual assistants, indicating built-in evaluation capabilities, though specific real-time guardrails, drift detection, or logging mechanisms are not fully detailed.
Not certain from the listing — While targeting highly regulated industries like Banking and Healthcare which demand strict compliance (e.g., HIPAA, SOC2, GDPR), the public listing does not explicitly detail the platform's specific security certifications or identity/authorization controls.
Not certain from the listing — The platform supports deploying multiple virtual assistants and integrating with various channels, but the listing does not explicitly detail multi-agent collaboration protocols or a shared agent marketplace.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.