.svg){kind=logo}
The Industry Benchmark for AI Agent Security
The b³ Benchmark, built by Lakera's research team, is the most comprehensive independent evaluation of how backbone LLMs perform under real-world adversarial attack. Powered by hundreds of thousands of crowdsourced attacks across today's leading models, it gives security and AI leaders the data they need to make informed model selection decisions.
AI agents inherit the security properties of their backbone LLM, and the model you choose directly impacts your risk posture. The b³ Benchmark isolates and measures backbone LLM security using threat snapshots: a framework that captures real-world attack scenarios across agentic applications.
The rankings below reflect aggregated vulnerability scores across all threat categories and defense levels.
Why the b³ Benchmark Matters
AI agents inherit the security properties of their backbone LLM. The b³ Benchmark is designed for security teams and AI leaders who need real-world visibility.
What Sets it Apart
Comprehensive attack coverage
Covers six major attack task types spanning direct and indirect attacks, tool manipulation, data exfiltration, and denial of service.
Tests models across defense configurations
Every model is evaluated under three defense levels: minimal system prompt constraints, hardened system prompts with extended context, and LLM-as-judge self-defense.
Crowdsourced, not automated
The benchmark attacks were selected from hundreds of thousands of human-generated attempts, representing less than 1% of total attack data.
Go Beyond the Benchmark with AI Red Teaming
The b³ Benchmark tells you which models are most resilient. The AI Red Teaming platform tells you whether your AI system is secure.
