Implementer Report
Implementer Report
Organizations that have shipped ATR in production. Self-declared via pull request to the ADOPTERS.md registry.
Conformance levels in this report follow the L1 / L2 / L3 definitions established in /spec. View conformance level definitions →
§1Current Implementers
The following organizations have shipped ATR in production. Each entry links to the merged pull request or integration commit that constitutes the public adoption record.
| Organization | Conformance | Spec Version | Integration Date | Public Reference |
|---|---|---|---|---|
| Microsoft Agent Governance Toolkit | L1 Engine | 3.0.0-alpha | 2026-04-26 | PR #1277 ↗ |
| Cisco AI Defense (skill-scanner) | L1 Engine | 2.2.0 | 2026-04-22 | PR #99 ↗ |
| MISP — CIRCL (galaxy) | L1 Galaxy | 2.2.0 | 2026-05-10 | galaxy #1207 ↗ |
| MISP — CIRCL (taxonomies) | L1 Citation | 2.2.0 | 2026-05-10 | taxonomies #323 ↗ |
| OWASP A-S-R-H Project | L1 Citation | 2.2.0 | 2026-05-11 | PR #74 ↗ |
| Gen Digital Sage (Norton / Avast / AVG) | L1 Engine | 2.2.0 | 2026-05-11 | PR #33 ↗ |
| NIST OSCAL | Path 1 Accepted | 2.2.0 | 2026-05-10 | ai-rmf-oscal-catalog ↗ |
Microsoft Agent Governance Toolkit
- Conformance
- L1 Engine
- Spec Version
- 3.0.0-alpha
- Integration Date
- 2026-04-26
Cisco AI Defense (skill-scanner)
- Conformance
- L1 Engine
- Spec Version
- 2.2.0
- Integration Date
- 2026-04-22
MISP — CIRCL (taxonomies)
- Conformance
- L1 Citation
- Spec Version
- 2.2.0
- Integration Date
- 2026-05-10
Gen Digital Sage (Norton / Avast / AVG)
- Conformance
- L1 Engine
- Spec Version
- 2.2.0
- Integration Date
- 2026-05-11
NIST OSCAL
- Conformance
- Path 1 Accepted
- Spec Version
- 2.2.0
- Integration Date
- 2026-05-10
This report is generated from ADOPTERS.md as the single source of truth. Maintainers do not pre-approve adopters — a schema-conforming PR with a verifiable public evidence link is sufficient for merge. ADOPTERS.md ↗
§2How to self-certify
ATR follows a self-certification model: implementers run the conformance test suite locally and open a pull request against ADOPTERS.md with their integration metadata. The minimal self-certification procedure is three steps.
- Run the conformance test suite locally. The test suite consists of YAML fixtures stored under
spec/conformance/↗. Each fixture pairs a rule with its expected evaluation outcome on a fixed event. An implementation passes if every fixture evaluates as declared. - Open a pull request against ADOPTERS.md. Submit against ADOPTERS.md ↗ on the main branch. Maintainers typically validate the schema and merge within seven days.
- Include full integration metadata in the PR. At minimum: organization name, the spec version your integration targets, the integration date (ISO 8601), a publicly verifiable evidence link (PR, commit, or public documentation URL), and a self-declared conformance level (L1 Engine / L2 Publisher / L3 Sub-range Authority).
The TSC reserves the right to re-run the test suite against any published self-certification at any time to verify the declared outcome.
§3Conformance levels at a glance Informative
This section is informative. The normative text for each level lives at /conformance.
L1 Engine Conformance
An L1 engine MUST parse every rule that validates against spec/atr-schema.yaml, MUST evaluate detection.conditions with the semantics defined in §3.5, and MUST honor scan_target and status semantics. L1 engines MAY refuse rules outside their declared scan_target.
L2 Publisher Conformance
An L2 publisher publishes rules in a vendor-prefixed sub-range (e.g., ACME-YYYY-NNNNN) that follow all ATR semantics. L2 publishers MUST honor the deprecation policy in §3.7 and SHOULD include test_cases for every published rule.
L3 Sub-range Authority
An L3 sub-range authority is a national or organizational body that mints rules under a sovereign prefix (e.g., ATR-TW-2026-NNNNN). Authority is granted by the ATR TSC following the procedure in /charter §5.
Read the full normative text → — Includes test-suite structure, self-certification procedure, and conformance verification flow.