Implementer Report
Implementer Report
A specification is only real when more than one engine implements it the same way. This report lists the organizations that run or reference ATR — each one independent evidence that the format can be implemented from the spec alone, the way W3C advances a standard on the strength of its implementations. Self-declared via pull request to the ADOPTERS.md registry.
Conformance levels in this report follow the L1 / L2 / L3 definitions established in /spec. View conformance level definitions →
§1Current Implementers
The following organizations have integrated or referenced ATR. The Conformance column distinguishes L1 Engine (ATR rules actually running inside the organization's own detection engine) from L1 Citation / L1 Galaxy (referenced or incorporated into a taxonomy). An Engine row carries the most weight — it means another independent team implemented the format from the spec alone and ran it in production. Each entry links to the merged pull request or integration commit that constitutes the public adoption record; nothing here is asserted privately — every row is verifiable on GitHub.
| Organization | Conformance | Spec Version | Integration Date | Public Reference |
|---|---|---|---|---|
| Microsoft Agent Governance Toolkit | L1 Engine | 3.0.0-alpha | 2026-04-26 | PR #1277 ↗ |
| Cisco AI Defense (skill-scanner) | L1 Engine | 2.2.0 | 2026-04-22 | PR #99 ↗ |
| MISP — CIRCL (galaxy) | L1 Galaxy | 2.2.0 | 2026-05-10 | galaxy #1207 ↗ |
| MISP — CIRCL (taxonomies) | L1 Citation | 2.2.0 | 2026-05-10 | taxonomies #323 ↗ |
| OWASP A-S-R-H Project | L1 Citation | 2.2.0 | 2026-05-11 | PR #74 ↗ |
| Gen Digital Sage (Norton / Avast / LifeLock) | L1 Engine | 2.2.0 | 2026-05-11 | PR #33 ↗ |
Microsoft Agent Governance Toolkit
- Conformance
- L1 Engine
- Spec Version
- 3.0.0-alpha
- Integration Date
- 2026-04-26
Cisco AI Defense (skill-scanner)
- Conformance
- L1 Engine
- Spec Version
- 2.2.0
- Integration Date
- 2026-04-22
MISP — CIRCL (taxonomies)
- Conformance
- L1 Citation
- Spec Version
- 2.2.0
- Integration Date
- 2026-05-10
Gen Digital Sage (Norton / Avast / LifeLock)
- Conformance
- L1 Engine
- Spec Version
- 2.2.0
- Integration Date
- 2026-05-11
This report is generated from ADOPTERS.md as the single source of truth. Maintainers do not pre-approve adopters — a schema-conforming PR with a verifiable public evidence link is sufficient for merge. ADOPTERS.md ↗
Standards-body submissions (in review, not adoptions)
ATR submitted its community AI RMF OSCAL catalog to NIST's official usnistgov/oscal-content repo; the submission is in review (the NIST OSCAL maintainer opened collaboration branch #338). This is not a NIST adoption or endorsement, so it is not listed in the implementers table above. #338 ↗
§2How to self-certify
ATR follows a self-certification model: conformance is demonstrated, not asserted. Implementers run the conformance test suite locally, then open a pull request against ADOPTERS.md with their integration metadata. There is no review board and no paid certification — the only price of admission to this report is passing the tests in the open. The minimal self-certification procedure is three steps.
- Run the conformance test suite locally. The test suite consists of YAML fixtures stored under
spec/conformance/↗. Each fixture pairs a rule with its expected evaluation outcome on a fixed event. An implementation passes if every fixture evaluates as declared. - Open a pull request against ADOPTERS.md. Submit against ADOPTERS.md ↗ on the main branch. Maintainers typically validate the schema and merge within seven days.
- Include full integration metadata in the PR. At minimum: organization name, the spec version your integration targets, the integration date (ISO 8601), a publicly verifiable evidence link (PR, commit, or public documentation URL), and a self-declared conformance level (L1 Engine / L2 Publisher / L3 Sub-range Authority).
The TSC reserves the right to re-run the test suite against any published self-certification at any time to verify the declared outcome.
§3Conformance levels at a glance Informative
This section is informative. The normative text for each level lives at /conformance.
L1 Engine Conformance
An L1 engine is what makes the format portable. It MUST parse every rule that validates against spec/atr-schema.yaml, MUST evaluate detection.conditions with the semantics defined in §3.5, and MUST honor scan_target and status semantics — so that the same rule yields the same verdict regardless of who wrote the engine. L1 engines MAY refuse rules outside their declared scan_target.
L2 Publisher Conformance
An L2 publisher publishes rules in a vendor-prefixed sub-range (e.g., ACME-YYYY-NNNNN) that follow all ATR semantics. L2 publishers MUST honor the deprecation policy in §3.7 and SHOULD include test_cases for every published rule.
L3 Sub-range Authority
An L3 sub-range authority is a national or organizational body that mints rules under a sovereign prefix (e.g., ATR-TW-2026-NNNNN). Authority is granted following the procedure in /charter §5; the TSC grants it once seated — until then the lead maintainer (BDFL) acts in this role.
Read the full normative text → — Includes test-suite structure, self-certification procedure, and conformance verification flow.