A Scientific Breakthrough That’s Already in Production
In a landmark announcement for the field of AI security, the South Korean startup Selectstar (also known as Datumo) revealed that its automated AI red-teaming framework, “STAR-Teaming,” has been accepted at the ACL 2026 Findings conference. The ACL (Association for Computational Linguistics) is one of the most prestigious scientific venues for natural language processing (NLP) research, making the acceptance a significant validation in itself. The paper, titled “STAR-Teaming: A Strategy-Response Multiplex Network Approach to Automated LLM Red Teaming,” introduces not just a theoretical novelty but a technology that is already available to the enterprise sector.
During the research, the framework was tested on 17 different large language models (LLMs), including industry giants like Claude, ChatGPT, Gemma, Llama, and Qwen. The results are compelling: STAR-Teaming achieved an average Attack Success Rate (ASR) of 74.5% on the widely used HarmBench benchmark. This represents a 13.5 percentage point improvement over the previous state-of-the-art solution, AutoDAN-Turbo, which scored 61.0% in the same testing environment.
Do you have a question about AI security? You can reach us here:
From the Lab to the Market: The Datumo Platform
However, the most critical development is not just the research finding, but its immediate productization. The STAR-Teaming technology has already been integrated into Selectstar’s own enterprise solution for AI reliability assessment, the Datumo Platform. This move clearly signals an industry trend: AI security testing is moving out of the research phase and becoming an integral part of continuous, operational enterprise workflows.
In South Korea, the platform is already being actively used in critical sectors such as electronics manufacturing, home appliances, system integration (SI), IT services, and even in government-led sovereign AI model initiatives. According to a statement from Selectstar, clients most frequently use the platform before their AI services are launched to identify potential safety risks and quality issues. The company emphasized:
“It is also being used after launch, particularly when companies renew, update, or further enhance their AI services.”
This practice aligns with modern software development principles, where security is not a one-time check but a continuous activity throughout the entire lifecycle.
AIQ Analysis: What This Means from an EU AI Act and OWASP Perspective
From an AIQ standpoint, the emergence and productization of automated frameworks like STAR-Teaming bring a fundamental shift to enterprise compliance and risk management, especially in the European market.
EU AI Act and GDPR Compliance
In a corporate context, this means that one-off, manual red teaming audits may soon prove insufficient for meeting the robustness, security, and risk management requirements mandated by the EU AI Act. The expectation from regulators is increasingly shifting towards continuous, documented, and repeatable testing processes. An automated platform can systematically and scalably test models, providing evidence for the application of the “security by design” principle, which is also crucial from a GDPR perspective.
Addressing OWASP LLM Top 10 Risks
Industry bodies like OWASP, as well as AI development leaders like Google and Anthropic, are placing a growing emphasis on red teaming. It is AIQ’s position that automated tools can dramatically accelerate the detection of vulnerabilities listed in the OWASP LLM Top 10. Such a system can systematically attack models for vulnerabilities like Prompt Injection (LLM01), Model Denial of Service (LLM04), or Sensitive Information Disclosure (LLM06), providing far greater coverage than methods relying solely on human resources.
Audit Takeaways for Decision-Makers
The key takeaway for Hungarian and European companies is that the standard for “due diligence” in AI security is rising. Selectstar itself stated: “As more effective approaches become available, existing methods can quickly become outdated, which means companies need to continuously develop and adopt improved evaluation methodologies.” The fact that scientifically validated, automated testing platforms are now commercially available invalidates the argument that “the tools were not available.” Integrating AI security testing into LLMOps/MLOps pipelines is becoming not just a technical best practice, but a business and legal necessity.