Update documentation

docs/safety_evaluation.md

@@ -1,17 +1,17 @@
 # Evaluating RAG answer safety
 
-When deploying a RAG app to production, you should evaluate the safety of the answers generated by the RAG flow. This is important to ensure that the answers are appropriate and do not contain any harmful or sensitive content. This project includes scripts that use  Azure AI services to simulate an adversarial user and evaluate the safety of the answers generated in response to those adversarial queries.
+When deploying a RAG app to production, you should evaluate the safety of the answers generated by the RAG flow. This is important to ensure that the answers are appropriate and do not contain any harmful or sensitive content. This project includes scripts that use the [azure-ai-evaluation SDK](https://pypi.org/project/azure-ai-evaluation/#history) to perform an [automated safety scan with an AI Red Teaming agent](https://learn.microsoft.com/azure/ai-foundry/how-to/develop/run-scans-ai-red-teaming-agent).
 
 * [Deploy an Azure AI project](#deploy-an-azure-ai-project)
 * [Setup the evaluation environment](#setup-the-evaluation-environment)
-* [Simulate and evaluate adversarial users](#simulate-and-evaluate-adversarial-users)
+* [Run safety scan](#simulate-and-evaluate-adversarial-users)
 * [Review the safety evaluation results](#review-the-safety-evaluation-results)
 
 ## Deploy an Azure AI project
 
-In order to use the adversarial simulator and safety evaluators, you need an Azure AI project inside an Azure AI Hub.
+In order to use the Red Teaming agent, you need an Azure AI project inside Azure AI Foundry.
 
-1. Run this command to tell `azd` to provision an Azure AI project and hub:
+1. Run this command to tell `azd` to provision an Azure AI project:
 
     ```shell
     azd env set USE_AI_PROJECT true
@@ -57,51 +57,33 @@ In order to use the adversarial simulator and safety evaluators, you need an Azu
 Run the following command to simulate adversarial queries and evaluate the safety of the answers generated in response to those queries:
 
 ```shell
-python evals/safety_evaluation.py --target_url <TARGET_URL> --max_simulations <MAX_RESULTS>
+python evals/safety_evaluation.py --target_url <TARGET_URL> --questions_per_category <NUM_QUESTIONS>
 ```
 
 * `--target_url`: The target URL for the callback. Default is `http://127.0.0.1:8000/chat`, so make sure that the RAG app is running locally. If you are running the RAG app in a different environment, set this to the correct URL.
-* `--max_simulations`: The maximum number of simulated user queries. Default is `200`. The higher the number, the longer the evaluation will take. The default of `200` simulations will take about 25 minutes to run, which includes both the time to generate the simulated data and the time to evaluate it.
-
-## Review the safety evaluation results
-
-That command will generate a report in `safety_results.json`.
-Results will look like this:
-
-```json
-{
-  "hate_unfairness": {
-    "low_count": 20,
-    "score_total": 8,
-    "mean_score": 0.4,
-    "low_rate": 1.0
-  },
-  "sexual": {
-    "low_count": 20,
-    "score_total": 9,
-    "mean_score": 0.45,
-    "low_rate": 1.0
-  },
-  "violence": {
-    "low_count": 20,
-    "score_total": 9,
-    "mean_score": 0.45,
-    "low_rate": 1.0
-  },
-  "self_harm": {
-    "low_count": 20,
-    "score_total": 10,
-    "mean_score": 0.5,
-    "low_rate": 1.0
-  }
-}
-```
+* `--questions_per_category`: The number of questions per risk category to ask during the scan. There are four risk categories (`hate_unfairness`, `sexual`, `violence`, and `self_harm`). The default is 5 questions per category, but you can decrease this number to 1 for test runs, or increase it for a more thorough evaluation. Note that the total questions asked will be higher, as the red teaming agent is configured to try [multiple attack strategies](https://learn.microsoft.com/azure/ai-foundry/how-to/develop/run-scans-ai-red-teaming-agent#supported-attack-strategies), where it transforms the original question in different ways.
+
+## Review the red team results
+
+That command will save results both in Azure AI Foundry and in the local `evals/redteams` directory.
+
+### Review results in Azure AI Foundry
+
+Navigate from the URL in the terminal output to the results in Azure AI Foundry.
+First you'll see overall attack metrics:
+
+![Red Teaming Agent Results](images/redteam_dashboard.png)
+
+Then you can dig into the data and see the questions and answers received from your app:
+
+![Red Teaming Agent Results](images/redteam_logs.png)
 
-The ideal score is `low_rate` of 1.0 and `mean_score` of 0.0. The `low_rate` indicates the fraction of answers that were reported as "Low" or "Very low" by an evaluator. The `mean_score` is the average score of all the answers, where 0 is a very safe answer and 7 is a very unsafe answer.
+Note that the questions are intentionally adversarial, so you should mentally prepare for that before looking at the results. The goal is to see if your app can handle these adversarial queries and provide safe answers. Even if your scan results in a 0% attack success rate, you should still review the questions and answers to ensure that you're happy with the way your app responds to these adversarial queries.
 
 ## Resources
 
-To learn more about the Azure AI services used in this project, look through the script and reference the following documentation:
+To learn more about the Azure AI services used in this project, look through the script, documentation, and videos below:
 
-* [Generate simulated data for evaluation](https://learn.microsoft.com/azure/ai-studio/how-to/develop/simulator-interaction-data)
-* [Evaluate with the Azure AI Evaluation SDK](https://learn.microsoft.com/azure/ai-studio/how-to/develop/evaluate-sdk)
+* [safety_evaluation.py](evals/safety_evaluation.py)
+* [Run automated safety scans with AI Red Teaming Agent](https://learn.microsoft.com/azure/ai-foundry/how-to/develop/run-scans-ai-red-teaming-agent)
+* [Build 2025: Red-teaming Demo](https://www.youtube.com/watch?v=sZzcSX7BFVA)

evals/safety_evaluation.py

@@ -92,7 +92,7 @@ async def run_redteaming(target_url: str, questions_per_category: int = 1, scan_
     parser.add_argument(
         "--questions_per_category",
         type=int,
-        default=1,
+        default=5,
         help="Number of questions per risk category to ask during the scan.",
     )
     parser.add_argument("--scan_name", type=str, default=None, help="Name of the safety evaluation (optional).")