AI Security
AI / LLM security — prompt injection, data poisoning, agent threat models, building trustworthy AI, optimisation, and the architecture of trending AI products.
Building a Production AI Stack — Vector DB, LLM, Auth, Observability
A real production AI application has 6-8 components: LLM (own or API), embedding model, vector DB, prompt cache, auth, rate limit, content…
AI SecurityDefending AI Endpoints — Rate Limit, Content Filters, NeMo Guardrails, Llama Guard
Once your AI endpoint is public, attackers will probe it within hours — for free LLM access, prompt injection, content-policy violations, and…
AI SecurityAI Security 101 — Why ML Systems Break Differently
Traditional software is deterministic. ML systems are probabilistic, learn from data, and respond to natural language. That changes the entire threat model…
AI SecurityMulti-Modal Attacks — Image Prompt Injection and Audio Adversarials
GPT-4V, Claude 3.5 Sonnet, and Gemini accept images. Whisper, ElevenLabs, and others accept audio. Each modality is an injection surface. This module…
AI SecurityPrompt Injection — Direct, Indirect, and Why It Will Not Be Patched
Prompt injection is to LLMs what SQL injection was to web apps in 2002 — except this time there is no equivalent…
AI SecurityBrowser-Use Agents — Risks When LLMs Browse the Web
Anthropic computer-use Claude, OpenAI Operator, and frameworks like browser-use let agents control real browsers. They click, type, fill forms, log in. Every…
AI SecurityData Poisoning and AI Supply Chain — Attacks Before Deployment
Most AI defenders worry about runtime attacks. Sophisticated attackers go upstream — poisoning training data, hijacking model registries, planting backdoors in fine-tuned…
AI SecurityAI Supply Chain — Hugging Face Hijacks, Pickle Attacks, Model Card Poisoning
You download a model from Hugging Face. The model file format (Pickle) supports arbitrary code execution on load. The model card lies…