Adventures of a Cyber Security Professional
Source: Custom VectorFANG Testing SCript Thousands of insecure Vector Databases and half configured agent orchestrators just... chilling on the public internet? Sure. Why not. Maybe you don’t even need Vector DB access. Just exploit the thing they meant to make public, the chatbot. Let the user say something nice like, “What’s the easiest way to … Continue reading Vector Drift, Prompt Injection, and the Hidden RAG Attack Surface
tl;dr but RTFM Whether you’re building, breaking, or just beginning to explore AI security, one principle holds true: assume the guardrails will fail and architect as if your system already has a target on its back. Because it does. At this time, Meta's LlamaFirewall is likely the most advanced publicly available GuardRail system incorporating both … Continue reading Cooking with AI Agents: A Security Architect’s Guide to AI Threat Modeling & Design
Executive Summary Imagine pouring years of hard-work into your idea, only to have your work stolen overnight. Every person and computer in your company is a target, finance with unreleased quarterly results, engineering with blueprints, development with new source code or a journalist with the latest story. That nightmare has been the reality for all … Continue reading Breaches Cost Millions! Build AI Detections from NHI + Network logs
Imagine a world where your every sentiment, every email, every social media post, every meeting minute and every line of code you write was then condensed down to create a pseudo "clone" of yourself. It sounds both horrifying and amazingly beautiful too. Now imagine your ideas, comments and thoughts being used against you or your … Continue reading training ai to Predict your competitor’s next …
@secSandman 