AI Security Consulting
Security for teams building
with AI agents, MCP tools, and RAG
Prompt injection, data leakage, and privileged tool misuse hide in the gap between untrusted text and the tools your agents can call — where traditional security tooling doesn't look. I work with engineering and security teams to find and fix these exposures before they become incidents.
Contributor, OWASP Top 10 for Agentic Applications 2026 · CISSP · PhD · 15+ years enterprise security
Most teams' MCP integrations have never been security-reviewed for prompt injection or tool misuse. See MCP security →
Score your own agents — free
The Agent Security Scorecard walks you through the same questions I use in a review and hands you a gap list in the browser. No login, no email, nothing to install.
AI Agent Security Field Guide
A 20+ page guide to securing AI agent systems end to end: identity, tool boundaries, and containment.
Read the guide →Pre-Deployment Checklist
The checks to run before the next agent ships to production. Five pages, no fluff.
Get the checklist →The AI Security Newsletter
Prompt injection, MCP attack chains, and agentic defense, written for practitioners. One issue a week.
See the newsletter →Focus areas
What I assess and secure
Specific expertise in how AI systems fail. Not generic cybersecurity rebranded.
Prompt Injection
Direct and indirect injection, jailbreaks, and multi-turn manipulation that override system intent.
Data Leakage
Paths where training data, system prompts, or user data can be extracted through model outputs.
Agentic System Risk
Tool-using agents introduce privilege escalation and confused deputy attacks. These don't exist in traditional systems.
Supply Chain & Model Risk
Third-party models, RAG data sources, fine-tuning datasets, and embedding pipelines as attack vectors.
Access Controls
How user identity, permissions, and data isolation are enforced across your AI infrastructure.
Monitoring & Response
Logging, anomaly detection, and incident response playbooks built for how AI systems actually fail.

I've spent most of my career securing critical systems in regulated industries. Power grids. Healthcare infrastructure. Financial systems.
These days I work with teams building AI agent systems. Model selection, fine-tuning, RAG pipelines, agentic workflows, production on Kubernetes. I understand how these systems are built because I've built them.
That combination puts me in an unusual position. I understand how these systems are built, and I understand how they're broken. That's the gap Molntek exists to close.
Not ready to talk yet?
Free checklists, guides, the Agent Security Scorecard, and a sample assessment report. No call required.
Ready to talk?
Tell me what you're building. I'll tell you honestly whether I can help and what that would look like.