Services AI Security Assessment
🔒

AI Security Assessment

A structured technical review of your LLM deployment — identifying vulnerabilities, attack surfaces, and gaps before they become incidents.

Get in touch about this →

What I assess

LLM Attack Surfaces

  • Prompt injection — direct and indirect injection paths that could let external input override your system prompt or redirect model behavior
  • Data leakage — routes through which training data, system prompts, or user data could be extracted via model outputs
  • Jailbreaks and constraint bypass — techniques that circumvent your application’s intended restrictions
  • Multi-turn manipulation — attack sequences that exploit conversation history to accumulate privilege or extract information

Agentic System Security

  • Tool use boundaries — whether agents can be manipulated into calling tools with unintended inputs or outside their intended scope
  • Privilege escalation — whether a compromised prompt can expand what an agent is able to do
  • Confused deputy attacks — scenarios where the agent acts on behalf of a malicious third-party payload it encountered in context

Infrastructure and Access Controls

  • Authentication and authorization — how user identity and permissions are enforced in requests to your LLM system
  • Data isolation — whether one user’s data or context can bleed into another user’s session
  • Logging and observability — what visibility you have into anomalous usage or attacks in progress
  • Secrets and API key exposure — whether credentials embedded in prompts or context are at risk

Supply Chain and Model Risk

  • Third-party model risk — evaluation of risks from the models or providers you’re using
  • RAG data source security — whether your retrieval data sources introduce injection or poisoning risk
  • Fine-tuning data risks — exposure from training data used to customize models
  • Embedding and vector store security — access controls and injection paths through your retrieval layer

What you get

Findings Report

A written report with every finding documented: severity level, technical description, how to reproduce it, and specific remediation guidance your engineers can act on directly.

Prioritized Remediation Roadmap

Findings ranked by severity and exploitability, with recommended fixes ordered by impact. Specific to your stack and implementation — not a generic template.

Walkthrough Session

A live session with your engineering and security team to walk through findings, answer questions, and discuss remediation. The goal is for your team to leave understanding the issues — not just holding a document.

Who this is for

  • Engineering teams that have deployed an LLM-powered product and want to know where the security gaps are before a third party finds them
  • Security teams that need to assess an AI system and want a technical counterpart who understands both worlds
  • CTOs and technical leaders who need an honest, independent view of their AI security posture before a compliance review, investor due diligence, or product expansion

How it works

Discovery call — I learn about your system, your stack, and what you’re most concerned about.

Scoping — I define exactly what will be reviewed, timeline, and access requirements. You get a clear scope document before anything starts.

Assessment — Typically 2–4 weeks depending on system complexity. I work with your team to get the access I need without disrupting operations.

Report and walkthrough — Written findings delivered, followed by a live session with your team.

Pricing

Assessments are scoped individually based on system complexity and depth of review required. Fixed price for the defined scope — no hourly billing.

Get in touch to discuss scope and pricing →

Sounds like a fit?

A short call is usually enough to figure out whether this is what you need and what it would look like.

Book a discovery call
View all services