I work on the security of AI systems
I red-team models and agents, threat-model AI-associated risks, and build the controls that hold them. Everything I'm working on is below.
I work at the intersection of offensive security and AI. For the better part of a decade I've been penetration testing and red-teaming systems for a living. As of today, I red-team GenAI solutions and agentic stacks, assess the controls that contain them, and advise companies on how to identify and mitigate emerging risks.
Over the past months my focus has narrowed to where I think the real risk of the next few years lives: agentic systems - models wired into tools, browsers, code and each other over MCP and A2A. The attack surface there is wide and the governance is still being written. So here I am, trying to bring real value and share what I've learned to help business owners understand the risks they actually need to consider.
The AI Security Playbook
The AI Security Playbook is a four-part guide - from “how a model works” to “how to run a defensible program.” Primer, foundations, the attacks, the agentic stack, the frontier, and the defensive program, in one sequence - and everything else here (the articles, the field notes, the open-source tooling) feeds it. Actively updated and expanded, now living at its own home: aisecurity.zone.
Nine years in offensive security.
Now I lead the practice.
Delivered across banking & finance · government · oil & gas · telecom · healthcare · insurance · retail
Certified: OSCP+ · CREST CRT · CRTP · CAISP · Certified AI/ML Pentester · AI Security & Governance