Adversarial testing for LLM applications and AI products.

Public-facing AI surface check. Exposed model endpoints (Ollama, vLLM, LangServe), unprotected vector databases, leaked LLM provider keys, Gradio and Streamlit deployments without auth. Snapshot report with each finding mapped to remediation.

Adversarial testing against a target LLM application. Prompt injection, jailbreak resistance, system prompt extraction, output handling abuse, and RAG poisoning where applicable. Combines promptfoo, Garak, and manual operator testing. Full report with reproduction steps and severity ranking.

Architecture-level review of an AI product or feature. Data flow, prompt construction, tool and function-call boundaries, agent abuse paths, RAG retrieval handling, output sanitization, and IAM around model serving. Includes AI-T1 testing of the live endpoint.

Combined cloud and AI focus. Vertex AI deployments, model-serving IAM, training-data exposure, pipeline security, service account scope, and audit-log gaps. Built for teams running AI workloads on GCP.

Continuous LLM red-team coverage for AI systems that ship changes regularly. Monthly: targeted testing of new model integrations, RAG modifications, prompt revisions, and agent capability additions as they ship. Quarterly: full architecture audit of the system in its current state. The retainer covers ongoing oversight of an AI product you've already had assessed. Net-new full-scope assessments of unscoped systems, formal compliance audits, or pre-launch certifications are separate engagements at standard rates. Retainer clients receive priority scheduling and a multi-engagement discount.