NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Sign inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment
← All articles

Model and Provider Risk

7 articles

Agent SecurityAgentic PermissionsAI Agent SecurityAI Governance EvidenceAi ImpactAI Incident ResponseAi IntegrationAI Red TeamingAI SDLC & Product SecurityAI SecurityAI Security Engineer CareerAi Security EngineeringAI Security FoundationsAI Security MonitoringAI Security ToolsAI Supply ChainAI System InventoryArchitecture and Trust BoundariesAts SystemsAttackCareer DevelopmentCorporate CultureCorporate Culture And LeadershipCulture SecurityCyber SecuritycybersecurityCybersecurity StrategyData Exposure and PrivacyDefendDetection EngineeringDistributed GovernanceDistributed SystemsEconomic GovernanceEducationEvaluation and Regression TestingEvidenceEvidence Based GovernanceFuture of WorkgovernanceGovernance And ResilienceGovernance Evidence and Customer TrustGovernance, Risk & ComplianceHiring & TalentHiring StrategyIncident ResponseIncident Response & ObservabilityLeadership And GovernanceLLM Application SecurityLogging and TelemetryMapMLOps & Platform SecurityModel and Provider RiskModel Supply ChainOperational RiskOrganizational GovernanceOrganizational ResiliencePlatform GovernancePrivacy & Data ProtectionPrompt InjectionPrompt Injection & Context SecurityPsychological SafetypsychometricsRAG AuthorizationRAG SecurityRecruitment And TalentRed Teaming & Evaluationsred-teamseceng-workbenchSecure Architecture & DesignSecure RAGSecurity ArchitectureStochastic GovernanceStochastic ResilienceSystemic ResilienceTalent AcquisitionTalent EngineeringTeam EngineeringTechnical IntelligenceThreat ModelingToolchain IntegrityTraining & WorkshopsVendor Risk & ProcurementWorkforce ScienceWorkplace Evolution
The AI Security Buyer’s Guide: How to Evaluate Vendors for LLM Firewalls, Guardrails, Evals, and Monitoring
Map

The AI Security Buyer’s Guide: How to Evaluate Vendors for LLM Firewalls, Guardrails, Evals, and Monitoring

AI security buyers should judge vendors by the job to be done: filtering, testing, evals, access, logs, leaks, rules, and proof. Choosing a vendor should start with design and risk, not just labels.

9 min read
Secrets Management for AI Apps: API Keys, Model Providers, Tool Credentials, and Delegated Access
Defend

Secrets Management for AI Apps: API Keys, Model Providers, Tool Credentials, and Delegated Access

AI applications need disciplined secrets management across model provider keys, vector stores, tool credentials, OAuth tokens, browser sessions, cloud keys, notebooks, logs, prompts, and agent runtimes. Secure design requires centralized secret storage, short-lived and scoped credentials, delegated authorization, redaction, rotation, revocation, and incident-ready evidence.

10 min read
Cloud Security for AI Workloads: GPUs, Secrets, Buckets, Model Endpoints, and Notebook Risk
Defend

Cloud Security for AI Workloads: GPUs, Secrets, Buckets, Model Endpoints, and Notebook Risk

Cloud security for AI workloads requires inventorying AI assets, protecting model endpoints, securing GPU and notebook environments, managing secrets, locking down object storage and vector stores, scanning containers, limiting egress, monitoring cost, and integrating AI infrastructure into normal cloud security operations.

10 min read
LLMOps Security: CI/CD, Secrets, Eval Gates, Model Registry Controls, and Deployment Promotion
Defend

LLMOps Security: CI/CD, Secrets, Eval Gates, Model Registry Controls, and Deployment Promotion

LLMOps security requires CI/CD controls for prompts, tools, model configuration, provider routing, evals, secrets, registries, deployment promotion, monitoring, rollback, and governance evidence. AI release processes must track every artifact that can change system behavior.

10 min read
Securing Open-Source Models: What to Check Before Running a Model in Production
Defend

Securing Open-Source Models: What to Check Before Running a Model in Production

Open-source models require a production intake process covering provenance, license review, file formats, remote code, unsafe serialization, dependencies, containers, evals, serving infrastructure, monitoring, rollback, and governance evidence.

11 min read
The AI Security Engineering Stack: 50 Tools Across Red Teaming, LLMOps, Governance, and Detection
Map

The AI Security Engineering Stack: 50 Tools Across Red Teaming, LLMOps, Governance, and Detection

Teams often buy a tool category before they define the control gap. That creates duplication and gaps at the same time. A stack map helps the buyer see the boundaries first.

3 min read
Model Supply Chain Security: From Hugging Face to Docker Images to Fine-Tuned Weights
Defend

Model Supply Chain Security: From Hugging Face to Docker Images to Fine-Tuned Weights

The model supply chain is now a real security boundary. Teams pull weights, adapters, datasets, containers, and prompts from many places. Without provenance, the release path becomes impossible to trust.

3 min read