NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Sign inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment
← All articles

Threat Modeling

7 articles

Agent SecurityAgentic PermissionsAI Agent SecurityAI Governance EvidenceAi ImpactAI Incident ResponseAi IntegrationAI Red TeamingAI SDLC & Product SecurityAI SecurityAI Security Engineer CareerAi Security EngineeringAI Security FoundationsAI Security MonitoringAI Security ToolsAI Supply ChainAI System InventoryArchitecture and Trust BoundariesAts SystemsAttackCareer DevelopmentCorporate CultureCorporate Culture And LeadershipCulture SecurityCyber SecuritycybersecurityCybersecurity StrategyData Exposure and PrivacyDefendDetection EngineeringDistributed GovernanceDistributed SystemsEconomic GovernanceEducationEvaluation and Regression TestingEvidenceEvidence Based GovernanceFuture of WorkgovernanceGovernance And ResilienceGovernance Evidence and Customer TrustGovernance, Risk & ComplianceHiring & TalentHiring StrategyIncident ResponseIncident Response & ObservabilityLeadership And GovernanceLLM Application SecurityLogging and TelemetryMapMLOps & Platform SecurityModel and Provider RiskModel Supply ChainOperational RiskOrganizational GovernanceOrganizational ResiliencePlatform GovernancePrivacy & Data ProtectionPrompt InjectionPrompt Injection & Context SecurityPsychological SafetypsychometricsRAG AuthorizationRAG SecurityRecruitment And TalentRed Teaming & Evaluationsred-teamseceng-workbenchSecure Architecture & DesignSecure RAGSecurity ArchitectureStochastic GovernanceStochastic ResilienceSystemic ResilienceTalent AcquisitionTalent EngineeringTeam EngineeringTechnical IntelligenceThreat ModelingToolchain IntegrityTraining & WorkshopsVendor Risk & ProcurementWorkforce ScienceWorkplace Evolution
The AI Security Engineer Career Map: Skills, Tools, Frameworks, and Portfolio Evidence
Map

The AI Security Engineer Career Map: Skills, Tools, Frameworks, and Portfolio Evidence

The AI Security Engineer career path combines AppSec, cloud security, MLOps, LLM application security, secure RAG, agent security, red teaming, detection engineering, governance evidence, privacy awareness, and communication. Practitioners should build portfolio evidence that proves they can turn AI risk into controls, tests, telemetry, and operating decisions.

10 min read
AI Application Security Review Checklist: 100 Questions Before Production Launch
Defend

AI Application Security Review Checklist: 100 Questions Before Production Launch

AI security reviews should use a structured checklist covering governance, data, prompts, RAG, tools, agents, providers, evals, telemetry, and claims before launch.

8 min read
Threat Modeling LLM Applications: Data Flows, Trust Boundaries, Tool Calls, and Abuse Cases
Map

Threat Modeling LLM Applications: Data Flows, Trust Boundaries, Tool Calls, and Abuse Cases

LLM threat modeling should map assets, actors, data flows, trust boundaries, prompt assembly, retrieved content, model providers, tool calls, memory, outputs, identities, approvals, logs, and abuse cases. The output should become controls, tests, telemetry requirements, and incident-response assumptions.

10 min read
Building an AI Red Team Lab: Tools, Datasets, Harnesses, Attack Libraries, and Reporting Templates
Attack

Building an AI Red Team Lab: Tools, Datasets, Harnesses, Attack Libraries, and Reporting Templates

An AI red team lab should provide a controlled, authorized, reproducible environment for testing LLM applications, RAG systems, AI agents, model endpoints, tool use, output handling, and governance evidence. It must include safe datasets, attack libraries, test harnesses, telemetry, evidence handling, reporting templates, and operational guardrails.

10 min read
AI Red Teaming 101: Scope, Methods, Evidence, and Deliverables for Real Organizations
Attack

AI Red Teaming 101: Scope, Methods, Evidence, and Deliverables for Real Organizations

The market often treats red teaming as a demonstration. Real organizations need more than that. They need authorization, reproducibility, severity judgment, and a retest plan that helps the engineering team move.

3 min read
Secure RAG Architecture: Threat Modeling Retrieval-Augmented Generation Systems
Map

Secure RAG Architecture: Threat Modeling Retrieval-Augmented Generation Systems

RAG is not just search with a model on top. It is a controlled knowledge path. If retrieval is not governed, the model can be steered by the wrong documents, the wrong tenant, or the wrong metadata.

3 min read
The Agentic Anarchy Problem: Why AI Agents Break Traditional IAM Models
Attack

The Agentic Anarchy Problem: Why AI Agents Break Traditional IAM Models

AI agents break traditional IAM because they act across user intent, application authority, and tool permissions. A secure agent program requires explicit identity, delegated authorization, scoped credentials, and policy enforcement that lives outside the model.

12 min read