Consulting

AI Launch Security Review

Schedule a focused technical conversation that scopes your AI product risk, identifies the right advisory track, and translates your needs into a practical engagement proposal.

Selected service

AI Launch Security Review

A 5–10 business day pre-release security review for AI features, copilots, RAG systems, agents, and AI workflows. Find the launch-blocking AI security risks before customers, attackers, or enterprise security reviewers do. First findings in 5 business days; launch-ready review in 5–10 business days. Expands into a deeper 2–4 week AI Product Security Assessment when needed.

Duration

5–10 business days

Deliverables

5 implementation-grade outputs

Rate

Scoped after triage

What we cover

AI product surface and launch-context scope — what is shipping and to whom
Prompts, system instructions, and user-controlled inputs under abuse pressure
RAG, retrieval, and tenant data boundaries — leakage and isolation review
Agent tools, permissions, approvals, and rollback paths
Model/provider dependencies, authorization, identity propagation, logging, and data exposure
Guardrail and eval pressure checks plus customer/security-review evidence gaps

Scoping workflow

Collect the details before the call.

Use the service-specific intake below to collect the organization profile, stakeholders, systems, and files we need in advance. The same workspace data can later be managed from your client portal.

Structured intake

Turn this into a scoped engagement.

This form captures the organization details, stakeholders, systems, and assets we need before the discovery call. It saves into your client workspace so the same record can be updated later from your account area.

What we ask

Which AI systems, product features, or agents are in scope first?
Where do retrieval, tool use, and provider boundaries create the most uncertainty?
What evidence already exists, and what is still missing?
Which launch, customer, or incident deadline is driving the work?

What to upload

Architecture diagram or service map
AI feature inventory or application register
Auth, retrieval, and model-provider notes
Logs, traces, or screenshots from the current environment
Any questionnaires or trust-center language already in circulation

Organization profile

Organization nameWebsitePrimary domainCompany sizeIndustryEngagement stage

Organization notes

Project details

Project nameObjectiveTimeline

Systems in scopeOpen questions / risks

Notes for discovery

Stakeholders

Who should receive the proposal, notes, and next steps?

Add at least one stakeholder so we know who to include in the follow-up.

Uploads

Add files, screenshots, or text artifacts before the call.

Upload files

Upload typeFile note

No uploads yet. Screenshots, docs, questionnaire exports, and notes can all be added here.

Open client portal

Saving writes this draft into your workspace profile. Nothing has been saved yet.

Service fit

AI Launch Security Review

What this produces

Intake preview

Project: AI Launch Security Review scoping brief

Systems: None entered yet

Open questions: None entered yet

Organization profile still needs the basics.

Call prep

Before the discovery call, make sure the following are available: a current architecture view, the most recent questionnaire or trust-center draft, and any log or screenshot evidence that explains the risk.

What we cover in the call

• Your AI architecture, data sources, and model supply chain.
• Risk profile for RAG, agents, prompt injection, and tool access.
• Desired outcomes, timeline, and delivery constraints.
• Recommended engagement format and next steps.

Typical duration

30 minutes

If you’re preparing:

• A short summary of your AI program or feature.
• Key risk concerns or audit requirements.
• Current controls, telemetry, and team structure.

Suggested lane

AI Security Services

Review, test, and harden AI product features before they become enterprise-grade liability. Covers RAG authorization, agentic workflow risk, adversarial validation, guardrails, evals, logging, and launch evidence.

Back to service View track

AI Launch Security Review

Open service →

AI Product Security Assessment

The deeper 2–4 week assessment for AI-enabled products — typically the follow-on to an AI Launch Security Review, or when a system needs full architecture, data-flow, trust-boundary, model and provider dependency, RAG surface, tenant isolation, authorization, privacy, logging, SDLC, and evidence review.

Open service →

Agentic Workflow Abuse Review

An adversarial review of AI agents, tools, automations, permissions, approvals, workflows, rollback paths, and action boundaries. It tests the action layer: what the AI can do, who approved it, what it can touch, and how badly it can fail.

Open service →

Consultant fit

AI Launch Security Review

Use this lane to find the public-safe consultant profile matches that show up in the work.

See consultant fit →

Project evidence

AI Launch Security Review

Connect the service to public-safe project evidence instead of leaving it as a generic card.

AI Product Security Control Plane

AI control design, authority mapping, and product-security evidence.

Agentic Browser Security Assessment

Trust-boundary, native bridge, and agentic control-plane security evidence.

AI Governance Controls with Garak, NeMo & Promptfoo

Practical AI governance tooling for evaluation, refusal, and guardrails.

View evidence →