Senior AI Security Engineer & Co-founder, aisecurity.llc
Building the operating model, controls, detection, and evidence layer for enterprise AI adoption. Translates market signals and regulatory requirements into engineering controls that actually reduce risk.
At a glance
57
Public case studies
60+
Portfolio proofs
15+
Years in AI security
4
Decision tracks
Pinned Work & Portfolio Proof
A selection of engagements, research, and assessments available for public review.
Drag or use arrows
Best-fit engagements
Match your decision pressure to the right engagement type.
Service tracks: choose the right path
| Decision pressure | Recommended engagement | Track | Duration | Primary output | |
|---|---|---|---|---|---|
| Launching or reviewing an AI feature | AI App Threat Modeling Sprint | Rapid Assessment | 2–4 weeks | Threat model, risk map, control backlog | View details |
| RAG, retrieval, or knowledge system risk | RAG Security Design Review | Rapid Assessment | 2–5 weeks | RAG threat model, controls, 7 implementation artifacts | View details |
| Agents, tools, delegated action, or workflows | Agent & Tool-Use Control Plane Review | Architecture Review | 3–6 weeks | Control plane review, authZ model, 8 artifacts | View details |
| Prompt injection, RAG abuse, or adversarial validation | Prompt Injection & RAG Red Team | Red Team | 3–6 weeks | Attack findings, reproductions, remediation plan | View details |
| Governance, evidence, or executive pressure | Security Governance Program Advisory | Program Advisory | Monthly | Operating cadence, evidence plan | View details |
| Model, data, supply chain, or regression concerns | Specialized Review | Specialized | 2–8 weeks | Focused risk review & artifacts for your risk | View details |
Expertise buckets
Top capabilities
Rate surface
Architecture / research engagements
$25K – $50K
Public consulting bands are used for architecture review, research briefing, and advisory work.
Service mapping
Research briefing
Translates job-market signals, framework coverage, and control evidence into executive-ready observations.
Request quote →Architecture review
Reviews trust boundaries, control gaps, and implementation evidence for AI systems.
Request quote →David Wolf is a Senior AI Security Engineer and researcher — a 'builder–breaker' practitioner with 25 years of experience at the cyber-physical intersection of product security and human behavior. He has led product-security programs at Splunk, Forescout, Devo, and Cornerstone OnDemand, securing 1,000+ enterprise and marketplace apps across SIEM, IoT/OT, and cloud-native platforms. His expertise spans AI threat modeling, LLM security, agentic workflow security, control-plane architecture, evidence engineering, and the translation of abstract security requirements into observable, testable product behavior. He has built product-security programs from greenfield, designed security control frameworks that mature over 90 days, and worked with enterprises and legal teams on AI governance readiness and regulatory evidence generation. As a researcher and speaker, David has presented at RSA Conference, Infosecurity Europe, Cloud Native Security Conference, KubeCon, and Linux Foundation events, translating field intelligence into engineering controls and executive-ready evidence. His writing explores how AI, data science, and workforce psychology shape the next era of cyber defense and the future of work.
Principal Consultant – Security Architect & AI Engineer
2023–PresentAI & Security R&D
Independent consulting focused on multi-agent AI, psychometrics, and applied security engineering.
Security & AI Talent Advisor
2022–2022Sapient Search
Security and AI talent advisory for executive search.
Security Research Engineer – Architecture Innovation
2022–2023Devo
Cloud-native SIEM platform recognized as a Gartner Magic Quadrant Visionary.
Principal Security Research Engineer – Threat Research | IoT, OT, ICS
2017–2020Forescout Technologies Inc.
Network access control and IoT/OT/ICS security platform for global enterprises.
Management Consultant | Technical Director | Security Architect
2017–2018Independent Consulting
Interim technical leadership and security architecture for organizations in finance and technology.
Manager, Application Security
2015–2017Cornerstone OnDemand
· AppSec manager and technical lead for a 14-person security & compliance team in a 1,500-person global SaaS organization
· Enabled the company's FedRAMP ATO by architecting a unified control and policy set reused as a single baseline across audits and engineering
Sr Product Security Engineer | Application Security | Penetration Testing | Incident Response
2013–2015Splunk
· Led penetration testing, code review, and vulnerability management for all Splunk products and 450+ Splunkbase marketplace apps
· Established the Splunkbase App Certification Program: defined V&V standards, automated SAST/DAST checks, and set requirements for the 'Splunk Certified' marketplace badge
Management Consultant | Cyber Security Engineer
2010–2013Independent Consulting
· Designed KYC investor screening workflow achieving PCI DSS Level 3 compliance for a financial services provider
· Built Salesforce enrichment pipelines using OSINT, firmographic signals, and automated lead scoring
Director | Product Manager
2006–2010Syntryx Inc.
· Led 11-person team serving 100+ enterprise clients, driving ~$2M ARR with multi-channel search, display, and affiliate analytics products
· Built and operated an index of >2B web pages using PostgreSQL clusters and high-throughput crawling, ingest, and search pipelines
Management Consultant – Strategy, Marketing & Acquisition
2004–2006Travelport
· Generated £400–600K monthly gross profit at <2% cost of revenue via long-tail paid search using NLP and statistical modeling
· Senior marketing adviser across the $6B TravelPort portfolio guiding global expansion and post-acquisition integration
Founder (exited) | Webmaster
1999–2004Professional Copywriting Ltd.
· Discovered and responsibly disclosed early web application and ad analytics vulnerabilities starting in 1999
· Built autonomous browser agents inspired by social insects for evolutionary content generation and traffic experiments
Credentials
CISSP
Certified Information Systems Security Professional
(ISC)²
CISSP ISSAP
Information Systems Security Architecture Professional
(ISC)²
CISSP ISSMP
Information Systems Security Management Professional
(ISC)²
CSSLP
Certified Secure Software Lifecycle Professional
(ISC)²
CISM
Certified Information Security Manager
ISACA
CRISC
Certified in Risk and Information Systems Control
ISACA
CCSK
ActiveCertificate of Cloud Security Knowledge
Cloud Security Alliance
CPHIMS
ActiveCertified Professional in Health Information and Management Systems
HIMSS
AWS Solutions Architect – Associate
Amazon Web Services
AWS Big Data Specialty
Amazon Web Services
AWS Machine Learning Specialty
Amazon Web Services
TOGAF
ActiveTOGAF Certified Enterprise Architect
The Open Group
PMP
Project Management Professional
Project Management Institute
ITIL 2011 Foundation
ActiveIT Service Management
AXELOS
PSM
ActiveProfessional Scrum Master
Scrum.org
PSPO
ActiveProfessional Scrum Product Owner
Scrum.org
PRINCE2 Agile Practitioner
ActiveAgile Project Manager
AXELOS
MSP Foundation
ActiveCertificate in Programme Management (Managing Successful Programmes)
AXELOS
CBP
ActiveCertified Bitcoin Professional
CryptoCurrency Certification Consortium
FSAA
ActiveForescout Advanced Administrator
Forescout Technologies
Splunk Enterprise Certified Architect
ActiveSplunk
Elastic Certified Kibana Analyst
ActiveElastic Certified Kibana Analyst
Elastic
CPR/AED
ActiveCPR/AED Certified
American Red Cross
ASA Skipper
ActiveASA Skipper License
American Sailing Association
Devo Certified Platform Expert
ActiveDevo
Courses
SANS FOR610: Reverse-Engineering Malware
SANS Institute
SANS SEC542: Web App Penetration Testing
SANS Institute
Skills
AI Security
Security Engineering
Engineering & Tooling
Compliance & Governance
Leadership & Research
Publications & Resources
View all →
The State of AI Security Engineering Report 2026
A flagship research report turning AI security job-market noise into evidence about roles, skills, control gaps, hiring signals, and the emerging AI security engineering discipline.
The AI Security Engineer's Handbook
A practical field handbook for turning AI security from policy language into executable engineering work, control evidence, and operator-ready workflows.
The AI Security Engineering Field Guide
A compact, action-oriented field guide for AI security engineering practitioners working in fast-moving environments.
MYTHOS: The AI Security Narrative
A book about the stories that shape how people think, build, and govern AI security.
Recommendations
“I had the opportunity to work with David while he was working at Devo, developing the Deco Common Cyber Model, and I must say he is a very smart guy and it was super easy and fun working with him. I would highlight his researching ability and the good ideas he has and of course his good mood which is always very appreciated when you work with people.”
David Piñeiro Bolaño
Product & Platform Associate
PagoNxt (a Santander company)
“I became to know David as he started to work as a security researcher in Forescout. On top of his vast knowledge of all things Cyber security, David showed original thinking and far reaching ideas. He proposed ways to validate his ideas and went on to implement them. David is unique in being able to think big and work out the details to examine ideas rigorously. His multi-cultural exposure, his expressive communication and writing abilities make him ideal for organizations looking for original thinking and the ability to deliver on it. If you are looking for a cyber security person with genuine interest in new technologies, high communication skills and passion to what he does, David is the one.”
Oded Comay
Co-founder and Chief Innovation Officer
Forescout Technologies Inc.
“David is both a professional and a great person. While working together on a challenging project he demonstrated his many capabilities, one of which allowed a speedup of the development cycle by turning many messy data sources into a single well organized, automated data source.”
Oren Nechushtan
Chief Technology Officer
Menthoda
“I've had the privilege of collaborating with David on various projects and have always been impressed by his exceptional creativity and advanced technological skills. David possesses a unique ability to envision and steer the big picture, making him an invaluable asset to every project we've undertaken. His profound knowledge in both marketing and security, combined with practical application, sets him apart in the field. What truly stands out is his leadership capability, guiding teams towards achieving remarkable results. I highly recommend David for his all-round excellence and professional acumen. He's not just a team player, but a natural leader who uplifts everyone working alongside him.”
Alon Braun
Founder
Riverbanks
“David is a class A employee. While at Devo he took on defining the common information model (CIM) and did a spectacular job. Not only that, he pieced together an amazing talk at KubeCon and was always ready and willing to help. I would HIGHLY recommend David to any person/entity.”
Joshua Smith
Threat Intelligence Specialist
Independent Contractor
“I have worked with David on the client side on highly complicated tech applications that he developed. His brilliance is stunning and if your company captures his attention I highly recommend you pay attention to what he has to say.”
Heather Paulson
Chief Executive Officer
ecomko.com
“Good Job!”
John Kennedy
Security
LangChain
“Working with David has truly been a pleasure... and a privilege. On top of a phenomenal technical background, David has a deeply analytical nature that allows him to analyze and successfully attack a problem from the absolute best vantage point — even if it's one that most might overlook. He has that maverick mindset that seamlessly pairs deeply rational logic with intense creativity and curiosity — the perfect blend for remarkable, even potentially technology-changing discoveries. In talking with him, he has that energy, creativity and zeal that makes you wonder "just what neat things will this person create or inspire down the road?" On top of the remarkable skills above though, David stays grounded and successfully keeps his head on his shoulders — he possesses humility, graciousness and a truly remarkable consideration for others. David is definitely one I fully expect to see having a hand in developing some cutting-edge discovery down the road... or possibly more than one!”
Lorraine Bullock
Senior Technical Talent Acquisition – Cybersecurity, IT and Personal Systems
HP
“There are a few people on the Internet that are capable of doing brilliant things that the average person simply can't even imagine let alone attempt. David is one of these geniuses. Not only that but he is a very fun and positive person to work with.”
Lloyd Apter
Chief Operating Officer
Colibri Spindles
“We have worked with David's firm a number of times over the past few years and always found him to be an excellent choice. He is very easy to work with but at the same time very professional and very well versed in his field. Always keen to share his knowledge and at the same time very open to new ideas and changes in strategic thinking. A great guy to work with.”
Chris Sanderson
Affiliate Marketing Director
AMWSO
“David's insight into analytics, marketing & data mining absolutely astounds me. David's one of the most dynamic individuals I know and his uncanny ability to dig into problems and come up with a great solution or product is peerless. If you're looking to solve an analytics issue David's the only one I'd recommend!”
Jonathan Miller
Managing Director
The Forge Advertising Agency
“David Wolf's forward-leaning genius created the planet's premier search engine for marketers. Whether sourcing and prioritizing media campaigns, SEO partners, or new performance marketers, Syntryx, from the Colorado mind of David Wolf, offers all the right intel and tools to quickly target your audience — no matter what the language, region or custom. David is a trailblazer. A man to watch and listen to. For everything is not as it seems...”
James Traynor
Full Stack Digital Marketer
Freelance
“David is an expert in his field — he has helped to underpin Travelport's online channel and promote technical expertise within the organization. His knowledge and solutions are invaluable to any organization.”
Stacie C Morris
Deal Partner
Boardy
“David is an extreme intellect that doesn't stop inventing until he has come up with the most automated tools and technologies to drive the online marketing world to new levels. David has delivered on all of his promises with the utmost professionalism. Oh... and I highly recommend his products.”
Wade Schlosser
Co-Founder and CEO
Solvable
“David is a brilliant guy who has developed an incredible Internet marketing intelligence tool. I have worked with David for several years, utilizing this unique tool and driving extensive value from it. David is a true professional and a very pleasant person to work with.”
Ron Brightman
Advisor and Investor
Dots.eco
“David's comprehensive knowledge on online biz as well as Syntryx has provided me variety of useful information. I have no doubt that Dave and Syntryx are very powerful resources to work with!”
Jeongmin (Ray) Kim
COO
Medicus Inc.
“David is a rare person with endless gifts and abilities both on the professional and personal levels. Since we first met I'm still trying to understand how so much can be done by one person!”
Yochai Levi
Founder, CMO
One AI
“We engaged Syntryx a year ago as a way to help our clients understand and articulate better web strategies, intelligent affiliate spending and search engine optimization practices. Since our commencement with Syntryx and working with David, our clients have enjoyed top 10 search engine rankings, increased ROI on affiliate channels. Syntryx is a ground-breaking tool that is revolutionizing the web.”
Joshua J. Claflin
President, Outdoor Industry Brand + Digital Marketing
Garrison Everest
“David Wolf is one of the top five internet minds in the world today. Any time spent with him is time extremely well spent. The world is on the verge of discovering him.”
Josia Nakash
Business Strategy Consultant
Good Vibe Agency
“David and his company are exciting "up and comers". His dedication to finding and presenting companies with strategic web analytics that focus more on competitive intelligence is exciting. I recommend David to anyone who needs an honest fresh solution for competitive analysis at affordable rates.”
Joshua Sloan
City Council Member
Borough of Bally
“David is a true "forward thinking" individual. We have discussed the Syntryx system on a regular basis and David has always listened to my questions and comments with the intent of making the system as powerful as possible. His willingness to work closely with clients and his adaptability are traits that all clients hope for in their business relationships.”
Chris Graham
CEO and Co-Founder
Graham Advisory Network Inc.
“Syntryx has helped our company thoroughly evaluate potential niche markets for our products. We are able to project potential traffic, analyze key competitors, and determine potential barriers to entry — all crucial to determining if and how we enter a particular market.”
Jesse Malcomb
Owner / Founder
CrossFit Fortius
“David's expertise in online marketing has tremendously helped our company.”
Balázs Nagy
Chief Executive Officer
NewPush
Auto-plays while in view
Community
OWASP Foundation
Public Speaker
Presented on application security risk management via secure SDLC security programs.
Cloud Security Alliance
Host & Public Speaker
Co-host of CSA meetups in Santa Monica; presenter on risk management through secure SDLC program development and application security.
Education
American Military University
Graduate Coursework · Emphasis: Strategic Intelligence
Thesis: How North African Desert Warfare Models eCommerce
University of Colorado at Boulder
BS in Business Administration · Emphasis: Information Systems
Book a short intro to map your AI security challenge to the right engagement path.
