David Wolf · Portfolio Use Case
A practical field handbook for turning AI security from policy language into executable engineering work, control evidence, and operator-ready workflows.
Created a practitioner-oriented AI Security Engineering Handbook that translates AI risk, governance, product-security, and agentic-system concerns into concrete security engineering tasks, workflows, controls, templates, checklists, evaluation patterns, and implementation guidance for teams building or governing AI-enabled products.
Client
AI Security LLC / Independent Research
Engagement Type
Research Product
Period
2026
Role
Author / AI Security Engineer / Product Security Architect
Focus Areas
AI Security Engineering, AI Product Security, AI System Inventory
The Context
AI security teams are being asked to secure systems that do more than generate text. Modern AI products retrieve data, call tools, run workflows, store context, process sensitive information, and trigger actions. A useful handbook has to explain how to secure those surfaces as engineering work, not just as policy.
The Challenge
The AI security field is overloaded with framework language, vendor claims, model-safety debates, and incomplete checklists. Practitioners need a clear operating model: what to inventory, what to threat model, what to test, what to control, what to log, what to review, and what evidence to produce.
What I Did
The Outcome
The result is a practitioner-facing reference that strengthens the broader AI Security LLC content system. It gives the Mythos framework an operational companion and gives the State of AI Security Engineering Report a hands-on implementation layer.
To
Bridge product security, AI governance, agentic workflow security, prompt testing, RAG security, privacy, and control evidence
Across
Portfolio pages, consulting offers, executive briefings, workshops, training material, and advisory engagements
Of
A broader AI security research platform including the Mythos framework and the State of AI Security Engineering Report
Key Deliverables
Collaboration
The handbook was created as an independent research and practitioner enablement asset. It synthesizes hands-on product security, AI governance, agentic workflow security, security program buildout, and consulting experience into a format that can support engineering teams, executives, clients, and hiring conversations.
Client
AI Security LLC / Independent Research
Engagement Type
Research Product
Period
2026
Role
Author / AI Security Engineer / Product Security Architect
Focus Areas
AI Security Engineering, AI Product Security, AI System Inventory
The Context
AI security teams are being asked to secure systems that do more than generate text. Modern AI products retrieve data, call tools, run workflows, store context, process sensitive information, and trigger actions. A useful handbook has to explain how to secure those surfaces as engineering work, not just as policy.
The Challenge
The AI security field is overloaded with framework language, vendor claims, model-safety debates, and incomplete checklists. Practitioners need a clear operating model: what to inventory, what to threat model, what to test, what to control, what to log, what to review, and what evidence to produce.
What I Did
The Outcome
The result is a practitioner-facing reference that strengthens the broader AI Security LLC content system. It gives the Mythos framework an operational companion and gives the State of AI Security Engineering Report a hands-on implementation layer.
To
Bridge product security, AI governance, agentic workflow security, prompt testing, RAG security, privacy, and control evidence
Across
Portfolio pages, consulting offers, executive briefings, workshops, training material, and advisory engagements
Of
A broader AI security research platform including the Mythos framework and the State of AI Security Engineering Report
Key Deliverables
Collaboration
The handbook was created as an independent research and practitioner enablement asset. It synthesizes hands-on product security, AI governance, agentic workflow security, security program buildout, and consulting experience into a format that can support engineering teams, executives, clients, and hiring conversations.
At a Glance
Focus Areas
Tools & Technologies
Evidence & Artifacts
Public-Safe Caveat
This case study describes an independent research and practitioner handbook asset created for public and advisory use. It does not disclose confidential client data. Client-specific examples should remain generalized unless separately approved for attribution.
David Wolf
AI Security · Product Security · Security Leadership
Based on analyzed public signals, not proof of any individual's or company's internal state.
