Capability Briefs
Capability Briefs
From emerging AI to the technology behind the applications we all use every day, these briefs describe how we approach specific classes of security testing and governance - what we look for, how we test, and why it matters.
AI Security
How we approach security testing for AI-powered applications, from coding assistants to autonomous browser agents.
AI Application & Agent Security
Testing any product that integrates LLM capabilities - from RAG chatbots through fully autonomous coding assistants and browser agents.
Read the briefMCP & Tool Integration Security
For companies building MCP servers or plugin surfaces that expose their product to third-party AI systems.
Read the briefAI Red Teaming & Safety Testing
Adversarial testing against models directly for RAI violations - systematic attempts to break safety alignment.
Read the briefCustom Model & Training Security
For organizations training, fine-tuning, or self-hosting models - different access levels enable different testing approaches.
Read the briefWeb Application Security
How we test the web applications and APIs that organizations rely on every day.
Cloud Infrastructure
How we review cloud environments for the misconfigurations and access control gaps that lead to breaches.
Azure Cloud Infrastructure Security Review
How we review Azure environments for misconfigurations in identity management, network segmentation, AKS container security, and platform services.
Read the briefAWS Cloud Infrastructure Security Review
How we review AWS environments for misconfigurations in IAM, network controls, EKS container security, and platform services.
Read the briefGovernance
How we help organizations build and maintain security governance programs that hold up under scrutiny.
Need a security assessment?
We work with organizations to find and fix security vulnerabilities across applications, infrastructure, and AI systems.
Get in touch