AI Security
Comprehensive notes on securing AI systems — from prompt injection and adversarial attacks to LLM red-teaming and production guardrails. Essential reading for anyone building or deploying AI.
The 3-Bucket Threat Model
Shadow AI, attacks on AI, and agentic tool-use attacks — the framework that organizes all of AI security.
Prompt Injection (Deep Dive)
Direct vs indirect injection, why agents make it 10× worse, and real production threat scenarios.
Jailbreaking vs Prompt Injection
Two different attacks on two different rule sets — model safety training vs app developer instructions.
Excessive Agency / Tool Abuse
Excessive functionality, permissions, and autonomy — why least privilege is the #1 agent design principle.
MCP Security
Tool poisoning, rug pulls, and confused deputy attacks — how the Model Context Protocol creates new threat surfaces.
Runtime Detection
The 4 detection points, the 5 detection techniques, and why detection is probabilistic not categorical.
Layered Defenses + Judge LLM
Heuristics → classifiers → LLM judges → behavioral monitoring → policy engine. Why systems hold through redundancy.
Encoder Fine-Tuning for Classification
How DeBERTa-style models become prompt injection classifiers — architecture, training loop, and the data problem.
Frameworks, Tools & Landscape
OWASP LLM Top 10 (2025), MITRE ATLAS, the 5 vendor pillars, and the 2024-25 acquisition wave.
Quick-Reference Cheat Sheet
One-liner definitions, the damage formula, 4 detection points, 5 techniques, key sentences to memorize.
More topics coming soon — detailed notes from real-world AI security research and practice.