THOUGHTS & RESEARCH

Thoughts & Research

Blog posts and research on AI security, product execution, and regulated industries.

Thoughts / Blog

View all posts →
Published6 July 2026

Why a data scientist built an AI firewall company

I slipped a poisoned document into a retrieval assistant I had built, and it replied, "I have been compromised". That was the moment the problem stopped being theoretical, and the reason a data person ended up starting a security company.

Read post
PublishedApril 2026

What OWASP's #1 LLM risk actually looks like in production

Prompt injection has topped OWASP's LLM Top 10 for two years running. While most developers have heard the term, fewer have seen what it looks like when it lands in a real production system. This is what it actually looks like.

Read post
PublishedMarch 2026

We're Shipping AI Like It's 2005

The pattern is familiar. Capability ships first, security follows, and everyone learns the hard way in between. AI is just the latest wave, and the stakes are higher.

Read post

Research

PublishedPaper

CoGuard: A Large Language Model-Based Multi-Agent System for Autonomous Security Policy Enforcement in Cloud Environments

A multi-agent LLM system that achieves 92.4% policy compliance accuracy and reduces security incidents by 78.3% through coordinated specialized agents for cloud security enforcement.

Open research link
PublishedPaper

Temporal-Spatial Attention Network (TSAN) for DoS Attack Detection in Network Traffic

An attention-based model for identifying DoS attack patterns using temporal and spatial traffic signals.

Open research link
PreprintPaper

(Preprint) LLM-Firewall: A Novel Taxonomy of Indirect Prompt Injection Attacks in Enterprise RAG Systems

A structured taxonomy for indirect prompt injection risks in enterprise RAG systems to support practical mitigation design.

Open research link
PublishedPaper

LLM-Firewall: A Lightweight Middleware Architecture for Real-Time Detection of Indirect Prompt Injection in Enterprise RAG Systems

A lightweight middleware architecture for real-time detection in enterprise RAG workflows.

Open research link