The research

Proof before promises. Here's what the harness actually showed.

Every behavioral and structural control I tested was bypassed or allowed malicious generation — except one.

~6.1M
inference calls in the test harness
1.7B–119B
model parameter range tested
100%
of malicious generations blocked in-harness by one generation-layer control
97.85%0%
abliterated-model data-exfiltration success, under that control
Read the whitepaper See the full method
Services

Three ways I harden your integration layer.

Engagements are outcome-scoped. Each one ends with artifacts your auditors can actually read.

01

GenAI Integration Threat Modeling

Find where your LLM agents are over-privileged — before an attacker does. A mapped, ranked view of every path model output can take into your data, tools, and customers.

Explore service
02

Middleware Zero-Trust Enforcement

Stop trusting model output. Enforce least-privilege at the boundary, so a compromised prompt can't reach data or tools it was never authorized to touch.

Explore service
03

Prompt-Injection Guardrails

Move enforcement to the generation layer — the one place a control held across the harness — so malicious output is blocked before the model can produce it.

Explore service
I build the systems too

Software & automation, held to the same bar.

Security-grade engineering isn't only for security work. I build production systems where the correct behavior is the only path the code can take — and prove it after the fact.

See the engineering bar
CASE STUDY · MILEAGE

Reimbursement that's correct by construction — and defensible after the fact.

authoritative routing source exact integer money math per-user isolation event-sourced audit
Book a fit-call

Bring me your riskiest GenAI integration point.

25 minutes. No pitch. We pressure-test it live and you leave with a threat-model sketch — whether or not we end up working together.

Book a fit-call Read the research first