ML system security
ML infrastructure carries every traditional security risk plus deployment-specific threats. Covers misconfigurations, DoS, resource exhaustion, and TTPs.
ML application security
The application layer of ML systems inherits every traditional web vulnerability. Covers injection, authentication, XSS, and social engineering attack vectors.
Attacking data components in ML systems
How adversaries poison training data, embed backdoors, and exfiltrate ML data sets. Covers data poisoning, supply chain attacks, and federated learning risks.
Attacking model components
A red teamer's reference for attacking model components, covering poisoning, jailbreak techniques, model extraction, and MITRE ATLAS TTP mapping with examples.
Red teaming generative AI
A practitioner's reference for red teaming generative AI systems, covering MITRE ATLAS, NIST AI 100-2e2025, AI-specific TTPs, and the open-source tool stack.
Google’s Secure AI Framework (SAIF)
A reference guide to Google's Secure AI Framework, covering the four areas, 15 risks, control mapping, SAIF 2.0 agent security, and how it relates to OWASP.
The OWASP Top 10 for LLM applications
A reference walkthrough of all ten OWASP LLM Application risks for 2025, with code examples, real-world incidents, and a defensive mapping for practitioners.
Manipulating a model
How input manipulation and data poisoning bend ML classifiers (Model) with minimal effort, and why standard accuracy metrics miss the damage entirely.
The ML OWASP Top 10
OWASP ML Security Top 10 maps the attack surface of machine learning systems. Here is what each risk means for red teamers and defenders.
Training and evaluating a malware classifier
Training a byteplot CNN on Malimg to 88.54% accuracy, then see why overall accuracy on an imbalanced dataset misleads and what evaluation metrics to use instead