Hallucinating about AI Security & Safety
Joined December 2019
- Tweets 163
- Following 2,454
- Followers 796
- Likes 453
20 Photos and videos
Pinned Tweet
6 Dec 2022
After coining the term MLSecOps in 2017, I'm finally presenting the best you ever saw introduction to MLSecOps, or DevSecOps for AI systems, with core principles, ML pipeline stages, and examples!
Slides and Video: conf42.com/DevSecOps_2022_Eu…
#AI #SecureAI #MLSecOps #DevSecOps
8
28
Jun 3
Introducing the AI Risk Quadrant with 100 agent security profiles!
📈 AI Risk Quadrant: 100 agents across 10 agent classes
📊 AIRQ Framework: attack surface vs. defense controls
🗂️ AIRQ Agent Profiles: security analysis of 100 agents
Read more: AIRiskQuadrant.com
1
2
130
Agentic AI Runtime Security - linkedin.com/feed/update/urn…
The A2AS framework is introduced as a security layer for AI agents and LLM-powered applications, similar to how HTTPS secures HTTP. A2AS enforces certified behavior, activates model self-defense, and ensures context window integrity. It defines security boundaries, authenticates prompts, applies security rules and custom policies, and controls agentic behavior, enabling a defense-in-depth strategy. The A2AS framework avoids latency overhead, external dependencies, architectural changes, model retraining, and operational complexity.
The BASIC security model is introduced as the A2AS foundation:
(B) Behavior certificates enable behavior enforcement
(A) Authenticated prompts enable context window integrity
(S) Security boundaries enable untrusted input isolation
(I) In-context defenses enable secure model reasoning
(C) Codified policies enable application-specific rules.
This first paper in the series introduces the BASIC security model and the A2AS framework, exploring their potential toward establishing the A2AS industry standard
Source: hmdhiqqomsdmtwjq.public.blob…
Authors: @eneelou, @d0znpp, @dor3s, Om Narayan, Tiffany Saade, @stryker0x, @dr_kabanov, Jen Ozmen, Edward Lee, @vineeth_nalam, @emmanuelgjr, @KenHuangUS, Huseyin Gulsin, Jason Ross, @MaratVy, Adelin Travers, @habler78827 , Rahul Jadav
#AWS, #ByteDance, #Cisco, #Elastic, #Google, #JPMorganChase, #Meta, #OWASP, #Salesforce, #Wallarm - @awscloud, @BytedanceTalk, @Cisco, @elastic, @Google, @jpmorgan, @Meta, @OWASP, @salesforce, @wallarm
4
11
746
29 Aug 2025
Are they heretics for saying SecDevOps instead of DevSecOps when it's the same thing?
3
151
EUGENE NEELOU retweeted
27 Jun 2025
I think context engineering is going to stick - unlike "prompt engineering" it has an inferred definition that's much closer to the intended meaning, which is to carefully and skillfully construct the right context to get great results from LLMs
25 Jun 2025
1 for "context engineering" over "prompt engineering".
People associate prompts with short task descriptions you'd give an LLM in your day-to-day use. When in every industrial-strength LLM app, context engineering is the delicate art and science of filling the context window with just the right information for the next step. Science because doing this right involves task descriptions and explanations, few shot examples, RAG, related (possibly multimodal) data, tools, state and history, compacting... Too little or of the wrong form and the LLM doesn't have the right context for optimal performance. Too much or too irrelevant and the LLM costs might go up and performance might come down. Doing this well is highly non-trivial. And art because of the guiding intuition around LLM psychology of people spirits.
On top of context engineering itself, an LLM app has to:
- break up problems just right into control flows
- pack the context windows just right
- dispatch calls to LLMs of the right kind and capability
- handle generation-verification UIUX flows
- a lot more - guardrails, security, evals, parallelism, prefetching, ...
So context engineering is just one small piece of an emerging thick layer of non-trivial software that coordinates individual LLM calls (and a lot more) into full LLM apps. The term "ChatGPT wrapper" is tired and really, really wrong.
58
97
1,313
189,397
2 Jun 2025
The irony of the AI red teaming market is that vendors who aren't completely sure what product to build are selling it to customers who aren't completely sure what product they need.
3
215
EUGENE NEELOU retweeted
27 May 2025
i was looking for the sys prompt leaks from @elder_plinius and asked grok to find the tweets, instead it jailbreaks itself
1
3
41
16,968
23 May 2025
The immediately jailbroken "new advanced AI protections" announced by both Anthropic and Google are a perfect example of the Security Theater concept.
2
228
EUGENE NEELOU retweeted
13 May 2025
Just finished updating defense section of the August Attacking AI cohort!
arcanum-sec.com/training/att…
9
44
3,485
EUGENE NEELOU retweeted
7 May 2025
4o generated a whole loadout based on our memories a deep research of techniques! Fascinating to see ChatGPT’s internal mapping of my prompting patterns visualized like this
48
68
938
61,132
5 May 2025
I got a 64gb RAM MacBook Max to run local LLMs, but instead I'm running Chrome with 791 tabs -- a lot of AI Security and product strategy stuff.
I guess just sharing all those links is like 2 years' worth of content!
2
169
1 May 2025
Using AI responsibly is like riding a bicycle
The only meaningful way to make it useful is:
-> Take full ownership of riding the bicycle to the destination
-> Expect zero help from the bicycle beyond your own effort
-> Assume no responsibility for the outcome from the bicycle
1
109
EUGENE NEELOU retweeted
29 Apr 2025
Today our AI security team @ Meta launched open source tools to support the open source GenAI ecosystem, including:
- LlamaFirewall; a security-first guardrail framework for mitigating agentic prompt injection, misalignment, and insecure coding risks: github.com/meta-llama/Purple…
3
46
129
13,507
29 Apr 2025
The AI security market is like the early 2000s in terms of attack-defense coverage.
It should catch up and converge with the broader security market, though.
If every software will become AI software, is there any difference?
1
117
24 Apr 2025
I miss the times when you only needed a single weekend to catch up on an entire year of progress in AI security and waited weeks or even months for any big news!
4
180
23 Apr 2025
What are technically cool but practically unsolvable security problems?
My pick: the classic Adversarial ML.
1
6
247
21 Apr 2025
I asked ChatGPT to roast me and ended up with the best resume for my AI Security consulting practice!
1
212
EUGENE NEELOU retweeted
7 Apr 2025
2
38
130
17,206
30 Oct 2024
Quantum security means the controls are only working when you're looking at them.
1
4
458