An AI lab building, securing, and teaching the systems that build the systems. Quietly, and with a towel.
What we do
We find what your model didn't expect to be asked. Adversarial testing, threat modeling, and security review for production AI. Most engagements start with a focused assessment (prompt injection, jailbreaks, agent tool misuse) and end with concrete hardening recommendations and a report your auditors will accept.
Specialized training for technical teams putting AI into production. Practical, deep, and free of magical thinking. Topics run from secure prompting and evaluation harnesses to agent design and deployment. We deliver them as half-day workshops, multi-day cohorts, or a bespoke curriculum for in-house teams.
Designing and shipping autonomous systems that mostly behave themselves, from prototype to production. Research agents that synthesise sources, support agents that shorten ticket queues, internal automation that turns a five-step process into one. We work with any model provider and any agent framework, or write the framework ourselves when off-the-shelf doesn't fit.
Public notes from the strange edges of the field, on safety, alignment, and the experiments worth telling you about. We share what we learn: write-ups of new attack classes, evaluation methods, and the small tools we wish someone else had built. Read it because it's interesting; hire us when it lines up with what you need.
An example
A pre-deployment threat model for an example multi-agent system, with the same structure and depth as a real engagement: system context, trust boundaries, prioritised risks, and recommended mitigations. The system is invented. The format is exactly what you would get.
Download examplePDF · 240 KB · public example
Resources
Practical, vendor-neutral writing from our training programme and audit work. Free to read, no sign-up.
The taxonomy and a four-layer defense, from model choice to tool-side enforcement.
13 min read ArchitectureScope every tool and separate every role so a compromise can't pivot.
12 min read MethodologySTRIDE-per-component and attack trees, worked end to end.
14 min read ToolingThe tool-calling layer is the new attack surface. How to build and vet it.
12 min readGet in touch