Premium expertise for AI tech
It started, as these things often do, with a vague sense of discomfort. You want to leverage the power of cloud LLMs such as Claude. You’ve got a neat little retrieval pipeline going. Documents go in, magic comes out. But one day you look at your logs and realise: “Wait… where did that customer name …
September 2, 2025 (the image is AI-generated and illustrates the difference between certified procedures and actually controlling AI) In the US, many tech bros still roll their eyes at regulation. “Slow down innovation? No thanks.” The default regime is to ship first, fix later , and if users get burned, well, that’s the cost of …
Continue reading "ISO 42001: Baseline for AI or Yet-Another-Badge?"
On August 16, 2025, Google issued a rare security advisory. The alert? Indirect prompt injections. A blog post cited on Yahoo News highlighted this alert, noting that some 1.8 billion Gmail users could be affected by the emerging threat. This is not a traditional phishing attack. There are no suspicious links, no “click here.” Instead, …
Continue reading "Google’s Warning: AI has become an Attack Surface"
DARPA’s AI Cyber Challenge At DEF CON 2025, the DARPA AI Cyber Challenge put autonomous AI-driven systems head-to-head in a capture-the-flag–style contest. Contenders had to find and patch vulnerabilities faster than human experts ever could. The results were striking: AI-based security tools demonstrated an ability to uncover and remediate software flaws at unprecedented speed. The …
What happened A critical zero-day exploit (CVE‑2025‑53770, dubbed “ToolShell,” along with related CVEs) was actively leveraged against on‑premises SharePoint Server (2016, 2019, Subscription Edition), leading to remote code execution and unauthorized access to system content and cryptographic keys. Attackers, primarily Chinese state-affiliated groups (Linen Typhoon, Violet Typhoon, Storm‑2603), have been exploiting these vulnerabilities in widespread …
Controlled AI services 