AI changes the threat model. We change the defense.
LLM agents, RAG pipelines and copilots open new attack surfaces — prompt injection, data exfiltration, model abuse, shadow AI. We design, harden and continuously test them under EU regulation.
- Built on top of Obsigen AI — our own multi-agent stack, fully EEA-hosted.
- Aligned to OWASP LLM Top 10, NIST AI RMF, ISO/IEC 42001, EU AI Act.
- Runtime guardrails — not "tell the model to be safe".
Frameworks & regulations we map your AI program to
What you get
Six capabilities, one outcome: AI you can put in front of customers.
EU AI Act readiness
System classification, risk register, technical documentation and evidence packs for high-risk and GPAI use cases.
- Article 6 / 9 / 13 mapping
- DPIA + AI risk assessment
- Conformity assessment prep
LLM red-teaming
OWASP LLM Top 10, prompt injection (direct & indirect), tool-use abuse, data exfiltration, jailbreaks — with reproducible payload library.
- Automated & manual attacks
- Severity scoring + fix backlog
- Retest after each release
Runtime guardrails
Input/output filters, tool allow-lists, PII redaction, content policies, RAG access control — enforced at request time, not in prompts.
- Policy engine + audit log
- Abuse & cost anomaly alerts
- Per-tenant isolation
Private RAG & data residency
EEA-only storage, on-prem or sovereign cloud embeddings, document-level ACLs, isolation per tenant. Built around Obsigen AI.
- Warsaw data, Norway GPU
- Vector DB with row-level security
- BYO key (KMS / HSM)
Shadow AI discovery
Find unsanctioned LLM use across browsers, extensions, SaaS and code. Quantify data leaving the company, then bring it under policy.
- Inventory + risk scoring
- Sanctioned alternatives roll-out
- Browser & DLP integration
Continuous assurance
Regression tests for safety, evals on every model/prompt change, post-incident review and quarterly red-team refresh.
- CI eval suites
- Quarterly attack rotation
- Monthly executive report
Engagement
From "we have an AI feature" to "we can defend it".
Four phases. Six-to-twelve weeks for a typical engagement, then continuous coverage.
Discover
Inventory every AI surface — internal copilots, customer-facing agents, third-party SaaS AI. Classify under EU AI Act risk tiers.
Assess
Threat model + red-team campaign with reproducible payloads. Severity-scored findings mapped to OWASP LLM Top 10 and MITRE ATLAS.
Harden
Deploy runtime guardrails, tighten RAG access, add monitoring & abuse alerts. Build the AI Act evidence pack along the way.
Monitor
Continuous eval suites in CI, quarterly red-team rotation, on-call for incidents. We stay in the room.
Powered by Obsigen AI — sovereign by default
Our security stack runs on top of Obsigen AI, the European multi-agent platform we build in-house. That means:
- No data leaves the EEA. Document storage in Warsaw, GPU inference at the Arctic Circle (Norway).
- Multi-agent orchestration with 7 execution strategies and a 6-tool registry — auditable end-to-end.
- RAG with row-level security — every retrieval honours the calling user's ACLs, even when the LLM doesn't know about them.
- Bring-your-own model — open-weights (Llama, Mistral) on our infra, or your existing Anthropic / OpenAI keys behind a proxy.
We attack your AI before attackers do
Every engagement starts with a campaign of reproducible attacks, scored and prioritised:
- Direct & indirect prompt injection — hidden in retrieved documents, emails, web pages, image metadata.
- Tool-use abuse — pushing the agent to call unauthorised tools, exfiltrate via webhooks, or chain unsafe actions.
- Data leakage — extracting training data, system prompts, other tenants' context.
- Jailbreaks & policy bypass — refusal evasion, role-play attacks, encoded payloads.
- Cost & availability — token-bombing, infinite loops, denial-of-wallet.
Built for teams that already ship AI — or are about to.
Financial services
DORA, NIS2 and AI Act collide. We map your AI program to all three with a single evidence pack.
E-commerce & retail
Customer-facing chat and shopping copilots — protect catalogue, pricing and PII while keeping conversion high.
Manufacturing & ERP
AI on the shop floor and inside ERP. We secure tool-use and lock down what an agent can actually do.
Healthcare & pharma
High-risk under AI Act + GDPR special categories. We deliver the documentation and the control plane together.
Public sector
EEA data residency, full audit trail, sovereign infrastructure — without lock-in to a US hyperscaler.
AI-native startups
Investors and enterprise buyers ask the same questions. We get you to a defensible answer fast.
FAQ
Questions we hear in every first call.
Do I really need AI Security if I just call the OpenAI API?
Yes — calling a remote LLM doesn't remove your responsibility. Under the EU AI Act you are the deployer of the AI system, which means the obligations sit with you, not OpenAI. Prompt injection, data leakage and tool-use abuse all happen on your side of the wire.
How is this different from a regular penetration test?
A traditional pentest looks at infrastructure and code. AI red-teaming attacks the model behaviour — and the same input can succeed today and fail tomorrow after a model update. We treat AI security as continuous, not a one-shot report.
What does "EU AI Act readiness" actually deliver?
A complete evidence pack: system classification, risk register, technical documentation (Annex IV), DPIA, human-oversight design, post-market monitoring plan, and a register of substantial modifications. Ready for an auditor — or a procurement questionnaire.
Can we keep our existing LLM provider?
Yes. The guardrail layer sits in front of any provider — Anthropic, OpenAI, Mistral, Llama on Obsigen, or a mix. We typically end up with a proxy that lets you swap providers per use case without touching application code.
How fast can we start?
A first 30-minute review within a week. A scoped red-team engagement in 4–6 weeks. EU AI Act evidence pack typically 8–12 weeks depending on the number of systems in scope.
Where is my data processed?
EEA-only by default — document storage in Warsaw, GPU inference at the Arctic Circle (Norway). If your situation requires on-prem or sovereign cloud, that's the same stack with a different deployment target.
Book a 30-minute AI Security review.
We look at one of your AI features and outline the top risks plus the next three things to fix — no slides, no fluff.
Talk to us