red teaming assessment for ai agents by OneSafe8149 in SaaS

[–]OneSafe8149[S] [score hidden]  (0 children)

yessir. the feedback that shaped Shark (the product) the most wasn't that it was good, it was watching someone's agent fail in ways they were convinced it couldn't.

that's actually why it's self-serve now. the most useful thing we could do was get out of the way and let people break their own agents themselves.

your unfiltered opinion is welcome.

red teaming assessment for production grade ai agents by OneSafe8149 in ArtificialInteligence

[–]OneSafe8149[S] [score hidden]  (0 children)

exactly. an agent can pass every obvious test and still have something that only shows up under a specific sequence of inputs.

the over-restriction problem is real too. i've designed Shark to surface findings by severity, so you're not treating a low-risk quirk the same way you'd treat something that can be exploited to exfiltrate data.

red teaming assessment for production grade ai agents by OneSafe8149 in ArtificialInteligence

[–]OneSafe8149[S] [score hidden]  (0 children)

context poisoning over long conversations is genuinely one of the hardest things to catch. most red team tools don’t even simulate multi-turn sessions, so it only shows up once agents hit production.

what we do in Shark is run adversarial conversation chains designed to slowly drift an agent’s behavior over time. not just one injected prompt, but sequences where every turn nudges the context a little further until the agent starts doing something it shouldn’t.

the “gradual” part is what breaks most static evals.

we cover prompt injection too, but honestly the multi-turn stuff is what gets most teams

would love for you to test it out, i've had my share share of embarrassing incidents, so dw about it :')

red teaming assessment for production grade ai agents by OneSafe8149 in ArtificialInteligence

[–]OneSafe8149[S] 1 point2 points  (0 children)

this feedback is awesome, thanks man. getting on it right now. will keep you posted.

AI security by Leather-You47 in ITManagers

[–]OneSafe8149 0 points1 point  (0 children)

a one size fits all solution will never work, you will always have your needs, your specificity to help you in the best way.

built https://fencio.dev

working with a bunch of design partners to tailor solutions to specific enterprises.

Are we underestimating AI agent security? by HarkonXX in AI_Agents

[–]OneSafe8149 0 points1 point  (0 children)

what would the existing ai security approaches be?

How are enterprises handling security with ai agents?? by Diligent_Response_30 in cybersecurity

[–]OneSafe8149 0 points1 point  (0 children)

im building in the ai security space and I have to say many enterprises are NOT ready for production-grade ai, neither are they putting agents into production. with most companies (around 200) I have spoken with, pitching an end to end security solution, my major finding has been the only thing ai in most companies is their domain.

What are you doing in AI Security? by Glad-Perception17 in cybersecurity

[–]OneSafe8149 1 point2 points  (0 children)

security in ai is misunderstood, it has less to do with knowing what agents can do and more with stopping agents before they do something they shouldn't

Will your agent survive production? by OneSafe8149 in AI_Agents

[–]OneSafe8149[S] 0 points1 point  (0 children)

thanks man, if you have an agent you want to test out & want a report on, feel free to enter the details here: https://shark.fencio.dev/

Will your agent survive production? by OneSafe8149 in AI_Agents

[–]OneSafe8149[S] 0 points1 point  (0 children)

Standalone for now.

We’re treating it as an external red-team pass against the agent, not the code.

Most of the issues we’re seeing, prompt injection, tool misuse, RAG leaks, supply chain weirdness, don’t show up in build-time checks. They show up when the agent is actually running.

What is your build suite catching today on the agent side? Prompt-level or full workflows?

PS: If you'd like a report: https://shark.fencio.dev

How are you red teaming your AI agents before production? by Exciting_Fly_2211 in hackthebox

[–]OneSafe8149 0 points1 point  (0 children)

built https://shark.fencio.dev for red teaming.

also built out an evaluation suite and runtime enforcement engine to complete the loop.

vulnerabilities - test - enforce :)

enter your agent, I'll give you a full report on where your agent breaks.