Security · OWASP LLM01
Direct vs indirect prompt injection, a threat model for on-prem RAG, defanged attack shapes, and a five-layer defense-in-depth strategy mapped to the OWASP LLM Top 10 and MITRE ATLAS.
18 min read
Jul 7, 2026
Prompt InjectionOWASP LLM01RAG Security
Security · OWASP LLM02
Why downstream systems must treat model output as untrusted input: XSS, SSRF, SQLi and SSTI sinks, defanged attack shapes, and context-aware output encoding.
14 min read
Jul 7, 2026
Insecure OutputOWASP LLM02Output Sanitisation
Security · OWASP LLM03
Poisoned corpora, RAG backdoors, feedback-loop poisoning, retrieval anomalies, and data-lineage controls for on-prem LLM systems.
16 min read
Jul 7, 2026
Data PoisoningOWASP LLM03MITRE ATLAS
Security · OWASP LLM04
Context flooding, KV-cache exhaustion, tool fan-out, token budgets, queue isolation, and detection for vLLM and TensorRT-LLM style serving.
15 min read
Jul 7, 2026
Model DoSOWASP LLM04Inference Security
Security · OWASP LLM05
Model weights, tokenizers, adapters, datasets, containers and CUDA/Python dependencies treated as signed, verified release artifacts.
17 min read
Jul 7, 2026
Supply ChainOWASP LLM05SBOM
Security · OWASP LLM06
On-prem moves the risk from cloud egress to internal over-sharing. Identity-aware retrieval, DLP, and layered controls to keep PII and secrets in-bounds.
15 min read
Jul 7, 2026
Data LeakageOWASP LLM06RAG Access Control
Security · OWASP LLM07
Over-permissioned tools, unsafe schemas, confused-deputy failures, tool-call telemetry, and deterministic policy gates outside the model.
16 min read
Jul 7, 2026
Tool SecurityOWASP LLM07Agents
Security · OWASP LLM08
Autonomy levels, permission boundaries, human-in-the-loop review, execution budgets, and safe agent design for high-impact workflows.
15 min read
Jul 7, 2026
Excessive AgencyOWASP LLM08HITL
Security · OWASP LLM09
Groundedness checks, citation validation, eval suites, reviewer workflows, and decision gates that prevent fluent output from becoming unverified authority.
14 min read
Jul 7, 2026
OverrelianceOWASP LLM09Evals
Security · OWASP LLM10
Weight exfiltration, API extraction, prompt and trace leakage, artifact access control, watermarking, and monitoring for self-hosted inference.
17 min read
Jul 7, 2026
Model TheftOWASP LLM10Monitoring
Security · Field Notes
A redacted end-to-end exercise from document ingestion to retrieval, prompt assembly, tool gating, and blue-team evidence capture.
16 min read
Jul 7, 2026
RAG Red TeamIndirect InjectionOWASP LLM01
Security · Field Notes
A payload-free taxonomy of guardrail-bypass families with telemetry signals and controls that survive prompt churn.
15 min read
Jul 7, 2026
GuardrailsJailbreak TaxonomyMITRE ATLAS
Security · Field Notes
API extraction and profiling risks for self-hosted inference, with telemetry, throttling, canaries, and response controls.
16 min read
Jul 7, 2026
Model ExtractionvLLMOWASP LLM10
Security · Blue Team
A SIEM-ready event model for prompts, retrievals, tool calls, guardrails, privacy controls, and illustrative Sigma-style detections.
14 min read
Jul 7, 2026
LLM ObservabilitySIEMSigma
Security · Blue Team
A practical incident-response runbook for LLM data leaks: triage, containment, evidence, scoping, eradication, and recovery.
17 min read
Jul 7, 2026
DFIRData LeakOWASP LLM06
Security · Blue Team
Turn prompts, retrievals, tool calls and guardrail verdicts into an LLM SIEM feed. A detection catalogue mapped to MITRE ATT&CK, with illustrative Sigma rules.
16 min read
Jul 7, 2026
Detection EngineeringSigmaMITRE ATT&CK
Security · Architecture
Decompose the stack into trust zones, apply STRIDE per component, map to OWASP LLM Top 10 and MITRE ATLAS, and prioritise secure-by-design controls.
17 min read
Jul 7, 2026
Threat ModelingSTRIDEMITRE ATLAS
Fundamentals
Regulation (GDPR, AI Act, NIS2), use cases for banking/healthcare/defense, hidden cloud costs (egress, lock-in), and TCO comparison cloud vs on-prem over 3 years.
12 min read
Oct 11, 2025
Sovereign AI
GDPR
TCO
Technical Deep Dive
Production benchmarks comparing latency, throughput, and filtering capabilities. Decision matrix for choosing the right vector database based on scale, budget, and feature requirements.
12 min read
Oct 11, 2025
Qdrant
Milvus
RAG
Technical Deep Dive
Performance benchmarks on H100 GPUs, throughput/latency analysis, concurrency scaling, and decision matrix for choosing the right serving engine for your workload.
15 min read
Oct 11, 2025
vLLM
TensorRT-LLM
Benchmarks
Implementation Guide
GPU memory requirements for Llama 3 models, quality trade-offs between full fine-tuning and LoRA/QLoRA, cost analysis, and production deployment code examples.
14 min read
Oct 11, 2025
LoRA
Fine-Tuning
Llama 3
Implementation Guide
Connect any LLM to any server, build custom agents that browse the web, search Airbnb, control Blender. Complete guide with code examples and production patterns.
18 min read
Jan 12, 2025
MCP
LLM Agents
Automation
Innovation Spotlight
Revolutionary approach - encode text chunks as QR codes in video frames, achieve 50-100× compression vs vector databases, retrieve in <100ms with constant 500MB RAM.
16 min read
Jan 12, 2025
MemVid
Video Compression
RAG
Implementation Guide
Hybrid search (keyword + vector), reranking, query expansion, chunking strategies, evaluation harness, and guardrails to reduce hallucinations in production.
20 min read
Jan 2, 2026
RAG
Architecture
Evaluation
Implementation Guide
Quality/speed/memory trade-offs, how quantization affects KV cache and throughput, and a practical decision matrix for on-prem serving.
16 min read
Jan 2, 2026
Quantization
Serving
VRAM
Operations
Metrics (TTFT/TBT, p95, cost), traces (OpenTelemetry), audit logs, evaluation telemetry, and alert rules for enterprise-grade LLM operations.
14 min read
Jan 2, 2026
Observability
Monitoring
OpenTelemetry