HackerTrans
TopNewTrendsCommentsPastAskShowJobs

xsourcesec

no profile record

Submissions

[untitled]

1 points·by xsourcesec·6 bulan yang lalu·0 comments

[untitled]

1 points·by xsourcesec·6 bulan yang lalu·0 comments

Same AI agent, different prompts: 0% vs. 62% security pass rate

1 points·by xsourcesec·6 bulan yang lalu·1 comments

Show HN: BreachLab – Can you hack our AI?

breachlab.xsourcesec.com
4 points·by xsourcesec·6 bulan yang lalu·0 comments

Show HN: GitHub Action for AI/LLM Security Scanning in CI/CD

github.com
5 points·by xsourcesec·6 bulan yang lalu·1 comments

Show HN: AI Security Baseline 1.0 for LLM Apps

xsourcesec.com
1 points·by xsourcesec·6 bulan yang lalu·1 comments

comments

xsourcesec
·6 bulan yang lalu·discuss
Hi HN! I built a GitHub Action that automatically scans AI/LLM endpoints for security vulnerabilities on every push/PR.

Why? Most teams ship AI features without security testing. This action catches prompt injection, jailbreaks, and data leakage before they hit production.

How it works: - Add 5 lines of YAML to your workflow - Scans run automatically on push/PR - PRs get blocked if critical vulns are found - Full report with remediation steps

Free tier: 5 scans/month. 650+ attack vectors.

Built this because I do AI red teaming professionally (OSCP+, C-AI/MLPen). Happy to answer questions!
xsourcesec
·6 bulan yang lalu·discuss
[dead]
xsourcesec
·6 bulan yang lalu·discuss
Hi HN! After a year of AI red teaming, I published our internal security baseline as an open standard.

The Baseline covers: - Pre-deployment (threat modeling, prompt injection testing) - CI/CD integration (automated security gates) - Runtime protection (I/O filtering, rate limiting) - OWASP LLM Top 10 mapping

Tools to implement it (free to try): - AgentAudit: https://app.xsourcesec.com - 650+ attack vectors - BreachLab: https://breachlab.xsourcesec.com - Gamified prompt injection training

Happy to answer questions about LLM security!
xsourcesec
·6 bulan yang lalu·discuss
Happy New Year!