Process list research in 2018, the rest is history. About to run a fine-tune entirely on our own MLOps platform, using data we collected on the same platform. Basically a decade in the making.

The #ACSAC2025 best case study award goes to: "Systematic Probing of AI Risks: Methods and Real-World Case Study" by Raja Sekhar Rao Dheekonda. Congratulations 👏👏👏

uv!

Many such cases

ML code be like that.

🧐 https://t.co/2tF4EjrMYZ

Industry forgets that these are students, not industry veterans. With the same AI knowledge, I’d expect veterans to do much better. https://t.co/g5ft0wJHDO

Small experiment to show “jailbreak factory”. Core of our tech is evals, which roll up nicely to execute on any goal, cyber or AIRT.

We would have a different story. Which is why more Security people should be doing these evals. Not every offensive team is built the same, have the same SOPs or TTPs. DN has a particular take on offense which aligns with our experience from previous roles and orgs. Evals can

Oh no, not the mandatory infosec training.

Playing with nano for slides. Brand is obviously off, but some of the angles would take me 10 years to do.

By partnering with The Bugcrowd Academic Program, universities can shape how cybersecurity is discovered, taught, and advanced. Request a demo today to see how Bugcrowd can elevate cybersecurity at your university.  https://t.co/NON54G6PMa

I left NV bc models were good enough to do all sorts of security tasks, even back then. Was all about the right harness and managing inference. Scaffolds are a spectrum and kind of melt away as models/tech improve. So, do CTFs with AI if you need to convince yourself.

For you @Microsoft and my old team. An LLM as an AMSI provider. Could probably use it to detect prompt injection locally into Bing, CoPilot, or the "Agentic OS". AMSI already works with text, so really nothing else required. Layer it with Defender. Proud of the team for pushing

@GoogleDeepMind has been at the front of AI for a long time. You have to be a Kool-aid drinker to work at DN, and everyone here to watches the AlphaGo documentary at some point -- here's one of my favorite excerpts from it. https://t.co/c8sr1KIgsK

Stoked we get to do this type of work. Evaluations are the basis of progress, and capability. I believe that many offensive teams are capable of this work. From this and other work we built our Strikes product — which is basically AI Infrastructure for Security. Where our vision

Anthropic report. Attackers finding AI fit for purpose. I suspect many of you are. Jailbreaks are interesting because they seem pretty weak and more like providing context. Idk, we don’t have issues with refusals. We spend a lot of time (if not all) time evaluating models

At an AI conference, AI people said they liked AI. https://t.co/KMt4qOy6R3

Coming to a prod near you. Team has been cooking on collaboration features. Additional repos are coming soon.

New blog - Offsec Evals: Growing Up In The Dark Forest Caught up in the fervor of greenfield research at @OffensiveAIcon , we all agreed we were going to put out evals and benchmarks and push the field forward. On day two of the con, I got a question I've been thinking about