Research from the field.
Longer-form technical research drawn from anonymized engagement data. Methods, findings, and the defenses that actually work.
- // AI Security 2026-03-30
Indirect Prompt Injection via Corpus Poisoning in Production RAG Systems
A field study of 14 production RAG deployments across fintech, SaaS, and AI platform clients. We characterize the indirect prompt injection attack surface introduced by retrieval, document concrete exploitation paths observed in real systems, and propose a structural defense pattern that separates retrieved content from the agent's instruction channel.
- // Cloud Security 2026-02-11
Permission Graph Analysis of IAM Escalation Chains in 47 Production AWS Accounts
Static analysis of effective IAM permission graphs across 47 production AWS accounts reviewed during 2024–2025. We find that 41 of 47 accounts contained at least one viable privilege escalation path from a low-privilege starting principal to a high-privilege destination, with a median chain length of 3 hops. The dominant patterns and their frequencies are characterized.
- // Telecom Security 2025-11-19
Behavioral Baselines for SIM-Swap Fraud Detection in Customer-Care SIEM
Adversary emulation engagements against three Tier-1 mobile carriers revealed that fraudulent SIM-swap activity is detectable with high precision using a small set of agent-behavior features available to existing customer-care SIEM deployments. We document the feature set and report detection precision and recall against a labeled engagement dataset.