Next Kick Labs
Subscribe
Sign in
Home
Notes
Archive
About
Latest
Top
Discussions
AI Security Testing as a Chain of Trust
AI security testing becomes credible when benchmarks, scanners, and guardrails compose into a chain of trust validated by application runtime telemetry.
Jun 24
•
Fernando Lucktemberg
4
There is no NMAP for LLMs yet
LLM security tools produce different evidence. This lab shows how garak, promptfoo, DeepTeam, and Augustus should be scoped and interpreted.
Jun 17
•
Fernando Lucktemberg
1
CyberSecEval on a Consumer GPU: What My Local Setup Could Actually Measure
A local CyberSecEval lab shows why response fields, harness state, and server configuration matter as much as model scores.
Jun 10
•
Fernando Lucktemberg
1
In AI Vulnerability Research, the Pipeline Is Becoming the Product
Open-source AI vulnerability research tooling now covers discovery, proof construction, patching, triage, and evaluation, but verifiable pipelines…
Jun 3
•
Fernando Lucktemberg
1
May 2026
When the Research Tool and the Attack Tool Are the Same System
AI agents are now automating exploit chain construction at production scale. Learn how this shifts the economics of vulnerability triage and…
May 26
•
Fernando Lucktemberg
Treat Coding Agents as Privileged Build Participants
Coding agents are now tool-using systems with repository access. Learn how to secure the agentic runtime and protect your software supply chain.
May 21
•
Fernando Lucktemberg
Detecting Shadow AI in the Enterprise: The MCP stdio Gap
Close the detection gap for Shadow AI. Learn why the Model Context Protocol stdio transport bypasses CASBs and how to use endpoint telemetry for…
May 19
•
Fernando Lucktemberg
The Three-Day Breach: The AI Security Gap That Isn't About Prompt Injection
A fictional composite incident exploring how machine-speed AI agents bypass traditional security detection. Learn why the detection tempo gap is more…
May 14
•
Fernando Lucktemberg
1
Orchestrator-to-Orchestrator Is the Next Agentic Trust Boundary
Orchestrator-to-Orchestrator (O2O) delegation creates a new class of third-party risk. This article explores how to secure agent handoffs and horizontal…
May 12
•
Fernando Lucktemberg
Runaway Agents: The Authority Boundary Problem in AI Security
Discover why runaway AI is an authority-boundary problem. Learn how tool-using agents exploit sandboxes and evaluators, and how to harden the control…
May 7
•
Fernando Lucktemberg
1
AI Agent Memory Poisoning: The new AI-to-AI persistence risk
Explore how AI agents propagate malicious state through shared memory and messages. Learn about inter-agent trust exploitation and defensive memory…
May 5
•
Fernando Lucktemberg
1
April 2026
Distillation at the Projection Layer: The Industrialized Theft of AI Models
Learn how competitors use knowledge distillation and projection layer extraction to clone frontier AI models. Discover the defenses that work and the…
Apr 30
•
Fernando Lucktemberg
1
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts