The MLSecOps Podcast Holistic AI Pentesting Playbook
Jun 13, 2025
Jason Haddix, a veteran in offensive security and CEO of Arcanum Information Security, shares his expertise on AI pentesting. He discusses his journey into AI security, emphasizing the need for holistic assessments of AI ecosystems. Jason reveals insights from his prompt injection taxonomy and the importance of practical testing methods. He underscores the significance of tailored defenses for different organizational tiers and shares valuable tips for both defenders and attackers. Plus, he provides anecdotes from jailbreak competitions and highlights common pitfalls in AI stack reviews.
AI Snips
Chapters
Transcript
Episode notes
Attack The Whole AI Ecosystem
- Enterprise AI risk is broader than model red teaming and includes the whole application ecosystem.
- Assess inputs, agents, RAG data, prompt engineering, classifiers, and observability together.
Harden Inputs, Outputs, And API Scopes
- Implement input/output validation, role-based access control, and scoped API keys for agents.
- Add classifiers and guardrails at each AI component to reduce successful prompt injections.
Test Before Launch In Dev
- Run an AI pen test close to launch but still in a dev environment to allow fixes.
- Avoid testing only in production because many fixes require developer time and dataset cleanup.