Agentic AI Security Assessment.
Six-surface methodology for deployed and planned AI agents. We test the agent, the model, the pipeline, the data, the access layer, and the governance boundary — then report by risk to the business.
“Most organisations deployed an AI agent before they secured the pipeline that feeds it. We surface what is exposed before an attacker does.”
Six-surface methodology
Each surface assessed and reported by risk to the business, not by convenience of the tester.
Agent behaviour & prompt boundary
We test prompt injection resistance, output boundary enforcement, and the agent's ability to distinguish between system instructions and user manipulation. Includes jailbreak assay and prompt-leak detection.
Model security & supply chain
Model provenance verification, third-party model risk, fine-tuning integrity checks, and dependency vulnerability scanning. We identify whether your model supplier meets your security requirements.
Pipeline & orchestration
CI/CD pipeline security for model deployment, orchestration-layer controls, tool-access permissions including Model Context Protocol (MCP) servers and connectors, and audit logging across the agent workflow. We assess whether a compromised pipeline step or MCP tool could break the agent.
Data exposure & provenance
Training data lineage, inference data handling, PII leakage testing, and data retention controls. We flag any data paths where sensitive information could be exposed through the agent.
Access layer & identity
Authentication mechanisms, authorisation boundaries, API key management, and session controls for the agent interface. We test what an attacker could do with a compromised agent session.
Governance & compliance boundary
Policy coverage for AI usage, compliance mapping against ISO 42001 and EU AI Act, accountability structures, and human-in-the-loop safeguards. We identify governance gaps that expose the business to regulatory risk.
What you receive
Risk-ranked findings report
Colour-coded findings by severity (critical, medium, low) with technical detail and plain-language summary for each.
Framework mappings
Each finding mapped to the AI-specific control set: OWASP Top 10 for LLMs, OWASP Agentic Top 10, MITRE ATLAS, NIST AI RMF, ISO/IEC 42001, and the EU AI Act.
Remediation roadmap
Ordered by risk: what to fix first, what to fix next, what to monitor. Includes estimated effort and dependencies.
Executive summary
Board-ready briefing on the findings, their business impact, and the recommended response — no technical jargon.
Raw evidence package
Full technical outputs, tooling artifacts, and reproducible steps for your compliance team to verify and retain.
Assessment tiers
Three levels depending on the depth you need. All include framework mappings and risk-ranked findings.
Surface Scan
One agent, single surface. Report within 5 business days. Suitable for initial scoping or a focused concern.
- → One target surface selected from the six
- → Written findings report with risk ranking
- → Framework mappings to the AI control set (OWASP LLM/Agentic, MITRE ATLAS, NIST AI RMF, ISO 42001, EU AI Act)
- → 5 business day turnaround
Full Assessment
Up to 3 agents assessed across all six surfaces. Full report plus remediation roadmap.
- → Assessment across all six surfaces
- → Risk-ranked report per agent
- → Framework mappings across the full AI control set (OWASP LLM + Agentic, MITRE ATLAS, NIST AI RMF, ISO 42001, EU AI Act)
- → Remediation roadmap with effort estimates
- → Executive summary for board
- → 10 business day turnaround
Red Team
Full red team engagement for production AI agents. Adversarial simulation, persistence testing, and ongoing retainer option.
- → All surfaces, all agents in scope
- → Adversarial simulation and persistence testing
- → Full evidence package and raw outputs
- → Remediation retainer option available
- → Ongoing monitoring and re-testing
- → Named practitioner and direct line
Ready to test your AI agent?
Book a free 30-minute security review. We will scope the right tier for your deployment and give you one specific recommendation you can action immediately.