The Arcitix AI Security Blog
Field notes from defending with AI and securing the AI you ship — prompt injection, agentic SOC, red teaming, governance, and the threats in between.
Prompt Injection Explained: The #1 Risk in the OWASP LLM Top 10
Prompt injection is the top entry in the OWASP Top 10 for LLM Applications. Learn the difference between direct and indirect injection, real attack scenarios, and practical defenses.
Building an Agentic SOC: How AI Agents Triage Alerts at Machine Speed
Alert fatigue is breaking traditional SOCs. An agentic SOC uses AI agents to triage, investigate, and contain threats with humans in the loop. Here is how the architecture works.
AI Red Teaming: A Practical Guide to Breaking Your Own Models
AI red teaming probes your models and agents the way real attackers will. Learn what to test, how to structure a campaign, and how to turn findings into durable defenses.
The NIST AI Risk Management Framework: A Practical Implementation Guide
The NIST AI RMF gives organizations a structured way to manage AI risk. This guide breaks down its four functions — Govern, Map, Measure, Manage — into actions you can take now.
MITRE ATLAS Explained: Mapping Real-World Attacks on ML Systems
MITRE ATLAS is the ATT&CK for machine learning — a knowledge base of real adversary tactics against AI systems. Learn its structure and how to use it to harden your models.
Data Poisoning Attacks: How Training Data Becomes an Attack Surface
If an attacker can influence your training data, they can influence your model. Learn how data poisoning and backdoor attacks work — and how to defend your ML supply chain.
Securing RAG Pipelines: Threats and Defenses for Retrieval-Augmented Generation
RAG grounds LLMs in your data — and introduces a fresh attack surface. Learn the threats unique to retrieval-augmented generation and how to secure each stage of the pipeline.
The EU AI Act and Your AI Security Program: What Changes in 2026
The EU AI Act is now reshaping how organizations build and secure AI. Learn its risk tiers, the security-relevant obligations, and how to prepare your program.
Shadow AI: Discovering and Governing Unsanctioned AI in the Enterprise
Employees are already using AI tools your security team never approved. Learn how shadow AI creates risk and how to bring it under governance without killing productivity.
Put These Ideas to Work
From LLM firewalls to red teaming and AI governance — see how Arcitix turns these defenses into a program for your organization.
Get an AI Security Assessment