services

What we do.

We build security products and work directly with the businesses shipping agentic systems — breaking what’s brittle, building what isn’t, and putting deployable capability in your team’s hands.

Red teaming agentic systems

Adversarial testing of autonomous agents — before an attacker gets there first.

  • Threat model and attack-surface map for your agent
  • Reproducible exploit chains with severity ratings
  • Findings report with prioritised, actionable remediations
  • Retest of fixed issues to confirm closure

Building secure agentic systems

Agentic architectures with security designed in, not bolted on.

  • Secure agent architecture and threat model
  • Sandboxing and least-privilege tool-access design
  • Guardrail and policy enforcement layer
  • Runtime monitoring, logging, and alerting for agent behaviour

Advisory & architecture review

Architecture review, threat modelling, and ongoing security advisory.

  • Architecture and threat-model review with prioritised findings
  • Design feedback on new agentic features and tools
  • Security roadmap tailored to your stage and stack
  • Retained advisory on a cadence that fits your team
In development

Reinforcement learning as a service (RLaaS)

End-to-end RL — environment design, reward modelling, training, and evaluation.

  • Environment and task design
  • Reward modelling and shaping
  • Training pipeline and runs
  • Evaluation harness and reporting
In development

Private Cyber-Reasoning-Systems (PCRS)

A private autonomous cyber capability that autonomously detects, patches and verifies resolution to your internal source code vulnerabilities.

  • Autonomous cyber-capability
  • Inhouse expertise in CRSs

More to come

We continuously research new attacks and defences for agentic systems. Fresh services and products ship as the frontier moves.

how we work

From scope to retest — with your team, not around it.

01

Scope & threat model

We map your architecture, tool surface, and trust boundaries, then agree the threat model and success criteria up front — no boilerplate scope.

02

Build or break

We red team, engineer, or advise directly against that model — manual depth alongside automated coverage, working with your engineers rather than over the wall.

03

Report & remediate

Every finding ships with a reproduction, a severity rating, and a concrete fix. Products ship as deployable modules you can run in your own environment.

04

Retest & sustain

We verify fixes hold, and can stay on as a standing adversary or advisor across releases as your system evolves.

faq

Questions, answered.

Do you consult, or do you build products?

Both. We work directly with your team on hands-on engagements — red teaming, secure builds, advisory — and we build security products (RLaaS, Private Cyber-Reasoning-Systems) that deploy into your own environment. The engagements inform the products and vice versa.

Do you work directly with our engineers?

Yes. We embed with your team rather than throwing a PDF over the wall — pairing with your engineers through scoping, remediation, and retest so the knowledge stays in-house.

Can products run in our own cloud or on-prem?

Yes. Our product modules are designed to deploy in your cloud or on your premises, with bring-your-own-key (BYOK) for inference providers — or hosted on our infrastructure if you prefer. Your security data stays where you want it.

How does an engagement start?

A short scoping call to understand your stack and threat model, then a fixed-scope statement of work or an ongoing retainer. We can run one-off (pre-launch hardening) or continuously against each release.

Do you only work on AI agents?

Agentic systems are our focus, but the work draws on a decade of security engineering across AI infrastructure, cloud and kubernetes, and consensus protocols. If your system reasons, calls tools, and acts, it is in scope.

Not sure which fits? We scope engagements to your stack and threat model.

info@autopoiesis.uk