AI Security Research — Est. 2025

Break your AI agents before someone else does.

EthiVos is a specialist penetration testing firm for custom AI agents — uncovering prompt injections, tool-abuse vectors, and alignment failures before they become breaches.

Request an Audit How it works →
Prompt injection via user input Tool-call privilege escalation Indirect injection via RAG documents System prompt extraction Memory poisoning attacks Agent-to-agent exfiltration Remediation by EthiVos Jailbreak via context saturation Role confusion in multi-agent pipelines Data leakage through function outputs Hardened by EthiVos Prompt injection via user input Tool-call privilege escalation Indirect injection via RAG documents System prompt extraction Memory poisoning attacks Agent-to-agent exfiltration Remediation by EthiVos Jailbreak via context saturation Role confusion in multi-agent pipelines Data leakage through function outputs Hardened by EthiVos
The Problem

AI agents are the new attack surface.

Every business deploying a custom AI agent — whether for customer support, internal ops, or autonomous workflows — is deploying a system that can be manipulated in ways traditional security tools don't understand.

Existing pentesting firms test APIs and code. Nobody tests the model's behaviour, its tool-calling logic, its trust boundaries, or how it handles adversarial instructions hidden in documents, emails, and user messages.

EthiVos was built for exactly this gap: AI-native security for AI-native systems.

74%
of LLM-powered apps have at least one exploitable prompt injection vector (OWASP LLM Top 10, 2024)
$4.9M
average cost of an AI-related data breach in 2024
increase in autonomous AI agent deployments projected over the next 18 months
0
established pentesting firms specializing exclusively in AI agent security
What We Test

Full-spectrum AI agent security audits.

We go where conventional pentesters can't — inside the model's reasoning, trust chains, and tool interfaces.

Prompt Injection Audits

Direct and indirect injection vectors — including payloads embedded in RAG corpora, emails, PDFs, and external APIs your agent trusts.

OWASP LLM01

Tool & Function Abuse

We test every callable function, API, and plugin your agent can invoke — probing for privilege escalation, unauthorized access, and logic manipulation.

OWASP LLM07

System Prompt Extraction

Systematic attempts to extract confidential instructions, persona data, and business logic encoded in system prompts through adversarial conversation trees.

OWASP LLM02

Memory & Context Poisoning

Testing persistent memory systems, vector databases, and conversation history for injection vulnerabilities that persist across sessions.

OWASP LLM03

Multi-Agent Trust Attacks

Orchestrator–subagent pipelines are uniquely vulnerable. We test trust hierarchies, message provenance, and lateral movement between agents.

Multi-agent

Compliance Gap Analysis

Mapping findings to EU AI Act, NIST AI RMF, and SOC 2 requirements — producing audit-ready reports for regulators and enterprise procurement.

Compliance-ready
Our Process

Red-teaming built for LLMs.

We combine automated fuzzing with expert manual testing — the only way to surface vulnerabilities that emerge from model reasoning, not just code paths.

01

Scope & Threat Modelling

Define agent architecture, trust boundaries, data flows, and attacker profiles.

02

Automated Fuzzing

10,000+ adversarial prompts across OWASP LLM Top 10 categories run against your agent.

03

Manual Red-Teaming

Researchers probe edge cases, chained exploits, and domain-specific attack scenarios.

04

Findings & PoC

Every vulnerability delivered with a reproducible proof-of-concept and CVSS-style severity score.

05

Remediation & Retest

We work with your team to fix issues, then retest to confirm the attack surface is closed.

The Team

Security researchers who understand models.

Our founding team bridges two worlds most firms keep separate: offensive security and AI research.

KK

Kamal Kothyari

Co-founder / CEO

Leads business strategy, client relationships, and go-to-market. Deep background in enterprise security and AI risk — focused on building the standard for AI agent assurance.

AR

Aryan Rupala

Co-founder / CTO

Architects the technical platform and red-team methodology. Built LLM evaluation pipelines and adversarial testing frameworks. Hands-on expert in prompt injection, tool-call abuse, and multi-agent attack surfaces.

Traction

Early progress, clear momentum.

We are pre-revenue and six months in. Here's where we stand heading into our first cloud infrastructure investment.

  • 3 paid pilot audits completed — fintech, legaltech, and enterprise SaaS
  • LOIs signed with 2 additional enterprise customers pending scale-up
  • Proprietary fuzzing toolchain benchmarked against 14 public LLMs
  • Research paper accepted at top-tier security venue (under review)
  • Advisors from CISA AI working group and former FAANG security teams
Q3 2025
Company founded

Team assembled; initial research into OWASP LLM Top 10 exploitation completed.

Q4 2025
First pilot audits

3 paying customers — findings validated methodology; all clients re-engaged for remediation phase.

Q1 2026
Toolchain v1 complete

Automated fuzzing suite covering 8 OWASP LLM categories operational. 10× faster than manual-only testing.

Q2 2026
Platform beta launch

Self-serve audit dashboard in closed beta — clients can submit agents, track findings, and monitor remediation status.

Q3 2026
Series A preparation

Target: 10 enterprise clients, $500K ARR, and publication of public AI agent vulnerability database.

Get In Touch

Is your AI agent secure?

Most aren't. Book a 30-minute scoping call and we'll tell you exactly what we'd test and what we'd expect to find.

hello@ethivos.com