Security Resources
Practical security resource hubs for AI security, AppSec, API security, DevSecOps, cloud, compliance, and operational cybersecurity programs.
AI Security Hub
A practical hub for LLM, RAG, agent, MCP, model file, and MLOps security decisions before AI systems reach production.
AI Agent Runtime Security Hub
A practical hub for securing AI agents while they call tools, use memory, retrieve data, connect to MCP servers, and act through production APIs.
Web Application Pentest Hub
A decision hub for web pentest scope, scanner limitations, business logic testing, authentication, authorization, and exploitable proof.
API and Backend Security Hub
A hub for SaaS tenant isolation, API authorization, JWT/session design, rate limits, fintech APIs, queues, Kafka, and backend abuse cases.
DevSecOps and Supply Chain Hub
A hub for secret scanning, CI/CD token security, Git policy, Kubernetes image signing, SBOM, npm supply chain, and secure delivery.
AI Security Readiness Checklist
A practical checklist for teams preparing AI applications, RAG systems, and agent workflows for security review.
Web App Pentest Scope Checklist
A scope checklist for turning web application risk into a clear pentest plan, evidence list, and stakeholder brief.
API Security Test Plan
A test-plan resource for SaaS, fintech, and backend teams validating authorization, tenancy, abuse resistance, and API reliability.
DevSecOps Secret Leak Response Checklist
A response checklist for teams that discovered secrets in Git history, CI logs, packages, containers, or developer machines.
Mobile Application Security Hub
A practical hub for mobile pentest scope, client-side risk, backend API exposure, session handling, reverse engineering, and fraud workflows.
OT/ICS Security Hub
A safety-first hub for industrial control security, segmentation, vendor access, passive discovery, and controlled validation.
External Attack Surface Management Hub
A practical hub for discovering exposed assets, forgotten staging systems, risky DNS records, public cloud resources, and internet-facing control points.
Security Compliance and Governance Hub
A practical hub for turning security testing, AI governance, KVKK/GDPR evidence, vendor risk, and board reporting into operational decisions.
Vulnerability Advisories and CVE Analysis Hub
In-depth technical analysis of critical CVEs affecting AI infrastructure, hosting platforms, Linux kernels, and enterprise software — with actionable patch guidance.
API Docs
Public machine-readable endpoints, discovery files, and integration surfaces exposed by the Eresus website today.
LLM Red Teaming
A hub for prompt injection, jailbreaks, tool misuse, and the operational mindset behind adversarial testing of language models.
Foundation Model Reports
A report hub for model-specific risk notes, security posture snapshots, and practitioner-oriented interpretation of model behavior.
Language Model Security DB
A curated hub for security-relevant model issues, integration weaknesses, and recurring attack classes across the AI ecosystem.
Running Benchmarks
Practical guidance on operationalizing benchmark suites, release gates, and security-relevant regression tracking.
Evaluating Factuality
A resource hub for measuring groundedness, answer reliability, source quality, and the operational security side of factuality failures.
Evaluating RAGs
Operational guidance for testing retrieval quality, permission boundaries, poisoning risk, and downstream answer safety in RAG systems.
Minimizing Hallucinations
Practical patterns for reducing hallucinations through retrieval design, evaluation, guardrails, and workflow-specific quality gates.
Config Validator
A resource page for configuration hygiene across prompts, retrieval, MCP servers, environment secrets, and AI deployment defaults.