Break / Secure

I’m Pavan Reddy. I break and secure AI systems for a living — and I came up building them, from adversarial ML and model internals before I moved into security.

This is my open notebook on AI security. Every issue takes one real problem — a prompt injection pattern, an agentic failure mode, a defense that actually holds — and goes deep: how it works, why it works at the model and system level, and working code you can use. No hype, no “BREAKING” recycled from someone else’s thread. The version worth reading, not the first one published.

What You’ll Get

• Teardowns — real vulnerabilities dissected, with minimal reproductions and, more importantly, how you’d actually defend against them.

• Builds — working defensive implementations: input guardrails, prompt-injection detection, output filtering, agentic action-gating. Runnable code, honest tradeoffs.

• Lenses — where AI security is actually heading, argued from evidence rather than vibes.

Who I am

I’m Pavan Reddy. I break and secure AI systems for a living, and I came up building them — adversarial ML and model internals before I moved into security.

This newsletter is my open notebook. Each issue I pick one real problem in AI security — a prompt injection pattern, an agentic failure mode, a defense that actually works — learn it deeply, and write it up so you can use it. Expect hands-on, technical, no hype.

By day I’m Principal Developer at Automata and I build QBTrain, a platform for learning AI security and AppSec by actually breaking and securing real systems. If that’s your world, subscribe.

If you’re securing AI in production, building in this space, or you just want to understand how these systems really fail — subscribe.