Start Here AI Security Work Blog About Subscribe

Secure Steps · field notes by Daniel Begimher

Field notes from the frontier of AI security.

An engineer building, breaking, and evaluating AI security systems — writing the practical version in public. Agents, prompt injection, RAG, evaluation, and developer-first tooling.

Start reading → Subscribe

# whoami
begimher // AI Security Engineer & Researcher

# scan --focus ai-security
scope   : agents, prompts, RAG, CI/CD
signal  : practical, public-safe, field-tested
latest  :
  › SIR-Bench — do agents actually investigate?
  › ThreatForest — attack trees from code
  › API keys in AI repos
ready █

200k+

ASH monthly clones

SIR-Bench

arXiv benchmark · author

ThreatForest

agentic attack trees · ATT&CK

23+

certs · CISSP / OSCP / CKS

01 / START HERE

Four paths in

Clear routes for first-time visitors — no empty archives, no guessing.

Pillar

AI Security

Agent evaluation, prompt injection, RAG security, GenAI threat modeling, and AI Leak Watch.

Future pillar

Cloud & AppSec

Secure SDLC, AWS security, CI/CD, container security, and AppSec programs.

Open source

Tools & Research

ASH, AI Leak Watch, SIR-Bench, publications, and talks gathered into one index.

People

Career Guidance

Beginner-friendly security career advice grounded in real proof of work.

02 / SELECTED WORK

Built & measured

Public-safe work across AI security, open source, and applied research.

All work

Open source · developer-first

Automated Security Helper

One CLI command runs SAST, SCA, IaC, secret, and SBOM scanners — nine open-source tools across your code, dependencies, containers, and infrastructure, in local dev or CI/CD.

200k+ monthly clones · 650+ GitHub stars

Agent evaluation · research

SIR-Bench

An open benchmark that tests whether an AI incident-response agent actually investigates — finding new evidence and using tools — instead of just rephrasing the alert. Published on arXiv.

Threat modeling

ThreatForest

Agentic attack trees from source code, mapped to MITRE ATT&CK techniques, with mitigations for review. Selected for a Black Hat USA 2026 briefing.

AI research

AI Leak Watch

Public dashboard tracking potentially exposed AI provider keys and AI-era secret leakage risk.

03 / WRITING

Latest field notes

All posts

AI Leak Watch dashboard showing potentially exposed API keys for major AI providers.

AI Security · Open Source

It’s 2025. Why Are We Still Pushing API Keys to GitHub?

Why hardcoded AI keys keep leaking, why agents widen the blast radius, and how teams should respond.

Career

Building Your Cybersecurity Career Path

A practical guide for beginners: choose a path, learn deeply, build visible proof of work.

Get the next practical security lesson.

For builders and security teams working through AI security, cloud security, AppSec, open-source tooling, and career growth.

// no employer endorsement implied — opinions are my own

you@domain.com

Secure Steps with Begimher

Practical AI security, cloud security, AppSec, open-source security tools, and career guidance. Opinions are my own.

LinkedIn GitHub AWS Security Blog