AI Security Research & QA Insights | pentest.qa Blog
Research, threat intelligence, and practical guides on AI agent security, shift-left security QA, and OWASP LLM Top 10 from the pentest.qa team.
MCP Server Security Testing: A Red-Team Guide
MCP server security testing explained: a concrete threat model, red-team test cases, and a hardening checklist mapped to …
AI Prompt Injection Testing: A Red-Team Playbook
AI prompt security testing made concrete: test direct, indirect/RAG, and tool/MCP injection with real attack strings and …
Agentic AI Red Teaming: The 2026 Engagement Guide
Agentic AI red teaming explained: what an engagement tests, how it runs week by week, when you need one, and how to …
Agentic AI Red Team Playbook: Testing Autonomous Systems for Safety and Security
A practical red team playbook for testing agentic AI systems - covering tool abuse, goal hijacking, multi-agent …
API Security Testing Checklist for QA Teams: Beyond Functional Testing
A practical API security testing checklist for QA teams covering authentication, authorization, injection, and rate …
Security QA Integration: Embedding Penetration Testing Into Your Sprint Cycle
How to embed penetration testing into your sprint cycle with shift-left security QA integration - practical frameworks …
Why AI Agents Fail Security QA: Prompt Injection, Tool Poisoning, and the APEX Approach
Why AI agents fail security QA and how the APEX methodology systematically tests for prompt injection, tool poisoning, …
Shift-Left AI Security: Integrating Penetration Testing Into Your QA Pipeline
Shift-left AI security by embedding penetration testing into CI/CD. Step-by-step guide for GitHub Actions, GitLab CI, …
OWASP LLM Top 10: What Every QA Team Needs to Test in 2025
OWASP LLM Top 10 guide for QA teams - learn what each vulnerability looks like, why functional tests miss them, and how …