Tagwercher Security

Services

Focused on AI security. Honest about everything else.

One primary practice, clearly scoped and priced. Web pentesting available as a direct referral with no margin.

Pricing in EUR. USD invoicing available on request — current EUR/USD rate applied at SOW signing.

01

AI / LLM Security Audit

If your product includes a chatbot, copilot, RAG-powered search, document Q&A, or any agentic workflow, it has an attack surface that traditional pentesting tools cannot map. I audit it using a six-phase methodology grounded in the OWASP LLM Top 10 (2025), the OWASP Agentic Applications Top 10 (2026), MITRE ATLAS, and the NIST AI Risk Management Framework Generative AI Profile.

Engagement tiers

AI Security Scoping Call

1 week

€ 3,500 – € 4,000

  • 60-min architecture walkthrough
  • Threat model document (8–12 pages)
  • Prioritized list of testable risks
  • Useful as a standalone deliverable or as the qualifying step before a full audit

AI Security Audit — Standard

3–4 weeks

€ 15,000 – € 25,000

  • Single LLM-integrated system (chatbot, copilot, single agent)
  • Full OWASP LLM Top 10 coverage
  • Direct and indirect prompt injection testing
  • System prompt extraction attempts
  • Multi-turn attack testing (Crescendo, TAP)
  • Findings report with CVSS, reproduction steps, remediation
  • 60-min debrief, retest of fixed findings

AI Security Audit — RAG / Agentic

4–6 weeks

€ 25,000 – € 45,000

  • Everything in Standard, plus:
  • RAG pipeline testing (embedding inversion, cross-tenant leakage, context window manipulation)
  • Agent tool-call permission boundaries (OWASP Agentic 2026)
  • Vector database review
  • Plugin/function-call sandbox testing

AI Security Retainer

Min. 6 months

€ 2,500 – € 6,000

/ month

  • Ongoing testing as new features ship
  • Monthly check-ins
  • Priority response on incidents
  • Minimum 6-month commitment

EU AI Act compliance (revised timeline)

EU AI Act Article 15 of the EU AI Act requires documented resilience against data poisoning, model poisoning, adversarial examples, evasion attacks, and confidentiality attacks for high-risk AI systems. The original 2 August 2026 deadline has been deferred to 2 December 2027 for standalone Annex III systems and 2 August 2028 for AI embedded in regulated products. The audit explicitly covers each of these attack categories and produces a findings report suitable for inclusion in your AI Act technical documentation. Testing now, rather than at the deadline, gives time for remediation and re-testing.

Included across all audit tiers

  • Findings mapped to OWASP LLM Top 10 2025 and OWASP Agentic 2026
  • CVSS-rated severity in business context
  • Reproduction steps developers can run
  • Executive summary for non-technical stakeholders
  • Letter of authorization and NDA included
  • E&O and cyber liability insurance ($1M+ coverage)

Tooling

  • Garak — LLM vulnerability scanner
  • Promptfoo — systematic prompt testing
  • PyRIT — Microsoft's AI red-teaming toolkit
  • DeepTeam — agentic system testing
  • Manual testing for logic-dependent attacks

Who it's for

  • Seed-to-Series-B SaaS teams with an AI feature in production or pre-launch
  • Enterprises piloting LLM features and needing assurance before broad rollout
  • Companies subject to EU AI Act Article 15 obligations
  • Teams integrating third-party LLM APIs into regulated workflows
02

Web pentesting via referral

I don't deliver standalone web pentests. If you need one, I can refer you to senior testers I trust. No margin, no project management — direct introduction.

If you only need a web pentest, I'll refer you directly to my network without taking a cut. If your product has an AI feature and a web application, a scoping call is the right starting point — we'll figure out which engagement fits.

Common questions

Do you sign NDAs?

Yes, always. Every engagement includes a mutual NDA signed before any testing begins. Your codebase, data, and findings stay confidential.

Do you have insurance?

Yes. I carry both E&O (errors and omissions) and cyber liability insurance. You can request proof of coverage before signing.

What if I need something scoped differently?

Get in touch and we'll scope a custom Statement of Work. The engagement tiers cover the most common needs, but I'm happy to scope something specific — a pre-launch review of a single AI feature, an ongoing retainer starting from a scoping call, or a deeper investigation of a specific component.

How does payment work?

50% at the start of the engagement, 50% on delivery of the final report. Invoices are issued in EUR. USD invoicing is available on request — the EUR/USD rate is locked in the SOW at signing. I accept bank transfer and Wise.

What information do you need before scoping?

A brief description of your product, which LLM provider you use, what the AI feature does (chatbot, RAG pipeline, agent), and whether you have a staging environment. That's enough for a scoped quote.

Will you work on production systems?

Where possible, I prefer a staging environment. If only production is available, I test during low-traffic windows and use non-destructive payloads. This is agreed in writing as part of the scope.

Not sure which fits?

Tell me about your product and I'll recommend the right engagement. No pressure — I'll be straightforward if something isn't a good fit.

Get in touch