Talk to an expert
Talk to an expert

Artificial Intelligence

LLMs, autonomous systems, ML pipelines

Models can be stolen, poisoned, fooled.

AI models are massive new intellectual assets — and new attack surfaces. Weight extraction, prompt injection, adversarial attacks, data poisoning: AI security is not yet a market standard. The AI Act requires that it become one.

AI Act 1
High-risk AI systems: mandatory audit before EU deployment
1 %
Maximum AI Act fine, or €30M, for non-compliance
Model theft 1
Weight extraction via API probing, zero cost for the attacker
Prompt inj. 1
The #1 vector on autonomous LLM agents in 2025

A NEW ATTACK SURFACE THAT FEW KNOW HOW TO AUDIT

Model stealing: years of R&D in a few hours
An ML model represents millions of dollars in data and compute. It can be extracted via API probing (model stealing) or via a side-channel on the inference hardware. Once extracted, it can be deployed by competitors or resold. Protecting the weights is a commercial imperative as much as a security one.
Prompt injection: a single document is enough to hijack an agent
Prompt injection inserts instructions into an LLM agent's context via external data (documents, emails, web pages). The agent then performs unwanted actions — exfiltration, command execution, decision manipulation. The #1 risk for agentic systems in 2025.
Adversarial attacks: fooling a model without touching its code
Adversarial attacks manipulate inputs to force erroneous decisions. A fraud-detection system can be bypassed, a medical model can miss a diagnosis — through an imperceptible modification of the input.
High-risk systems: mandatory audit before EU deployment
The AI Act classifies AI systems by risk. High-risk (healthcare, HR, justice, security, infrastructure): compliance before deployment. Fines: €30M or 6% of global turnover.

OUR SERVICES

QREDTEAM

ADVERSARY SIMULATION

  • LLM-agent Red Team — prompt injection, jailbreak, manipulation of autonomous decisions
  • Model-extraction simulation via API probing on production models
  • Adversarial-robustness testing — input manipulation to force errors
  • Pentest of the ML infrastructure — inference servers, APIs, data pipelines
  • ML supply-chain Red Team — dataset contamination, backdoors in dependencies.
Discover QRedTeam

QLAB

DEEP SECURITY RESEARCH

  • Vulnerability research in ML frameworks (PyTorch, TensorFlow, ONNX, Triton)
  • Audit of training-data pipelines — detection of data poisoning and backdoors
  • Robustness analysis of embedded models (edge ML, firmware with local inference)
  • Audit of inference APIs — weight exposure, extraction of architectural information
  • Reverse engineering of compiled models (ONNX, TensorRT, CoreML) for AI Act compliance.
Discover QLab

QSHIELD

SOFTWARE PROTECTION

  • Protection of ML model weights against extraction and competitive cloning
  • Anti-reverse engineering of embedded models on edge devices and firmware
  • Obfuscation of model architectures to protect IP from adversaries
  • Protection of inference pipelines in mobile or IoT applications
  • Anti-cloning for model vendors deployed in unmanaged environments.
Discover QShield

QUARKSLAB DIFFERENTIATOR

Traditional providers test the network perimeter around the ML infrastructure — not the model itself. Quarkslab audits what runs inside the model: the weights, the architectures, the embedded inference pipelines. We publish research on ML-framework vulnerabilities and offer QShield to protect model weights — a first in Europe.

WHAT WOULD WE SAY TO EACH OTHER, FACE TO FACE

What is your AI model worth — and how long would it take a competitor to extract its parameters via your API?

A model trained on your proprietary data represents millions of dollars in compute and years of expertise. It can be extracted via your API using well-documented model-stealing techniques — with no access whatsoever to your infrastructure.

Demonstrable compliance — not a generic report
We structure our assessments to feed your AI Act dossiers. Technical proof of robustness tailored to your risk class.
From pipeline to weights — the whole surface
We cover training data, architecture, weights, APIs and edge deployment — a chain no one else covers in full.
Your weights, tamper-proof in production
QShield protects the weights of your embedded models against extraction and cloning. A market first.
Publications on ML frameworks
Our engineers publish on ML-framework vulnerabilities and adversarial attacks. The credibility you won't find elsewhere.
Our publications & CVEs
Assess the security of your AI systems