Question 1

What is AI security?

Accepted Answer

AI security is the practice of identifying and mitigating risks specific to AI systems — including prompt injection, model data extraction, insecure tool and API connections, agent permission escalation, and sensitive data exposure through model outputs. It covers the model and agent layer on top of traditional network and application security.

Question 2

Can AI systems be hacked?

Accepted Answer

Yes. AI systems are vulnerable to prompt injection — where malicious instructions embedded in content cause the model to behave outside its intended scope. Agentic systems with tool access can be manipulated into reading, writing, or sending data they should not. APIs that serve AI systems are also common attack targets if they lack proper authentication and monitoring.

Question 3

What is prompt injection?

Accepted Answer

Prompt injection is an attack where malicious instructions are embedded in content an AI model processes — a document, a webpage, a user message — overriding or supplementing the legitimate system prompt. In a system with tool access, a successful injection can cause the AI to exfiltrate data, send unauthorised messages, or take actions outside its intended scope.

Question 4

Is Private AI secure?

Accepted Answer

Private AI running on your own infrastructure is significantly more secure than using public APIs, because your data never leaves your environment. However, the deployment itself must still be hardened — network isolation, access controls, authentication, and output filtering are all required. Running on private infrastructure removes the data custody risk but does not eliminate the deployment security risk.

Question 5

What is API security for AI systems?

Accepted Answer

AI systems expose and consume APIs. API security ensures those interfaces require proper authentication, enforce rate limits, validate inputs, and log all access. Without these controls, APIs connected to AI systems and partner portals are among the easiest attack surfaces for unauthorised data access or abuse.

Question 6

What is MCP security?

Accepted Answer

MCP (Model Context Protocol) security involves auditing the tools, permissions, and data access granted to AI agents operating through MCP servers. Risks include tool misuse, permission escalation where an agent gains access to capabilities beyond its intended scope, and indirect injection through tool responses where malicious content in a tool output manipulates the agent.

Question 7

How do I secure AI agents?

Accepted Answer

Securing AI agents requires: scoping tool access to least privilege (the minimum needed for the task), validating and filtering outputs before they reach users or external systems, implementing prompt injection defences, logging all tool calls and agent actions, and defining clear failure modes for unexpected inputs. The more autonomy and tool access an agent has, the more critical these controls become.

Question 8

How do I protect company data in AI systems?

Accepted Answer

Key measures include: using role-based access control to ensure the AI only accesses data relevant to the querying user, filtering outputs to prevent sensitive data being reproduced in responses, choosing private infrastructure over public AI APIs for sensitive data, encrypting data at rest and in transit, and conducting regular security reviews as your AI systems evolve.

Question 9

What is role-based access control in AI?

Accepted Answer

Role-based access control (RBAC) in an AI context means scoping what data the AI can retrieve and what tools it can call based on who is querying it. A support agent querying the AI should not be able to access financial records. A manager should. RBAC ensures the AI's capabilities are governed by the same access rules as the rest of your systems.

Question 10

What is data isolation in a portal?

Accepted Answer

Data isolation means ensuring that data belonging to one portal user, tenant, or partner cannot be accessed — directly or through inference — by another. A common vulnerability is insecure direct object references, where changing an ID in a URL exposes another customer's data. A security review tests for these and other isolation failures.

Question 11

What is an AI security assessment?

Accepted Answer

An AI security assessment is a structured review of your AI systems, APIs, and portals to identify vulnerabilities before they are exploited. It covers prompt injection risks, tool permission scope, API authentication, data handling, access controls, and audit logging — producing a prioritised list of findings and recommended remediation steps.

Question 12

How often should AI systems be reviewed for security?

Accepted Answer

At minimum: before a major AI system goes live, after significant changes to the system architecture or data sources, and annually for systems in ongoing production. As AI systems evolve faster than most software, the review cadence should match the rate of change.

Question 13

Do I need an AI security review if I use a third-party AI tool?

Accepted Answer

Yes. Using a third-party AI tool does not transfer the security responsibility to the vendor. You are responsible for how the tool is configured, what data it has access to, who can query it, and how outputs are handled. Most third-party tools are deployed with default settings that are not appropriate for production use with sensitive business data.

Question 14

What is the difference between AI security and traditional cybersecurity?

Accepted Answer

Traditional cybersecurity secures the infrastructure layer — firewalls, access controls, encrypted connections, and vulnerability scanning. AI security addresses the model and agent layer above that infrastructure: prompt injection, agent permission scope, data exposure through model outputs, and tool misuse. A well-secured server running a poorly secured AI agent is still a vulnerable system.

Question 15

Can AI agents be monitored for suspicious activity?

Accepted Answer

Yes. All tool calls, API requests, and outputs generated by AI agents can be logged and monitored. Anomaly detection can flag unusual patterns — an agent making an unusually high number of data read calls, accessing data outside its normal scope, or generating outputs that match sensitive data patterns. Logging is a prerequisite; monitoring is what makes the logs useful.

Question 16

What is the risk of AI in a B2B portal?

Accepted Answer

AI integrated into a B2B portal can answer partner queries, look up orders, and access inventory data — but if prompt injection is possible, a partner could manipulate the AI into accessing data outside their scope. The AI also needs to be prevented from revealing implementation details, other partner data, or internal system information through normal interaction.

Question 17

How do I know if my API is secured correctly?

Accepted Answer

Key indicators: every request requires a valid credential (API key, OAuth token, or session), there are rate limits on all endpoints, inputs are validated and rejected if they fail schema checks, all access is logged, and the API returns only the data the caller is authorised to see — not full data objects with filtered fields.

Question 18

Can encryption alone secure my AI systems?

Accepted Answer

No. Encryption protects data in transit and at rest, but it doesn't address prompt injection, misconfigured access controls, excessive agent permissions, or data exposure through model outputs. Encryption is one necessary layer in a security posture — not a substitute for reviewing the application, agent, and API layers.

Question 19

Does Polemica fix the vulnerabilities it finds?

Accepted Answer

Yes. After the security review, we produce a prioritised findings report with recommended remediation steps. We can implement the fixes directly — API hardening, access control changes, prompt injection defences, output filtering — or work alongside your development team if you prefer to handle remediation internally.

Question 20

When is a security review not enough?

Accepted Answer

A point-in-time security review captures the vulnerabilities present at that moment. Systems that change frequently need ongoing security engagement, not a one-time audit. If your AI systems are evolving rapidly — new tools, new data sources, new integrations — consider a retainer arrangement that reviews changes as they happen rather than auditing after the fact.

Secure AI, Portals &
Business Systems.

AI Systems Introduce Risks That Traditional Security Tools Don't Cover.

AI access risks

Data leakage

API exposure

Permission issues

Portal vulnerabilities

Find the Vulnerabilities Before Your Customers Do.

Five Security Reviews.

AI Security Review

API Security Review

Portal Security Review

Private AI Security Review

MCP Security Review

Every Review Covers These Areas.

How It Compares

AI Security vs Traditional Cybersecurity

Private AI vs Public AI

Secure APIs vs Open APIs

Sectors Where AI Security is Non-Negotiable.

Manufacturing

Construction

Healthcare

Professional Services

What People Ask Before They Start.

Know Your AI Is Secure.

Secure AI, Portals &Business Systems.