Rich Harang

Rich
Harang

I use bad guys to catch math.

Principal Security Architect at NVIDIA.

Working on AI security since it was ML security.

Current Focus

AI Security Architecture

Threat modeling and security design for ML systems at scale

AI Red Team

Thinking about AI/ML as an attack surface

Field Building

Writing, training, and frameworks that help AI security mature as a discipline

Selected Work

From Prompts to PwnsBlack Hat 2025

Talk (w/ Becca Lynch)

Exploiting and securing AI agents. My contributions: the AI Kill Chain for modeling attacks, and autonomy levels for scoping agent risk.

Practical LLM SecurityBlack Hat 2024

Talk / Research

Grounding LLM security in application security fundamentals. If an attacker can get their data into your LLM, they control the output.

Black Hat Machine Learning

Training / BHUSA & BHEU 2023–2024

Multi-day adversarial ML training. Evasion, extraction, poisoning—hands-on. Self-paced version available as NVIDIA DLI course.

OpenSSF Model Signing

Standards / Community

Helped found the cross-industry working group for signing and validating AI models before handing it off to the signing experts.

CVE Discoveries

Red Team / Research

Multiple CVEs in AI/ML tooling and infrastructure, as well as other responsible disclosures.

SOREL-20M

Dataset / Sophos AI

20 million malware samples for security ML research. Still the largest public labeled malware corpus.

Elsewhere
Resume NVIDIA Blog LinkedIn Bluesky Google Scholar