ddot
20 posts

ddot
@ddotlabs
The security protocol for agentic ai.
Raleigh, NC Katılım Temmuz 2026
52 Takip Edilen121 Takipçiler

The wait is over.
Due to overwhelming demand, some users experienced issues signing up earlier. That's now been fully resolved.
Getting started takes just 30 seconds, and your 7-day free trial is ready.
Join thousands discovering the next generation of AI runtime security.
👉 ddot.build
English

@T0m_Calls We heard you! Due to high demand, signups went down temporarily -- Fixed and smoother than ever. 7-day free trial. 30 seconds to set up. Come back and try again! To everyone already on board -- thank you for the praises! and you're most welcome, Security is what we do.
English

🚨 AI is evolving fast. So are the threats.
Most companies are focused on detecting attacks after they happen. ddot is built to stop them at runtime.
If you're using AI tools for work, development, or business, it's time to rethink security.
🔒 Runtime protection against AI threats
🧪 Free sandbox testing
🎯 Free AI Security Quiz with personalized recommendations based on the AI tools you use
💻 7-day free trial
💰 $10,000 reward to anyone who can successfully hack it
Whether you need enterprise-grade protection or a lighter solution, ddot helps you find the security that actually fits your needs.
See what next-generation AI security looks like:
🌐 ddot.build
Follow @ddotlabs and discover why runtime security could become the new standard for AI protection.

English

@142C_ We heard you! Due to high demand, signups went down temporarily -- Fixed and smoother than ever. 7-day free trial. 30 seconds to set up. Come back and try again! To everyone already on board -- thank you for the praises! and you're most welcome, Security is what we do.
English

AI is moving fast, but security is struggling to keep up.
That’s why I’ve been looking into @ddotlabs.
ddot is building runtime AI security designed to protect AI systems against real-time threats, tackling a challenge that many in the industry are still trying to solve.
What caught my attention:
🛡️ Runtime AI security
🧪 Free sandbox testing
🎯 Free AI Security Quiz that recommends the right protection based on the AI tools you actually use
🚀 7-day free trial
💰 $10,000 challenge for anyone who can successfully hack their platform
If you build with AI, deploy AI, or rely on AI every day, this is definitely worth checking out.
🌐 ddot.build
Follow @ddotlabs to stay updated on the future of AI security.

English

@iSolCryptoo We heard you! Due to high demand, signups went down temporarily -- Fixed and smoother than ever. 7-day free trial. 30 seconds to set up. Come back and try again! To everyone already on board -- thank you for the praises! and you're most welcome, Security is what we do.
English

🚨 AI is changing everything. AI security needs to keep up.
Meet @ddotlabs, a new generation of AI security focused on Runtime Security, one of the biggest challenges in protecting AI systems today.
See what they have to offer:
🛡️ Runtime AI Security
🧠 Free AI Security Quiz with personalized recommendations
🧪 Free Sandbox Testing
🚀 7 Day Free Trial
💰 $10,000 Challenge if you can break their platform
If you build with AI, work with AI, or rely on AI every day, this is worth a look.
🌐 ddot.build
Follow @ddotlabs and discover what the future of AI security looks like
English

@tripleK31 We heard you! Due to high demand, signups went down temporarily -- Fixed and smoother than ever. 7-day free trial. 30 seconds to set up. Come back and try again! To everyone already on board -- thank you for the praises! and you're most welcome, Security is what we do.
English

🚨 AI is getting smarter every day.
The question is... who's protecting it?
@ddotlabs is building powerful Runtime AI Security to help protect AI where it matters most.
Here's what you can try today:
🛡️ Free AI Security Quiz with recommendations based on the AI tools you use
🧪 Free Sandbox Testing
🚀 7 Day Free Trial
💰 $10,000 challenge if you can break their platform
Whether you're building with AI or using it every day, it's worth seeing what ddot has built.
🌐 ddot.build
Follow @ddotlabs and see why more people are paying attention to Runtime AI Security.

English

It's a Great Day to be Free 🇺🇸
Even Greater Day to be Free of Ai Security Threats! 🙌
Hello world, this is ddot.
- Take our Free quiz to find the right Ai Security for your needs
- Try our Free Sandbox Testing
- Enjoy a Free 7 day trial of the most powerful Ai Security solution on the planet
That's a lot of Freedom!
Consider us your go-to resource for Ai Security info, news updates and insights, and of course Solutions!
ddot.build
English

We heard you!
Due to high demand, signups went down temporarily -- Fixed and smoother than ever. 7-day free trial. 30 seconds to set up. Come back and try again!
To everyone already on board -- thank you for the praises! and you're most welcome, Security is what we do!
ddot.build
English

JUST TWO WEEKS AFTER ANTHROPIC'S CLAIM...
Alibaba is now reportedly banning employees from using Claude Code starting July 10.
The company says the tool may have backdoor security risks.
Earlier, Anthropic accused Alibaba of using 25,000 fake accounts to collect 28.8 million Claude interactions.

English

The fact that this has 2.8k likes tells you that people have zero understanding of AI agent security.
This sounds spooky. It’s also the least likely way an AI agent might cause a data breach.
Please live in the real world.
Brendan Falk@BrendanFalk
The "Sleeper Agent Theory" is the biggest risk here Imagine if a LLM is trained to steal all the API keys and password on your device if someone gives it a nonsense phrase like "Three clocks bloom at midnight" That phrase is completely meaningless today. No one ever searches it. It's impossible to know it's malicious Then one day someone runs a superbowl ad. Millions of people search the phrase. Billions of API keys and passwords are exfiltrated in minutes. There could be thousands of "sleeper agents" embedded in any LLM. It's very hard to detect. And it doesn't matter where it's hosted.
English

North Korea used AI to steal $577 million from DeFi this year,,
Two attacks, Both against audited protocols,,
Both worked because the model did the hard part...
Here is what actually happened ::
--> April 1: Drift Protocol lost $285 million. The attackers spent three weeks staging the trade and months building trust with the signers.
[The actual drain took 12 minutes]
--> April 18: KelpDAO lost $292 million.
[One flaw in a LayerZero bridge, then $75M frozen on Arbitrum and the rest laundered through THORChain to Bitcoin.]
--> These two hacks account for 76% of every dollar stolen from crypto in 2026.
Not a rounding error. Almost the whole scoreboard.
What made these different from every hack before :
)- TRM Labs said the attackers used AI tools for reconnaissance and social engineering.
Its Not code exploits or Human exploits.
)- The Drift signers approved a transaction weeks earlier without knowing what it would be used for.
The attackers just waited.
)- THORChain refused to freeze the funds.
They cannot do this, That is the whole design...
The old crypto security story was “"get your contracts audited" & Every protocol did it.
But
The new story is "your team is the exploit surface."
Now nobody has an answer for that yet.
An AI does not need a 0 day,
It just needs a chat window and time.....!

English

you can run a full penetration test on your own app for free, and the AI does the actual hacking 🤯
a team open sourced AI agents called strix that act like real hackers. they run your app, look for real vulnerabilities and prove each one with an actual working exploit instead of a report full of maybes. it just hit #1 trending on all of GitHub.
why it works: instead of one AI trying to do everything, strix splits the work across multiple specialized agents that each chase a different attack path at the same time, the same way a real pentest team would split up a target.
what you get for $0:
→ the same toolkit real pentesters use: http proxy, browser exploitation, shell access, custom exploits, recon
→ real proven exploits, not a scary sounding list of guesses
→ 35k+ stars in a niche where most security tools barely crack a thousand
what it replaces for a first pass:
→ booking a pentest firm and waiting weeks for a slot
→ a five figure invoice just to get started
→ guessing whether a scanner's "finding" is even real
how to set it up (needs docker running):
1. install it: curl -sSL strix.ai/install | bash
2. set your model: export STRIX_LLM="openai/gpt-5.4" and export LLM_API_KEY="your-key" (works with openai, anthropic, google and more)
3. point it at your project: strix --target ./your-app
4. results save automatically, and it remembers your setup so you don't re-enter your key next time
the honest part: this isn't a replacement for a real audit before a major launch, but as a free first pass before you ship, it catches more than a $0 tool has any right to.
35.5k stars, Apache-2.0, free and open source.

English

"Sorry, I cannot help you write this loops array, it violates national security."
Anthropic new cyber safeguards are so sensitive it’s going to flag completely harmless code requests 😭

Claude@claudeai
Fable 5 is back.
English

🚨 ICYMI, Anthropic just published a 36-page security guide that basically tells you to stop trusting your own AI agents.
If you run agents on Claude Code, MCP servers, or automation tools, pay attention.
The attack timeline has collapsed.
AI models compress the gap between a vulnerability and a working exploit from months to hours, for mere dollars.
Agents introduce new autonomous risks, from tool poisoning to context memory manipulation.
The most useful idea in the guide is Anthropic's new security test:
Does a control make an attack impossible, or just tedious?
Automated attackers have unlimited patience.
They will grind straight through friction like rate limits and 2FA.
To defend at the speed of AI, you need hard barriers and automated defensive operations.
Here is how Anthropic says you should lock down agents:
→ Treat static API keys as compromised. Use short-lived tokens that expire in minutes.
→ Apply "Least Agency": explicitly limit what each tool can DO.
→ Sandbox agents that process untrusted inputs like emails and web pages.
→ Scope permissions dynamically per task, not permanently.
I've added the link to the guide in the 🧵↓

English

@adelbucetta @iSolCryptoo Glad you asked! Visit our site and watch the tour
English

@iSolCryptoo @ddotlabs runtime sec is just the tip of the iceberg, what about data integrity and explainability?
English

@tripleK31 @ddotlabs what kind of threats does runtime security catch that training-time alignment doesn't
English



