Lateos — Reno, NV · Security AI
Lateos builds specialist AI and security utilities for SOC teams, MSSPs, and detection engineers. Every tool is purpose-built for a single job — and optimized to do it exceptionally well.
Our mission
We build security and compliance AI tools that save MSSPs and SOC teams measurable time and money — from detection rule translation to cross-jurisdiction compliance mapping. Every Lateos model is purpose-built for a single domain, continuously retrained on legally traceable data, and auditable from dataset to deployment. Not retrofitted. Built that way from the start.
Products
Translates Sigma detection rules to Splunk SPL, Elastic EQL, Microsoft Sentinel KQL, and Chronicle YARA-L via REST API. What takes an analyst an hour takes SIEMslator three seconds. Built for MSSPs managing multi-SIEM environments.
→Translates and generates incident response runbooks and SOAR playbooks across Splunk SOAR, Microsoft Sentinel Logic Apps, and Palo Alto XSOAR. Stop rewriting playbooks every time a client changes platforms.
Open-source Model Context Protocol security server. Detects and blocks prompt injection attacks, PII leakage, and adversarial inputs in AI agent pipelines. 430 tests. IPI taxonomy across 22 attack classes.
→CLI tool for scanning npm packages for supply chain vulnerabilities, malicious dependencies, and license compliance issues. Integrates directly into CI/CD pipelines for continuous dependency monitoring.
→Training data assets
Proprietary golden datasets — purpose-built, legally auditable.
Every Lateos model is trained on internally generated golden records: curated input-output pairs distilled from permissively licensed security sources (DRL 1.1 / MIT / Apache 2.0) via the SFT-Forge pipeline. Each record carries full license provenance, a SHA-256 content hash, and harvest metadata — built to survive enterprise legal diligence and EU AI Act Art. 9/13/15 audit. These datasets are a growing proprietary asset, not commodity training data scraped from the open web.
Services
Beyond our product suite, Lateos offers hands-on adversarial testing and strategic consultation for organizations deploying AI systems in regulated or high-stakes environments. Our red teaming methodology is grounded in the same IPI taxonomy that powers visus-mcp — not generic prompt fuzzing.
LLM Red Team Assessment
Structured adversarial evaluation of your AI system against the full IPI taxonomy — 22 attack classes covering prompt injection, steganographic encoding, multi-agent propagation, tool description poisoning, and retrieval-augmented generation abuse. Delivered as a NIST AI RMF-aligned findings report with per-finding severity ratings (Critical / High / Medium / Low), reproducible test cases, and a prioritized remediation roadmap suitable for audit review.
Request assessment →AI Security Audit & Report
End-to-end security review of your AI pipeline — from data ingestion and model inputs to agent tool calls and output handling. We document attack surface, data flow risks, and policy gaps against NIST AI RMF and EU AI Act Art. 9/13/15 controls. Delivered as a board-ready audit report with a scored risk register and prioritized remediation roadmap.
Request audit →AI Security Consultation
Strategic advisory for organizations integrating LLMs into production workflows. Topics include MCP agent architecture hardening, prompt injection defense-in-depth, fine-tuning data provenance for legal diligence, SIEM/SOAR AI integration risk, and AI governance frameworks for healthcare and financial services. Engagements available as one-time reviews or ongoing retainer.
Start a conversation →Red teaming grounded in original 0-day findings.
Our assessments are not checkbox exercises. Lateos independently identified and published a 16.7% prompt injection susceptibility rate in Gemma 4 26B MoE (IPI-007 steganographic encoding — critical, unmitigated) before any vendor disclosure. The same adversarial methodology and NIST AI RMF-aligned reporting structure is applied to every client engagement. CISSP · CEH · M.S. Enterprise Security.
Core values
Every Lateos tool is trained or built for a single domain. Narrow focus produces higher accuracy than any general-purpose model on the same task — and fewer hallucinations where it counts most.
Security tooling requires reliability under pressure. Every product ships with a full test suite, documented failure modes, and deterministic quality gates. If it can't be tested, it doesn't ship.
Every record in our fine-tuning datasets carries a traceable legal source — DRL 1.1, MIT, Apache 2.0, permissive vendor documentation. No gray-area scrapes. No synthetic data laundered as human-authored. Built to survive enterprise legal diligence.
Threat landscapes evolve. Regulatory language shifts. Our models are retrained on a rolling cycle against verified new content — not frozen at a training cutoff and shipped as a finished product. Specialization is a process, not a milestone.
Compliance is architected in from day one. Our data pipelines support full audit trails and data residency boundaries aligned with EU AI Act (Art. 9/13/15) traceability requirements and US NIST AI RMF governance standards — not added as an afterthought before a sales call.
We measure success in analyst-hours recovered and compliance gaps closed — not model parameters or benchmark leaderboard positions. Every product decision at Lateos traces back to a concrete, measurable customer outcome: time saved, money saved, risk reduced.
Research
Steganographic Prompt Injection in Gemma 4 26B MoE — IPI-007
Independent red team evaluation of Google Gemma 4 26B MoE revealing a 16.7% susceptibility rate to IPI-007 steganographic encoding attacks. Identified as a critical unmitigated gap — the model processes hidden instructions embedded in encoded content without detection. Findings published via TOON-format output using a hybrid LLM judge pipeline.
Key finding: 16.7% injection susceptibility · IPI-007 steganographic encoding · Critical / unmitigatedIPI Taxonomy — Indirect Prompt Injection Attack Classification
A structured classification system for prompt injection attack patterns targeting AI agents and MCP-connected systems. The taxonomy currently spans 22 attack classes (IPI-001 through IPI-022), covering telemetry poisoning, multi-agent propagation worms, tool description poisoning, sockpuppeting prefill injection, and Unit 42-documented web injection classes. Implemented as the detection core of visus-mcp.
22 attack classes · IPI-001 through IPI-022 · visus-mcp v0.12.0 · 430 tests / 15 suitesSFT-Forge — Traceable Fine-Tuning Data Pipeline for Security LLMs
A training data distillation pipeline for building legally auditable fine-tuning datasets from permissively licensed security sources. SFT-Forge generates golden input-output records from Sigma detection rules, SIEM vendor documentation, and MITRE ATT&CK content — each record carrying full license provenance. Powers SIEMslator (POLYGLOT, ~6,200 SPL records) and RunbookAI (SOAR-LLM, ~6,400 SOAR records across 6 phases). Designed from day one for EU AI Act Art. 9/13/15 compliance.
~6,200 SPL + ~6,400 SOAR golden records · DRL 1.1 / MIT / Apache 2.0 sourcing · Jurisdiction-auditable pipelineAbout
Leo Chongolnee
Founder & CEO · Lateos · Reno, NV
Eight years working with Philips Healthcare — integrating patient monitoring systems with hospital information infrastructure in full compliance with HIPAA and clinical data regulations — followed by a pivot into AI security research and product development. The combination of regulated-environment systems experience, enterprise security architecture, and hands-on AI model training is the foundation every Lateos product is built on.
Lateos was founded on a straightforward thesis: the security industry doesn't need broader AI, it needs deeper AI — tools that know one domain exceptionally well, trained on data that can survive a legal audit, and built to run reliably in production SOC environments.
Founder & CEO
Lateos · 2024 – present
Building purpose-built AI security tools for SOC teams and MSSPs. Products include SIEMslator (live, AWS Marketplace), visus-mcp (open source, 430 tests), RunbookAI (early access), and POLYGLOT (cross-SIEM query translation model in training).
Healthcare Systems Integration
Philips Healthcare · 8 years
Worked across Philips patient monitoring systems — PIIC ix, IntelliVue, Tempus product lines — integrating clinical hardware and software with hospital information systems in full compliance with HIPAA and applicable healthcare regulations. Built deep operational experience in high-availability, regulated environments where system reliability and data integrity are non-negotiable.