Yugen AdvisorsYugenAdvisors
Book a consult

Illuminating the path through uncertainty

Secure AI. Bounded agents. AppSec that ships.

Yugen Advisors helps product and engineering teams build trustworthy AI-enabled systems: clear controls, bounded automation, secure architecture, and evidence that holds up when customers ask hard questions.

Start a conversationAbout Luis
AI Security GovernanceAgentic EngineeringApplication SecuritySecure Automation
Lighthouse over a dark sea
The mandate: useful AI that stays bounded, secure, and explainable.

Core lanes

Secure the AI-shaped surface.

Yugen focuses on the places where traditional AppSec, AI governance, and automation architecture now overlap.

AI Security Governance

Governance for teams putting AI into production: model/provider boundaries, data handling, policy, oversight, and evidence that can survive customer or regulator scrutiny.

  • AI risk and control mapping
  • Model, data, and vendor governance
  • Evidence systems for audits and customer trust

Agentic Engineering

Practical architecture for AI agents and automation workflows that need bounded execution, human review, durable logs, and clear failure modes.

  • Agent workflow and tool-boundary design
  • Human-in-the-loop verification gates
  • Automation that stays inspectable and reversible

Application Security

Senior AppSec support for product teams: secure design review, threat modeling, SDLC automation, vulnerability workflows, and developer-aligned remediation.

  • Secure architecture and threat modeling
  • SAST/SCA/secrets pipeline integration
  • Triage, ownership mapping, and remediation systems

What changes after the work

Less fog. More structure.

Security that explains itself

Turn vague risk pressure into a clear map of controls, gaps, owners, evidence, and next steps.

Bounded AI workflows

Design agentic systems with explicit trust boundaries, review gates, audit trails, and rollback paths.

Compliance as infrastructure

Convert repeated questionnaires and evidence requests into reusable, reviewed knowledge instead of one-off paperwork.

How we work

Map risk. Build evidence. Make it repeatable.

01

Orient

Understand the product, data flows, customer trust pressure, AI usage, and security maturity.

02

Map

Identify the core risks, controls, evidence gaps, and decisions that need owner-level clarity.

03

Build

Create the smallest useful system: policies, automation, review gates, roadmaps, or architecture changes.

04

Operationalize

Make the work repeatable so the team keeps moving after the first assessment or questionnaire.

Writing

Recent notes from the blog.

Short, practical pieces on the current edge of AI governance and AppSec.

2026-05-30

Enterprise AI is becoming a model-routing problem

The Uber/Claude Code budget story was a governance warning. The next layer down is inference economics: if DeepSeek-class models can handle large volumes of enterprise work at a fraction of frontier-model cost, then model routing becomes a board-level control surface.

6 min readAI economicsAI governancemodel routing
Read post

Why write this way

Decision-useful, not decorative.

Yugen's writing is meant to compress a pattern, surface the pressure behind it, and leave the next move clear.

Browse all posts

Start here

Bring the messy surface. Leave with a map.

Useful for startups and product teams that need senior security judgment before they have a full security organization.

luis@yugenadvisors.com