Phixe is an independent, engineer-owned AI assurance and production engineering company, founded in 2026 by engineers with years of shipping and securing production systems for paying clients behind them. This page is about how the company is put together — who does the work, how we engage, and the rules we hold ourselves to. Those details are what make a report worth signing against, so they belong in the open.
What Phixe is
Phixe exists to answer one question honestly: does your AI hold up outside the demo? We red-team it, evaluate it, and — where you want it — take it to production and keep it running under real load. The work runs as a ladder: ASSESS is the door, where we find where your AI breaks first and prove it with reproducible evidence; PRODUCTIONIZE takes a working prototype to production-grade; BUILD and RUN is full products with continuous assurance. The through-line at every rung is the same — request traces, not screenshots.
Who does the work
A small senior team by design. No junior bench, no outsourced assessment layer. The engineers who test your system are the engineers who sign the report, and the ones on the call. When a finding is contested by your buyer’s security team, the person who found it explains it — no account-manager relay, no offshore relabelling of a scanner’s output. You hire the people who do the work, not a firm that assigns someone later.
How we engage
Few engagements at a time, one technical point of contact, fixed scope. We would rather run a handful of engagements well than staff a queue. Every engagement opens with a written scope: the systems in bounds, the attack surface we will exercise, and the frameworks we map findings to — the OWASP LLM Top 10 (LLM01 Prompt Injection through LLM02 Sensitive Information Disclosure and the rest), the OWASP Agentic Security Initiative’s Agentic Top 10 for tool-using systems, MITRE ATLAS, and NIST AI RMF. NDA first, always. You can see the shape of the output in our selected work and the exact procedure in our methodology.
We build, and we break
Plenty of assessment shops have never shipped the thing they audit. We have — and that is the reason we know where AI systems fail, because we have been on the wrong side of the same failures in production. Building and breaking are one skill pointed in two directions: an engineer who has watched a retrieval pipeline leak another tenant’s data at 3 a.m. tests for tenancy bleed differently than someone reading a checklist. faben, our own product, is where we run the same assurance we sell. Shipping production AI is exactly why we can tell you which findings will actually bite and which are noise.
The independence rule
We never issue an independent verdict on something we built for the same client. Build for one, assess for another. If we harden your product, a third party re-verifies it. That rule costs us revenue and we keep it anyway, because a verdict is only worth what its independence is worth — the full policy lives on our trust page. It is also why our reports read as an independent account, not a vendor grading its own homework.
Operating principles
Evidence over theater
Every finding reproduces from the report, or it does not ship. No screenshots of a vibe, no severity inflation to justify the invoice. If we cannot hand you a request trace and the steps to reproduce, we do not call it a finding.
Production over demo
The bar is real customers, adversarial traffic, and the failure at 3 a.m. — not the happy path a demo walks. We test the system your users will actually hit, under conditions an attacker will create.
Honest limits
We reduce risk and prove exactly what we tested. We will never sell you a certificate that your AI is “safe” — no one can. What we can give you is a precise account of what we exercised, what broke, and what did not, so you can make the call with real information instead of a comfortable one.
Who we work with
Founder-CTOs at funded AI startups — seed through Series B — and product teams whose AI feature has to survive its first enterprise security review. If you sell AI to businesses and there is a security questionnaire standing between you and the deal, you are who this company was built for. We describe clients by type, never by name.
Thinking in public
Our research is the company résumé: authorized red-team write-ups, evaluation methodology, and production teardowns. No logo walls — evidence. If you want to know whether we can find what breaks your system, read the guides — they show the method — and the write-ups as they land, each one an authorized teardown of a real system. That is the only reference that matters.