blackunicorn.tech

What It Is

Black Unicorn Security is a boutique cybersecurity team based in Barcelona and native to the EU market. Its focus areas include LLM security testing, AI red teaming, traditional penetration testing, defensive hardening, and compliance consulting related to the EU AI Act, NIS2, and ISO 42001. The website repeatedly emphasizes a “senior-only” model and serving only a small number of clients at a time. Its positioning is not a standardized SaaS product, but a high-touch security delivery team.

Core Capabilities and Protection Coverage

Black Unicorn Security focuses on the full lifecycle of AI systems. On the offensive side, it covers prompt injection, jailbreaks, tool abuse, RAG, and Agent testing. On the defensive side, it provides model hardening, refusal calibration, canaries, activation steering, detection, and incident response. On the governance side, it works around AI Act risk classification, compliance documentation, and audit readiness. Its traditional capabilities include penetration testing for web, mobile, cloud, and infrastructure, as well as OSINT, leak monitoring, and executive exposure reviews. Its methodology references the OWASP LLM Top 10, NIST AI RMF, and the EU AI Act, making it suitable for teams facing regulatory pressure around AI security.

Deployment, Integration, and Management

Its delivery model is mainly based on customized engagements, while the team has also built an open-source toolchain. BonkLM is a TypeScript/JavaScript protection library that claims 9 security layers and 43 integrations. RuneLM is a data redaction proxy for outbound LLM calls. DojoLM provides LLM testing and CTF capabilities, including 540+ attack patterns, 49 attack categories, and presets for 60+ LLM providers. PantheonLM covers multi-Agent security operations. The website mentions vulnerability reports, automated attack scenarios, and signed activity logs, but does not disclose full details on alerting channels, permission models, SLAs, or an enterprise console.

Pricing and Support

The website does not publish pricing, plans, payment methods, or delivery timelines; scope needs to be defined through a scheduled consultation. In terms of support, its advantage lies in being a small team with direct involvement from senior leads, resulting in a short chain of accountability. However, the site also states that it serves 4–6 clients at the same time, which means scheduling and scalability may be limited. Enterprises that need 24/7 managed monitoring or large-scale on-site staffing should verify these requirements further.

Pros, Cons, and Best Fit

Its strengths are a very clear focus on AI security, with offense, defense, governance, and consulting covered by the same team. Its open-source tooling also makes auditing and offline operation easier. The drawbacks are limited commercial transparency, with some products still in alpha, development, coming soon, or private status, and no visible disclosure of certifications such as SOC2 or ISO 27001 for the company itself. It is better suited for enterprises, scale-ups, security leaders, and AI product teams launching LLM, RAG, or Agent applications in the EU or other regulated markets.

Access from China and Alternatives

The website does not provide information on access from mainland China, ICP filing, RMB payments, or local support, so china_access can only be assessed as unknown. For deployment in China, key issues to confirm include network accessibility, contracting entity, cross-border data transfer, open-source component compliance, and payment methods. Domestic AI security assessment, penetration testing, and MLPS/data compliance service providers can be considered as alternatives. Internationally, it can be compared with Trail of Bits, Bishop Fox, Cobalt, Latacora, and other LLM red team vendors.