Robert Swiecki

AI/ML Systems Security Lead · Google

Robert Swiecki

I lead Google's AI/ML Systems Security group. We secure foundational models and the compute stack behind them. I have spent 25 years in systems security, from vulnerability research to building the defenses that run in production.

Current Focus

Confidential compute for training workloads, protecting model supply chains, and stress-testing new AI attack paths with red teams.

Previous

Built and ran Google's software isolation and fuzzing teams, landing sandboxing frameworks and thousands of bug fixes before attackers.

Leadership & Impact

  • Securing Foundational AI at Scale

    Set the security plan for Google's core models and training infrastructure by combining confidential compute, model provenance checks, and hands-on red teaming.

  • Building High-Performing Security Teams

    Grew engineering teams across Zurich, Mountain View, and Warsaw, pairing systems specialists with ML experts and holding them to clear threat reduction targets.

  • Shipping Production Isolation Frameworks

    Launched sandboxing, syscall mediation, and hardening layers that protect major Google workloads, including Sandboxed API for running risky code with least privilege.

  • Critical Vulnerabilities Eliminated Pre-Launch

    Pushed fuzzing and review programs that uncovered critical flaws in OpenSSL, the Linux kernel, browsers, and internal stacks before they shipped.

Flagship Projects

Honggfuzz

Feedback-guided fuzzer used across Google. Handles multi-core workloads, hardware tracing, and corpus minimization to keep bug finds steady.

github.com/google/honggfuzz

NsJail

Linux namespace-based jail for running untrusted code, CTF tasks, and production prototypes. Ships with flexible seccomp policies through the kafel DSL.

github.com/google/nsjail

Sandboxed API & Sandbox2

Composable runtime that lets teams execute high-risk code inside hardened compartments with low integration effort. Runs in latency-sensitive services and ML pipelines.

github.com/google/sandboxed-api

Recognition & Community

  • Pwnie Award Nominations

    Recognized in 2016 and 2017 for AMD microcode privilege escalation work and for uncovering the first OpenSSL flaw rated 'critical'.

  • Dragon Sector CTF Founder

    Co-founded and mentor Dragon Sector, a long-running competitive security team focused on new exploitation techniques and tooling.

  • Practical Reverse Engineering

    Co-authored the Polish edition of 'Practical Reverse Engineering', turning advanced reversing techniques into practical guidance.

Connect

Email robert@swiecki.net
LinkedIn linkedin.com/in/jagger
X (Twitter) @robertswiecki
Mastodon @robertswiecki@infosec.exchange
Talks & Articles Talks archive · Articles

AltStyle によって変換されたページ (->オリジナル) /