Built by a Practitioner.
For Practitioners.

Bastille Security was founded by Fred Bret-Mounet — a CISO, conference speaker, instructor, and builder who has spent 20+ years in the trenches of cybersecurity.

Origin Story

The Problem I Kept Seeing

Every company I've worked with in the last five years has hit the same wall.

They start deploying AI — maybe a chatbot for customer service, maybe ML models for clinical decision support, maybe GenAI for internal productivity. The business value is obvious.

Then the questions come:

"Is this secure?"
"Are we compliant?"
"What does our auditor need to see?"
"What does the EU AI Act mean for us?"

And the answers are... unclear. Because the cybersecurity industry is still catching up to AI. Most security frameworks were written before ChatGPT existed. Most CISOs are Googling "AI security best practices" along with everyone else. And most consultants are repackaging AI hype as security advice.

I founded Bastille Security because this gap shouldn't exist. We have decades of cybersecurity wisdom — threat modeling, compliance frameworks, defense in depth, incident response — and it all applies to AI. It just needs to be adapted by people who understand both sides.

That's what Bastille does.

Founder

About Fred Bret-Mounet

Fred Bret-Mounet

Credentials

  • Current: VP Security, Compliance & IT / CISO at Accela
  • Previous: CISO at Clarify Health Solutions (built program from zero)
  • Previous: ISO at Syapse (HITRUST in 9 months)
  • Previous: RHI ISO at Change Healthcare / McKesson
  • Teaching: AppSec Instructor, Merritt College (5+ years)
  • Speaking: DEF CON & Black Hat
  • Education: MS Computer Science (Stevens Institute)
  • Education: MS Software Engineering (EPITA, Paris)
  • Languages: English & French (native bilingual)
  • Also: U.S. Coast Guard OUPV (licensed ship captain)

Fred Bret-Mounet is the founder of Bastille Security and a cybersecurity leader with over 20 years of experience spanning application security, information security, compliance, and AI security.

At Clarify Health Solutions, Fred was brought on as the first full-time CISO to build the cybersecurity program from the ground up. In under 2 years, the company had comprehensive IAM, asset and vulnerability management platforms extensively built on automation. They achieved and maintained HITRUST certification.

At Syapse, Fred achieved HITRUST certification (with optional NIST controls) in just 9 months of effort — covering all traditional InfoSec agendas: IAM, TVM, Security Awareness, Threat Intelligence, and MDM.

Fred has presented original security research at DEF CON ("Solar Panel Compromises" — full compromise of a solar array and all of its internet-connected friends) and Black Hat ("ComBust" — an automated COM/ActiveX fuzzer).

As a volunteer AppSec Instructor at Merritt College for over 5 years, Fred helped build the next generation of security professionals through the college's cybersecurity program.

The Name

Why "Bastille"

The Bastille was a medieval fortress in Paris — a symbol of strength and protection. Its storming in 1789 became a symbol of empowerment, of putting power in the hands of the people.

Bastille Security embodies both meanings:

We build fortresses around our clients' AI systems — practical, right-sized defenses designed for the real world, not theoretical perfection.

We democratize AI security knowledge — through courses, content, community, and tools that make AI security accessible to companies of all sizes.

The French connection also reflects Fred's heritage, bilingual capabilities, and unique positioning to bridge US and European cybersecurity markets — especially relevant as the EU leads global AI regulation.

Philosophy

Our Approach

◆ Security Enables Business

Too many security programs exist to say "no." We exist to say "yes, and here's how to do it safely." We give you the frameworks, controls, and confidence to move fast.

◆ Pragmatic Over Perfect

A security program that's 80% implemented beats a perfect plan that lives in a document. We build right-sized programs for your stage, budget, and risk profile.

◆ AI-Native Thinking

We don't bolt an "AI" label on traditional checklists. Every assessment, framework, and recommendation is built from the ground up for AI-specific threats and regulations.

◆ Practitioner-Led

No junior consultants learning on your engagement. Bastille engagements are led by Fred personally, backed by a curated network of experienced AI security professionals.

What We Stand For

Values

Transparency

Fixed pricing, clear scope, honest assessments. If you don't need us, we'll tell you.

Depth Over Breadth

We're experts in AI security and compliance. We don't pretend to be experts in everything.

Teaching as Practice

We make clients more capable, not more dependent. Every engagement includes knowledge transfer.

Community First

Through open content, our newsletter, and our community, we share what we know. Rising tides lift all boats.

Want to Work Together?

Start with a free 30-minute discovery call. We'll listen to your challenges, share relevant experience, and tell you honestly whether Bastille is the right fit.

Book a Discovery Call → Read The AI Security Brief →