AI safety, by people who ship.
Moonlabs is the operator-led AI Academy in Derby. We run three live companies — Homemove, home.co.uk and homedata.co.uk — and we teach twelve students per cohort to ship a real AI product, sell it to a real customer, and raise on it. Three pillars: Coding, Commercials, Investment. Twelve weeks. £6,000.
Moonlabs is what we are. Two operators — James Freestone and Louis O’Connell-Bristow — who run Homemove, home.co.uk and homedata.co.uk. We handle regulated property data with GDPR, customer trust and reputational risk on the line every week — the defensive patterns on this page are the ones we use because our own businesses break if we get this wrong.
The Academy is what we do. A twelve-week, in-person, twelve-student cohort in Derby. You build a real AI product. You sign a paid pilot on it. You write a deck and a financial model. You leave with a deployed system, a paying customer reference and a live investor pipeline. Coding, Commercials, Investment — the three pillars taught in equal weight every week.
Why this page exists. AI safety and red-teaming is one of the fastest-growing technical disciplines in the industry, and one of the most under-taught at the applied level. Most coverage is either philosophical (alignment, AGI futures) or check-box compliance (NIST, ISO). The applied middle — how to break the AI systems your team is shipping, before a journalist or a regulator does — is folklore passed around inside a handful of teams. You leave the Academy as one of those people — or as the founder of an AI-safety product an entire regulated industry will be required to buy.
Coding · applied red-teaming + defence, end to end
Direct and indirect prompt injection, jailbreaking, tool-call exfiltration, agentic-loop failure modes, model bias in production. Then the defensive patterns — input sanitisation, structured outputs, tool scoping, dual-LLM patterns, content filters — that stop the attacks you just learned to run. Audit-ready safety documentation your CISO will sign. A deployed AI surface you broke and then defended by week twelve.
Commercials · AI red-teaming as a productised offer
EU AI Act, NIST AI RMF, the FCA and ICO are turning AI safety from a nice-to-have into a procurement requirement — and almost no SMB has a red-teamer in-house. Pricing per-engagement, retainer for ongoing testing, the discovery call, a one-page pilot. A paid pilot by week six — for many graduates, sold into regulated industries that have just been told to commission one.
Investment · raising on AI-safety infrastructure
Lakera ($20m from Atomico), Robust Intelligence (acquired by Cisco), CalypsoAI, HiddenLayer ($50m), Protect AI ($60m), Adversa AI, Prompt Security, Patronus AI ($50m/Lightspeed), Apollo Research, Conjecture — AI-safety infrastructure is now a named venture category. Cap table, ten-slide deck, financial model. A live investor pipeline by demo day.
Common questions.
Is this course ethical / legal?
Yes. Red-teaming your own systems, or systems where you have explicit authorisation, is a recognised security discipline. We do not teach offensive techniques against third parties without permission, and we will not let students do so during the cohort.
Do I need a security or AI background?
Helpful but not required. The course brings together AI engineering and applied security; we have had strong cohort members from each side coming in cold to the other.
Will I learn classical AI safety (alignment, interpretability) too?
Lightly — the deeper alignment-research work is a different discipline best done at academic depth (Cambridge, Edinburgh, MILA). The Academy is applied safety: what you ship, what you break, what you defend, what you document.
How does this fit with the wider Academy curriculum?
Safety and red-teaming is a thread running through every project. Evals, prompt engineering, agents all touch it. This page is the safety-first entry door into the same twelve weeks.
Will I be hireable as an AI red-teamer afterwards?
Yes — AI red-team roles are growing fast at the frontier labs and at large enterprises with serious AI deployments. The Academy artefact — a deployed AI system you broke and then defended — is a credible portfolio piece for the conversation.
More Academy entry points.
The Academy is one course with many doors. Each of these pages is a different entry point into the same twelve weeks.
Build it. Sell it. Raise on it. In twelve weeks.
Tell us what AI surface you would test or defend — and what the failure mode would cost. James and Louis read every application personally and reply inside the week.
© 2026 Moonlabs Incubator. All rights reserved.