OWASP and Docker published separate guides on securing AI agents within weeks of each other. They come from different angles and land in the same place. The overlap is the playbook.
Read post →It started with a screenshot of a manual Friday report. It ended with a system that handles the operational memory behind an entire vulnerability management program.
Read post →The Model Context Protocol connected AI to your internal tools. It also connected your internal tools to every vulnerability class from the last twenty years of application security, all at once.
Read post →An unauthenticated customer support chatbot became a free AI coding assistant. Here is what went wrong, what the exploit looked like, and what every company deploying AI endpoints should do before the same thing happens to them.
Read post →I built an internal tool with AI. It works, it is in production, and people use it every day. Now I need to reorganize the code so it can keep growing. Here is what refactoring means and how to do it without breaking everything.
Read post →A domain, GitHub Pages, and Claude. Here is the playbook for building a portfolio site from scratch, what it costs, and why practitioners in GRC and security should have one.
Read post →I went from never having shipped an application to running one in production in six days. This is the story of building a TPRM platform with Claude, and why the bottleneck between knowing what to build and being able to build it is gone.
Read post →