AI & ML

Artificial intelligence and machine learning news

Why Zero Trust Needs to Start at the Session Layer

Why Zero Trust Needs to Start at the Session Layer

Most of us grew up professionally in a world where “secure access” meant encrypt the tunnel and harden what’s exposed. VPNs, TLS/mTLS, WAFs, EDR, patching, detection, response... the whole modern stac...

Feb 03, 2026 5 min read
Token Sprawl in the Age of AI

Token Sprawl in the Age of AI

If your organization is experimenting with AI agents, copilots, or AI services accessed via API, you’ve probably created more identities than you intended. These non-human identities (service accounts...

Feb 03, 2026 5 min read
The Visibility Gap in Autonomous AI Agents

The Visibility Gap in Autonomous AI Agents

AI agents are quickly becoming autonomous digital actors embedded in enterprise workflows. Unfortunately, as organizations scale from dozens to hundreds of agents across clouds, platforms, and busines...

Feb 03, 2026 5 min read
Breaking Down the SOC 2 Trust Services Criteria: Privacy

Breaking Down the SOC 2 Trust Services Criteria: Privacy

Unpack the critical role of privacy within the five SOC 2 trust services criteria (TSC) and how organizations can leverage compliance to build trust and resilience in a data-driven world. In this post...

Feb 03, 2026 5 min read
AI Security: IAM Delivered at Agent Velocity

AI Security: IAM Delivered at Agent Velocity

This is the first blog in a seven-part series on identity security as AI security. TL;DR: AI agents can expand an organization’s attack surface by 100 times, not by doing more but by doing i...

Feb 11, 2026 5 min read
AI Security: When Authorization Outlives Intent

AI Security: When Authorization Outlives Intent

This is the second blog in a seven-part series on identity security as AI security. TL;DR: A silent breach rippled through the SaaS world in August 2025: demanding no ransomware demand, no s...

Feb 11, 2026 5 min read
Agentic AI and the New Reality of Financial Security

Agentic AI and the New Reality of Financial Security

Agentic AI is no longer experimental. It’s already operating inside production environments, automating workflows, moving data, calling APIs, and making decisions at machine speed. For organizations i...

Feb 17, 2026 5 min read
OpenClaw Threat Model: MAESTRO Framework Analysis

OpenClaw Threat Model: MAESTRO Framework Analysis

Executive Summary This document applies MAESTRO Framework (7-layer Agentic AI Threat Model) to the OpenClaw codebase, identifying specific threats at each layer and detailing mitigation strategies bas...

Feb 17, 2026 5 min read
What is a Risk Engineer?

What is a Risk Engineer?

I've spent my career as an elite security researcher hunting vulnerabilities. My job has always been to think like an attacker: find the gaps and exploit the loopholes. When I bring that same mindset ...

Feb 17, 2026 5 min read
CCM v4.1 Transition Timeline

CCM v4.1 Transition Timeline

This blog was published on February 19, 2026 with the latest information regarding the release of CCM v4.1. On January 28, CSA released version 4.1 of the Cloud Controls Matrix (CCM), succeeding CCM v...

Feb 19, 2026 5 min read
Core Collapse

Core Collapse

  How AI is blowing cybersecurity apart, taking us back to our beginnings, and reforging our foundations. A star dies slowly. Then all at once. A star lives billions of years in tension. Thermal ...

Feb 26, 2026 5 min read
Trying to Make the Perfect Pie Chart in CSS

Trying to Make the Perfect Pie Chart in CSS

Can we make pie chart that's semantic, with flexible markup, and avoids using a JavaScript library? Here's how I tackled it. Trying to Make the Perfect Pie Chart in CSS originally published on CSS-Tri...

Feb 09, 2026 5 min read