Architecture and Trust Boundaries
9 articles
The AI Security Operating Model: Who Owns What Across AppSec, MLOps, GRC, Legal, Privacy, and SOC
A credible AI security operating model assigns ownership across AppSec, product security, AI platform engineering, MLOps, data governance, privacy, legal, GRC, SOC, red team, procurement, and business teams. The goal is not companyal purity; the goal is clear accountability for controls, evidence, incidents, and claims.
The Future of AI Security Engineering: From AppSec to AgentSec to Autonomous SOCs
The future of AI Security Engineering is a platform discipline that extends AppSec into LLM applications, creates AgentSec for autonomous workflows, builds AI-native telemetry for detection and incident response, and turns governance into continuous evidence rather than annual paperwork.
Secure AI Product Design: How Product Decisions Create or Reduce AI Risk
AI product decisions can create or reduce security risk by controlling autonomy, data visibility, uncertainty, approval design, reversibility, source attribution, workflow placement, and abuse resistance. Product security must be involved early enough to shape the feature, not merely review it after launch.
AI Application Security Review Checklist: 100 Questions Before Production Launch
AI security reviews should use a structured checklist covering governance, data, prompts, RAG, tools, agents, providers, evals, telemetry, and claims before launch.
Threat Modeling LLM Applications: Data Flows, Trust Boundaries, Tool Calls, and Abuse Cases
LLM threat modeling should map assets, actors, data flows, trust boundaries, prompt assembly, retrieved content, model providers, tool calls, memory, outputs, identities, approvals, logs, and abuse cases. The output should become controls, tests, telemetry requirements, and incident-response assumptions.
Least Privilege for AI Agents: Designing Permissions for Tools, APIs, Browsers, and Filesystems
AI agents need least privilege at the tool, API, browser, filesystem, credential, tenant, and action level. Safe design requires tool classification, read-only defaults, argument validation, scoped credentials, sandboxing, approval gates, and auditable enforcement outside the model.
Secure RAG Architecture: Threat Modeling Retrieval-Augmented Generation Systems
RAG is not just search with a model on top. It is a controlled knowledge path. If retrieval is not governed, the model can be steered by the wrong documents, the wrong tenant, or the wrong metadata.
Prompt Injection Is Not a Prompt Problem
The mistake is to think better wording can defend a system that already gives the model too much reach. Once the model can read external content, call tools, and influence workflows, the real question becomes who controls the boundary.
What Is AI Security Engineering? The 14-Domain Map for Securing AI Systems
The market keeps asking one person to explain the whole stack. That only works when the work is mapped clearly. Without a domain map, teams end up with vague ownership, weak handoffs, and controls that are impossible to test.