21 articles in this category
Installing a Claude Code skill or MCP server takes 30 seconds. Auditing one properly takes longer. With 36% of published skills containing security flaws and documented supply chain attacks already in the wild, here is what to inspect before you run anything.
From sharing API keys in chat to installing unvetted browser extensions, the most dangerous AI security mistakes are the ones that feel routine. This guide covers the six most common missteps, with real incident data and practical fixes for each.
Google Agent Garden includes cybersecurity-oriented ADK samples and reference patterns for multi-agent security operations. This article uses the Cyber Guardian pattern to explain alert triage, log investigation, threat intel correlation, and playbook-driven response recommendations without treating the sample as a production SOC replacement.
Content filters and manual review will not catch indirect prompt injection via poisoned RAG documents or multi-turn jailbreak escalation. This guide covers the full operational red team workflow for Azure AI Foundry: PyRIT setup, orchestrator-driven attack campaigns, Azure AI Evaluation SDK safety gates, CI/CD integration, and KQL detection for production probing.
AI training pipelines bypass traditional DLP controls because they access data as bulk blob reads, not document downloads. This guide shows how to configure Microsoft Purview specifically for AI data scenarios: scanning training datasets, designing a label taxonomy for AI use cases, enforcing DLP policies against AI pipelines, and integrating with Azure AI Foundry.
Most teams treat MCP servers as developer tooling. They are infrastructure, and the incident logs prove it. This guide walks through network isolation, authenticated gateways, Azure Policy governance, and KQL detection for enterprise MCP deployments, drawn from a real post-incident remediation.
Azure AI Foundry introduces hubs, projects, and layered managed identities that fundamentally shift your Azure security model. This guide covers six critical threat scenarios: from cross-team data exfiltration to MI lateral movement, with correct RBAC design, data governance controls, and KQL queries for detection.
Securing Azure OpenAI alone is not enough if Azure AI Search, Storage, or Key Vault still expose data over public paths. This guide shows how to build an end-to-end private Azure AI Foundry architecture using Private Link, Private DNS, and segmented subnets.
Model Context Protocol (MCP) servers are RSAC 2026's hottest security topic. As 40% of enterprise apps embed AI agents by year-end, MCP is the attack surface no one is talking about. This guide covers prompt injection via tools, server impersonation, privilege escalation, and the controls that actually stop these attacks.
Machine identities now outnumber humans 40–100:1 in enterprise environments. With AI agents minting thousands of new credentials daily, NHIs have become the fastest-growing and least-governed attack surface in cybersecurity. Here is what every security team needs to know.
AI red teaming is the practice of proactively testing AI systems for security vulnerabilities and unsafe behaviors. Learn the methodology, tools like PyRIT and Garak, and how to integrate AI red teaming into your secure SDLC.
Most AI applications ship with exposed API keys, no rate limiting, and zero input validation. Here is the practical checklist for locking down your LLM API integration before something goes wrong.
AI introduces attack surfaces that traditional security tools were not built to handle. Understanding these four layers - and their distinct threats - is the foundation of any serious AI security strategy.
Microsoft Security Copilot integrates AI into every layer of your security operations. Learn deployment, top use cases, and how it changes day-to-day work for security analysts and architects.
Running AI on your own infrastructure gives you control over your data. It also means you own the security. Here is how to secure Ollama, vLLM, and other self-hosted AI deployments properly.
Cloud AI services come with strong security capabilities built in. Most breaches happen because those capabilities are never configured. Here is what to configure on each major platform.
AI security is becoming its own discipline. Whether you are a security professional, a developer deploying AI, or a leader making decisions about AI adoption, here are the fundamentals that matter.
The OWASP Top 10 for Agentic Applications 2026 defines critical security risks for autonomous AI agents. Learn how to protect your enterprise from prompt injection, rogue agents, and tool misuse with practical implementation strategies.
Exposing Azure OpenAI via public networks is a security risk for enterprise data. Learn how to build a fully private architecture using Azure Private Link, disable public access, and deploy it all via Terraform.
As AI tools become common in enterprises, so do the security risks. Learn about prompt injection, data leakage, and how to use AI safely in your organization.
Security teams are overwhelmed with alerts. Learn how AI and automation can help triage incidents, reduce response times, and let analysts focus on real threats.