Posts

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Observability Is Not Governance Where your open-source AI stack stops being audit-grade. Observability tells you what happened. Governance controls what’s allowed to happen. Most teams shipping AI features have the first and assume it covers the second. It doesn’t. This post makes three moves. First, it separates the two things people conflate. Second, it borrows a test auditors have used for decades to show exactly where an observability log stops being evidence. Third, it names the two ceilings open-source tooling hits, maps them to SOC 2, and tells you what to do at each one. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Most SaaS startups don’t fail their first security review because the framework was too hard. They fail because nobody owned login abuse until a customer flagged it. They fail because admin role changes were trusted on the client side. They fail because webhooks weren’t signed and a third party became an attacker. These are not exotic problems. They are basic ones, and they almost always trace back to the same root cause: there was no moment in the build process where someone asked, “how could this be misused?” ...

For about 20 years, SOC 2 logging worked because it answered one question: who did what, when? User logs in. Developer pushes code. Admin changes a permission. Every meaningful action traced back to a human identity. Every framework — SOC 2, ISO 27001, NIST 800-53 — assumed this. Logging infrastructure was built around it. AI agents are quietly breaking that assumption. If you’re shipping AI features on top of customer data — even just an internal automation that summarizes vendor contracts or routes support tickets — you’re running a system that takes actions, accesses data, and makes decisions. Your SIEM sees the API calls. It does not see what the agent was trying to do, why it picked one file over another, or what it produced as a result. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...

Weekly security intelligence digest covering the most critical vulnerabilities, threats, and breach news from the past week. ...