Something’s Missing I’ve been at RSAC 2026 this week [edit: well, last week but work and travel got in the way of posting], and in the numerous sessions, talks, and … Continue reading “The Unmonitored Layer”
Author by:
Dan G
Categories: Security
Author Dan GPosted on 1 Comment on The CISO’s Guide to Agentic Misalignment (Part 2): Engineering the Control Framework
Author Dan GPosted on 1 Comment on The CISO’s Guide to Agentic Misalignment (Part 2): Engineering the Control Framework The CISO’s Guide to Agentic Misalignment (Part 2): Engineering the Control Framework
In the first part of this series, we established that traditional models assume human adversaries, static systems, and observable kill chains. Autonomous agents violate all of these assumptions because they … Continue reading “The CISO’s Guide to Agentic Misalignment (Part 2): Engineering the Control Framework”
The CISO’s Guide to Agentic Misalignment
A Practical Framework for Securing Autonomous AI Agents I recently stepped into a new role and have been completely heads down, which is why this piece has been sitting in … Continue reading “The CISO’s Guide to Agentic Misalignment”
The Real Cost of Vibe Coding: When to Stop Futzing (Part 3 of 3)
In part one of the blog series, I introduced Glyph Lefkowitz’s “Futzing Fraction” and discussed how vibe coding is likely inefficient across all skill levels of development tasks. In part … Continue reading “The Real Cost of Vibe Coding: When to Stop Futzing (Part 3 of 3)”
The Real Cost of Vibe Coding: Reality Bites (Part 2 of 3)
In part one, I introduced Glyph Lefkowitz’s “Futzing Fraction,” which attempts to measure whether vibe coding actually saves time or burns money on expensive procrastination. The results weren’t encouraging; even … Continue reading “The Real Cost of Vibe Coding: Reality Bites (Part 2 of 3)”
Categories: SecurityAuthor Dan GPosted on 3 Comments on Vibe Coding Efficiency, Part One: Glyph’s Futzing Fraction
Author Dan GPosted on 3 Comments on Vibe Coding Efficiency, Part One: Glyph’s Futzing Fraction Vibe Coding Efficiency, Part One: Glyph’s Futzing Fraction
If AI really eliminates developers, why does it take 12 retries to get working error handling? I’ve been staring at my screen at 2 AM, with Windsurf generating code that … Continue reading “Vibe Coding Efficiency, Part One: Glyph’s Futzing Fraction”
The Call Came…
Cybernews published an example of agentic AI acting like an insider threat with Replit’s AI tooling wiping a production database, ignoring a code-freeze, inventing user data, then lying about it … Continue reading “The Call Came…”
Roblox’s Age Verification: A Risky Tradeoff for Kids’ Safety
Why do we keep introducing solutions that are almost as bad as the threats they’re meant to prevent? Roblox’s age verification system collects a short video selfie and runs it … Continue reading “Roblox’s Age Verification: A Risky Tradeoff for Kids’ Safety”
The Call Is Coming From Inside the Model
A breakdown of Anthropic’s agentic misalignment research and what it means for agentic AI in critical systems TL;DRAnthropic, one of the leading AI labs, just published a paper showing that … Continue reading “The Call Is Coming From Inside the Model”
AI, ‘123456’, and Security Debt
Get ready. We’re going to see a lot more of this. Security researchers discovered that McDonald’s AI hiring chatbot “Olivia” (built by Paradox.ai and hosted on McHire.com) had gaping security … Continue reading “AI, ‘123456’, and Security Debt”