Blog
Cloud security lessons, Zero Trust insights, and the occasional cat joke.
Building an LLM Prompt Injection Firewall with AWS Lambda
AWS continues to enhance its generative AI security capabilities, with improved prompt attack filtering now available in Amazon Bedrock Guardrails. Despite these advances, a significant gap remains: organizations are deploying LLM capabilities faster β¦
Sentinel MCP Server: Securing Your SOC's New AI Attack Surface
In September 2025, Microsoft announced the Sentinel MCP Server, a Model Context Protocol implementation that lets MCP-compatible AI assistants query your Sentinel data using natural language. Microsoft highlights GitHub Copilot, Copilot Studio, and β¦
Secure Your Container Supply Chain: SBOM, Signing & Attestation with GitHub Actions
Over the last couple of weeks, Iβve been diving deep into container supply chain security. Between high-profile incidents like SolarWinds, Log4Shell, and the xz Utils backdoor, itβs clear that securing the build pipeline is just as critical as β¦
Terraform 1.11's Game-Changer: Keep Secrets Out of State for Good
If youβve worked with Terraform and secrets, youβve probably wondered: βWait, is my password actually in that state file?β The answer has historically been: yes. The sensitive = true flag does a great job hiding values from CLI output, but the state β¦
Securing the Agentic Workforce: Microsoft's Zero Trust for AI Agents
The enterprise is entering uncharted territory. AI agents, autonomous systems that can browse the web, execute code, access databases, and interact with third-party services, are no longer experimental. Theyβre being deployed at scale. And theyβre β¦
Welcome to Nine Lives, Zero Trust
If youβve found your way here, welcome. Pull up a chair. Let me explain what this is all about. Why βNine Livesβ? The old saying goes that cats have nine lives. They fall off things, get into trouble, and somehow always land on their feet. Cloud β¦