Zero Trust
Lessons from the field. Always landing on my feet.
Block Prompt Injection at the Network Layer with Entra Prompt Shield
A while back I built an LLM Firewall with AWS Lambda, a proxy that sits between users and the model to catch prompt injection. It worked, but it meant writing custom code for every app and having zero visibility into AI services I didnβt own. Thatβs β¦
March 2026 Entra ID Changes: Passkey Auto-Enablement and Conditional Access Enforcement
Microsoft is shipping two Entra ID changes in March 2026 that will change how your users authenticate. Neither change requires administrator action to take effect, and that is precisely the risk. If you do not act before the deadlines, Microsoft β¦
Just-In-Time Access for AI Agents: Building a ZSP Gateway in Azure
AI coding assistants need Contributor access to deploy infrastructure. Backup automation needs Key Vault secrets at 2 AM. Security scanners need Reader access on a schedule. The easy answer is standing permissions-give each service principal what it β¦