Recursos
Material de referência sobre IA, identidade e responsabilidade. Apenas fontes primárias, normas e análise substantiva.
NHI & Identity
-
2026 NHI Reality Report: 5 Critical Identity Risks
Why non-human identities now outnumber humans in enterprise systems, and what that means for governance.
-
Agentic AI Needs Stronger Digital Certificates
Why certificate lifespans are shrinking to 47 days as a governance mechanism for workload identities.
-
AI Agent Identity: The Foundation of Trust for Autonomous Agents
Why autonomous agents need distinct, verifiable digital identities and how delegation chains work.
-
Authorize an AI Agent to Perform Tasks on Your Behalf — Identity for AI
Ping Identity's tutorial series on agent authorization patterns including CIBA-style human approval flows.
-
Decentralized Identifiers Based Interoperability Architecture
How DID, VC, and VP concepts enable lightweight, scalable interoperability between organizations.
-
How to Distinguish Between Human and Non-Human Identities
Human and non-human identities require structurally different authentication and governance approaches.
-
Keyfactor Validates PKI-Based Identity for Securing Agentic AI
Applying PKI and certificate lifecycle automation to agentic AI workloads.
-
Universal Resolver — Resolve Practically Any DID
A single utility for resolving Decentralized Identifiers across 45+ DID method drivers.
-
What Is FIDO2? — Microsoft Security
Passkeys and FIDO2 sign-in credentials created using public key cryptography with hardware-bound private keys.
-
What Is Liveness Detection?
Multi-signal approaches to confirming human presence in an era of synthetic identity.
-
Zero Trust for AI Agents: Ephemeral Credentialing Blueprint
Reducing the AI agent credential exposure window by over 99% with short-lived, just-in-time credentials.
Zero Trust & Architecture
-
Adding Identity and Access to Multi-Agent Workflows
Zero-trust approach to autonomous AI agents by integrating identity and access into multi-agent workflows.
-
Agentgateway: The AI-Native Gateway
Rust-based, AI-native gateway with MCP proxy, A2A proxy, and LLM proxy under a single control plane.
-
Caging the Agents: A Zero Trust Security Architecture
Autonomous AI agents in production with network egress policies and kernel-level workload isolation.
-
LLM Proxy: One Front Door to Multiple LLM Providers
Centralized LLM access layer that controls model usage, cost, security, and reliability.
-
MCP and Zero Trust: Securing AI Agents with Identity and Policy
How to secure AI agents with identity, policy, and fine-grained authorization using MCP and Zero Trust.
-
Redefining Zero Trust in the Age of AI Agents and Agentic Workflows
Cisco's Semantic Inspection Proxy redefines zero trust with intent-based security for AI-powered threats.
-
Why AI Agents Need Zero Trust Identity (and How to Build It)
OAuth was designed for humans delegating access to apps; mTLS verifies connections, not agent identity.
-
Zero Trust for AI Agents Starts at the Proxy Layer
Zero trust says never trust, always verify, least privilege. Most AI agent deployments violate all three.
-
Zero-Trust Agent Architecture: How to Actually Secure Your Agents
Microsoft's Entra Agent ID and AI Gateway implement Prompt Shield at the network layer.
Standards & Specs
-
Aries RFC 0104: Chained Credentials
Cryptographically signed delegation chains enable offline verification and powerful privilege delegation.
-
Cloud Native Agentic Standards — CNCF
Permissions tied to agent identity should enforce least privilege using mTLS, identity-aware routing, and network segmentation.
-
Decentralized Identifiers (DIDs) v1.1 — W3C
The W3C specification for Decentralized Identifiers, DID Documents, and DID resolution.
-
OAuth 2.0 Extension for AI Agents Acting on Behalf of Users (IETF Draft)
Draft protocol extension adding actor_token parameters to document delegation chains inside OAuth tokens.
-
OWASP Top 10 for Agentic Applications
ASI01 Agent Goal Hijack, ASI02 Tool Misuse, and ASI03 Identity and Privilege Abuse identified as top threats.
-
OWASP Top 10 for LLM Applications 2025
Introduces System Prompt Leakage, Vector and Embedding Weaknesses, and substantially expands Excessive Agency.
Threat Intelligence
-
AI Agent Security 2026: Google's Forecast and How to Fix the Gaps
Google expects a significant rise in targeted prompt injection attacks against enterprise AI systems throughout 2026.
-
How to Deal with the 2026 Agent Wave
Prompt injection is now an RCE-equivalent — when agents have tool access, injected instructions execute with the agent's full permissions.
-
Prompt Injection: Types, Real-World CVEs, and Enterprise Defenses
Critical CVEs assigned in 2025-2026 including EchoLeak, GitHub Copilot RCE, and Cursor IDE vulnerabilities exploiting AI agents with ambient trust.
-
The 2025 AI Agent Security Landscape: Players, Trends, and Risks
Review of top AI agent security trends, vendors, and threats shaping the landscape of autonomous AI.
Access Control & Policy
-
Allowlists vs. Denylists in Multi-Tenant Access Control
Allowlists implement default-deny behavior; denylists implement default-allow — and the difference is foundational for agent policy.
-
Denylist vs Allowlist for AI Agent Guardrails
Every unexpected behavior becomes another new policy to block; allowlisting outperforms denylist approaches at scale.
-
The OWASP Top 10 for LLM Applications (2025): Explained Simply
Authorization must happen in external systems, not delegated to the LLM.
-
What Developers Building with AI Agents Need to Know
The OWASP GenAI Security Project's Top 10 for Agentic Applications, explained for developers building production agent systems.
Mantenha-se atualizado
Publicamos peças curtas para conselhos e líderes de segurança sobre IA, identidade e governança. Sem hype, sem spam. Cada peça foi concebida para ser lida em dois minutos e reutilizada nas suas conversas internas.
Fale connosco