Publicações
Peças curtas e artigos aprofundados sobre IA, identidade e responsabilidade para conselhos e líderes de segurança.
Documento de referência
The Semantic Proxy Pattern
A technical reference architecture for enterprise agent authorization built on three independent layers: a mandatory semantic proxy that evaluates agent actions against allowlist policy, subnet isolation that makes proxy traversal topologically mandatory, and per-agent cryptographic identity that enables instance-level attribution and revocation. Draws on implementations from Brex, Cisco, Microsoft, CNCF standards, and production healthcare deployments.
Questões-chave abordadas neste documento
- Why do existing network security controls fail against semantic agent threats?
- How does the semantic proxy pattern differ from traditional guardrails embedded in the primary model?
- What implementation components are needed for each of the three architectural layers?
Publicações recentes
Publicamos peças emparelhadas — uma para conselhos e comissões, outra para CISOs e arquitetos de segurança — sobre o mesmo tema. Os artigos aprofundados surgem numa cadência bimestral.
Líderes de segurança
The Identity Crisis at the Heart of Agentic AI
Agentic AI dissolves the application-as-gatekeeper model. A technical briefing on the four-layer identity architecture — directories, workload PKI, verifiable credentials, and DIDs — emerging to replace it.
The Semantic Proxy Pattern
12-slide technical reference on the semantic proxy pattern: three-layer defense architecture for enterprise AI agent authorization.
Treat Your AI Agents Like Untrusted Code
10-slide deck on the three-layer agent security architecture: semantic proxy, subnet isolation, per-agent identity.
Conselhos
The Agent Problem: Why Your AI Workforce Needs a Different Kind of Oversight
10-slide board briefing on AI agent oversight infrastructure and the four governance properties boards should verify.
Who's Running Your Organization? The Identity Challenge of the AI Agent Era
AI agents are becoming first-class actors inside enterprises, without appearing in any directory. A briefing for boards and security leaders on the identity gap and the architecture that closes it.
Mantenha-se atualizado
Publicamos peças curtas para conselhos e líderes de segurança sobre IA, identidade e governação. Sem hype, sem spam. Cada peça foi concebida para ser lida em dois minutos e reutilizada nas suas conversas internas.
Fale connosco