Alignment Is Not Governance
Frontier labs keep improving model alignment, yet enterprise AI governance keeps getting harder. A technical look at why governance lives in systems, not weights.
MCP Server Security: The OWASP Top 10 Your Security Team Hasn't Read Yet
OWASP published the MCP Top 10: tool poisoning, prompt injection, context spoofing, zero built-in auth. If your devs use AI coding tools, read this now.
RSAC 2026: Every Vendor Wants to Govern AI Agents. Here's What's Actually Shipping.
Microsoft Purview, CrowdStrike Falcon AIDR, Cisco DefenseClaw — dozens of AI governance announcements at RSAC. We separate what ships from conference slides.
How to Build an AI Acceptable Use Policy That Employees Actually Follow
Only 28% of companies have a formal AI policy. Here's the template: 4-tier classification, monitor-coach-enforce model, and EU AI Act alignment built in.
The CISO's Guide to Building an AI Asset Inventory (Before Auditors Ask for One)
The median enterprise runs 40+ AI tools — security knows about 12. Three discovery channels and a risk scoring framework for continuous AI inventory.