01 · Consulting
Working alongside teams.
Embedded work with security, engineering, and leadership — mapping shadow AI, threat-modeling the non-deterministic surface, and setting governance that survives contact with production.
Field notes from the practical side of AI security.
2026 · 04 · 13
The AI Safety Conversation We Need to Have
The AI safety debate is stuck on science fiction while real problems compound in production. Shadow AI, unsolved vulnerabilities, and the multiplication of risk in agentic systems demand a practical conversation. →
2026 · 04 · 16
AI Security - Five questions that don't have answers
AI systems fail in ways traditional security wasn't built to handle. Five open problems in AI security — what they are, why the old playbook doesn't fit, and why solving them may require thinking differently. →
2026 · 04 · 16
Traditional Cybersecurity Isn't Enough for AI
Traditional cybersecurity frameworks were built for deterministic systems. AI introduces non-determinism, and that changes how you need to think about threat modeling, testing, and defense. →
2026 · 04 · 14
Phishing Defenses Are Falling Behind AI
Phishing has been the leading cause of breaches for decades. Better filters, authentication, and training have helped and still do. AI is making that work exponentially harder. →
2026 · 04 · 12
The Axios Compromise Is the Warning Shot. AI Is the Real Story.
The Axios npm compromise on March 31 hit a library with 100 million weekly downloads. The attack wasn't technically sophisticated — it exploited assumptions baked into how we build software. AI is about to change what both attackers and defenders can do with those assumptions. →