The Signal
Threat intelligence, incident analysis, and security engineering for the AI agent era.
Essential Reading
Start here. The threats are real, the evidence is documented, and the tools exist.
You Wouldn't Hire Someone Without a Background Check. Why Deploy an Agent Without One?
When AI Agents Attack: What the First AI-Orchestrated Campaigns Teach Us
The OpenClaw Security Crisis: Anatomy of the First AI Agent Meltdown
What is AI-SPM? The New Category Governing Agentic AI
All Posts
AWS Bedrock Agents Security: Enterprise Architecture Guide
Secure your AWS Bedrock Agent deployments. Learn IAM configuration, action groups, knowledge bases, and monitoring strategies.
Salesforce AgentForce Security: Protecting Autonomous CRM Agents
Secure your Salesforce AgentForce deployments. Learn the security model, common risks, and best practices for autonomous CRM agents.
Microsoft Copilot Studio Security: The Complete Enterprise Guide
Secure your Microsoft Copilot Studio deployments. Learn common misconfigurations, security best practices, and monitoring strategies.
AIHEM: Learn AI Security By Breaking Things
Learn AI security hands-on with AIHEM—33 challenges covering the OWASP LLM Top 10 and advanced agent attacks. The WebGoat for the AI era.
EU AI Act Compliance for AI Agents: Article 14 and Beyond
Navigate EU AI Act requirements for AI agents. Understand Article 14 human oversight, risk classification, and practical compliance strategies.
Agent Incident Response: What To Do When Your AI Is Compromised
Your AI agent has been compromised. Now what? A practical incident response playbook covering detection, containment, investigation, and recovery for AI agent security incidents.
Multi-Agent Attack Patterns: When Agents Turn on You
As enterprises deploy multi-agent systems, new attack patterns emerge. Learn about lateral movement, privilege escalation, and cascade attacks in agent networks.
AI Agent Identity: The Accountability Challenge No One Is Solving
AI agents need identity management, but they're not users or service accounts. Without knowing who your agents are, you can't hold them accountable.
Building Agents at Scale: Enterprise Lessons from LinkedIn, Salesforce, and Microsoft
How the world's largest companies are architecting AI agent systems — and the security gaps their approaches create.
Agent Prompt Injection: Beyond Basic LLM Attacks
Prompt injection in AI agents is more dangerous than in chatbots. Learn the attack techniques, see real examples, and implement effective defenses.
MCP Security: Protecting the Model Context Protocol Layer
The Model Context Protocol (MCP) is becoming the standard for agent-tool communication. Learn the security implications and how to protect your MCP deployments.
Shadow Agents: Finding the AI You Don't Know About
Shadow AI agents are proliferating across enterprises. Learn how to discover them, assess their risks, and bring them under governance.
Introducing TrustVector: The Open-Source AI Trust Directory
TrustVector.dev provides independent, evidence-based security evaluations for AI models, agents, and MCP servers. 106 systems evaluated and growing.
Agent Threat Landscape 2026: Attack Vectors Unique to Autonomous AI
Discover the attack vectors unique to AI agents: impersonation, tool abuse, chain attacks, memory poisoning, and more. A security researcher's guide.
The Complete Guide to Agentic AI Security in 2026
Learn how to secure AI agents in production. Covers attack vectors, identity challenges, and best practices for enterprise agent security teams.