Security writing without the vendor fog.
Zero Trust, cloud control planes, data posture, AI agents, cost controls, and the occasional on-prem lesson that still matters.
The MCP server attack surface is bigger than vendors admit
Prompt injection is table stakes. The real question is what the product is allowed to do after the model believes it.
The control plane is the breach surface
Identity, deployment systems, secrets, logs, and API boundaries matter more than the diagram teams show in architecture review.
Prompt injection is a product boundary problem
The hard part is not that prompts are input. It is what the product can do after the model believes the input.
DSPM is still a category, not a CSPM checkbox
Data posture requires a different telemetry model, operating model, and executive conversation.
Cloud cost controls are security controls now
The same sprawl that burns budget also creates unmanaged exposure, orphaned data, and weak accountability.
What on-prem got right about blast radius
Physical operations still teach useful instincts about labels, ownership, dependencies, and failure domains.
AI data can leak quietly through workspace sharing
Prototype defaults become production exposure when teams skip workspace, bucket, log, and export reviews.