● Resources
Practical, opinionated resources for leaders securing enterprise AI. Built from real engagements — meant to be used, not admired.
A step-by-step operating model for standing up AI security governance that engineering can actually implement — inventory first, enforcement at the platform layer, risk-based tiering, and the metrics that prove it works.
A practical checklist for threat modeling any system where an AI agent can take actions — five attack surfaces to evaluate and the containment controls that keep a manipulated agent survivable.
A reference framework for applying Zero Trust to the non-human identities that AI adoption creates — verify explicitly, least privilege, assume breach — with the agent identity as the central control point.
Most of these started as bespoke work. If you'd like a version built for your stack and risk profile, let's talk.