-
RAG Is Data Access: Retrieval Authorization Is the Control
RAG is not just an AI retrieval pattern. In enterprise environments, it is a new data access path. This post explains why retrieval authorization is the real control, where the boundary actually sits, and what security, IAM, and platform teams should review before connecting sensitive content to assistant workflows safely.
-
Practical Retrieval Authorization Patterns for RAG Systems
Teams are adopting AI assistants fast, often without treating retrieval as a new access path. This practical guide explains how to secure RAG systems with real authorization patterns: preserve permissions through chunking, enforce policy at retrieval time, separate trust zones, and keep adoption moving with guardrails instead of friction intact.
-
Secrets and Tokens: Rotation SLAs, Blast Radius, and Attacker Dwell Time
Long-lived secrets are not harmless leftovers. They are blast radius waiting for an incident. This post breaks down rotation SLAs, attacker dwell time, delegated OAuth risk, and the operational habits that keep non-human credentials from becoming tomorrow’s breach path. Built for practitioners who have to run the mess in production.
-
TechThatMattRs: Week Four – What Shipped, What Slipped, and What the Workflow Revealed
Four weeks into building a content engine in public, the output is real but the carry is uneven. This Week Four update covers what shipped, what slipped, what the numbers actually said, where the workflow helped, where it added drag, and what changed once the process had to survive real…
-
Agents Are Identities: The New Control Plane for Enterprise AI
AI agents are not just features. Once they connect Slack, Jira, internal data, and downstream tools, they become operating identities with permissions, authority, and blast radius. This post explains why agent governance is an identity problem, not a prompt problem, and offers a framework: name, scope, bind, watch, prove, retire.
-
Agent Inventory and the Agent Register: The Control You Need Before Agent Sprawl Becomes Identity Debt
AI agents do not create a new governance problem so much as a faster identity problem. This post explains why agent inventories, Agent Registers, and ownership discipline matter, how discovery differs from authorization, and what teams need to prove scope, effective access, lifecycle, and accountability before something breaks in production.
-
When Your MDM Becomes the Weapon
A cyberattack on Stryker in March 2026 disrupted operations across 79 countries without a single piece of malware. Publicly reported attack path: Microsoft Intune administrative abuse. This post breaks down what happened, what could not have been predicted, what the governance gaps were, and what every Intune admin should do…
-
Approved Tool, Expanding Agent: The Ownership Model That Works
Approved SaaS platforms keep gaining agentic capability. The original security review does not expand with them. This post covers the RACI model, re-review triggers, and anti-patterns that break accountability when trusted tools evolve, plus what NIST AI RMF and OWASP Agentic Top 10 say about why one-time approval was never…
-
TechThatMattRs: Week Two of Building a Content Engine in Public
Most PMMs in a job search grind the application queue and wait. This one built a content campaign instead. Week two: what is working, what the data actually shows, why the numbers that matter are not the obvious ones, and what AI collaboration honestly looks like when nobody is watching.
-
Defending Against Modern Cyber Threats: A Day in the Life of Security Operations
Modern security incidents don’t fail in one place – they move. A phish becomes an identity problem. A third-party app becomes a data exposure problem. A zero-day becomes a privilege problem. This post follows a SecOps lead through five real attack scenarios and the process discipline that keeps operations standing.
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Tech That MattRs 