Research

Intelligence about AI agents,
code security, and the gaps
tools miss.

Practical research for security engineers and developers building or reviewing AI-powered systems.

Your SAST Passed. Your Agent Is Still Dangerous.

Traditional AppSec tools miss the agent security surface. Here's the gap and how to think about closing it before you ship.

SAST scanners look at the wrong layer for AI agents. Agents make autonomous decisions, hold tool permissions, and can take irreversible actions — none of which traditional scanners assess.

5 min read · Apr 10, 2026

Read

Post 1Operator review draft

Why Trust-Aware Security Workflows Beat Black-Box Output

A public-facing opener for the outward program focused on governed analysis, operator legibility, and practical security workflows.

1 min read

Read

Post 2Approved planning packet

What an Agent Security Posture Management Scan Actually Finds

A scenario-first explainer for what a scan actually finds, routed with a bounded three-dimension-max structure before any full draft is surfaced.

1 min read

Read

Intelligence about AI agents,code security, and the gapstools miss.

Your SAST Passed. Your Agent Is Still Dangerous.

Why Trust-Aware Security Workflows Beat Black-Box Output

What an Agent Security Posture Management Scan Actually Finds

Intelligence about AI agents,
code security, and the gaps
tools miss.