-
TechThatMattRs: Week X – The Missing Six Weeks
The content kept shipping, but the PMM work around it slowed down. Week X catches up the missing six weeks, including shipped posts, interview work, infrastructure, analytics, and the Asana reset.
-
Joiner-Mover-Leaver for AI Agents: Create, Rotate, and Retire Access Before It Drifts
AI agents need lifecycle management because they can hold credentials, inherit permissions, call tools, and act across systems. Learn how joiner-mover-leaver maps to create, rotate, and retire controls for agentic AI and non-human identities.
-
Mandiant Got Inside. The AI Threats Were Not What Anyone Expected.
Mandiant’s AI Risk and Resilience report shows a useful gap between perceived AI risk and real implementation failures: browser caching, SQL injection, broken access control, SSRF, excessive agency, and missing visibility.
-
Quantum’s First Real Job
IBM’s recent KCuF3 quantum materials simulation result is one of the clearest near-term proof points for enterprise-relevant quantum computing. This post breaks down what changed, what did not, and why the result matters to SecOps teams, platform engineers, and CISOs watching hybrid compute, governance, and post-quantum planning right now.
-
AI Identity Management at the Scale of One
AI identity management matters long before enterprise scale. This field note walks through what changed when AI-assisted work got its own identity across Asana, Google Docs, Slack, and email. The result was cleaner attribution, clearer boundaries, noisier receipts, and a more honest record of how work actually moved through systems.
-
Agent incident playbook: first 60 minutes
Agent incidents are no longer theoretical. This practical playbook walks through the first 60 minutes after an agent-linked incident: stop the reach, preserve the evidence, and narrow the path before more damage happens. Focused on containment, reconstruction, and controlled stabilization, it treats agent risk as an authority problem, not hype.
-
The Workflow Got Faster. The Record Got Fuzzier.
AI can make a workflow faster while making the audit trail less truthful. This post looks at how tool use, delegated authority, and fuzzy attribution collide once systems start acting across tools, why productivity is still the point, and what identity, logging, and governance controls have to catch up afterward.
-
TechThatMattRs: Week Six – The minimum viable asset set
Week Six of building a content engine in public: the trend line from Week Two through Week Six, the rise and failure of mini-campaign defaults, the collapse in social-to-site transfer, and the human cost of trying to keep shipping through depression, job pressure, and a shrinking margin for hope now.
-
RAG Is Data Access: Retrieval Authorization Is the Control
RAG is not just an AI retrieval pattern. In enterprise environments, it is a new data access path. This post explains why retrieval authorization is the real control, where the boundary actually sits, and what security, IAM, and platform teams should review before connecting sensitive content to assistant workflows safely.
-
Practical Retrieval Authorization Patterns for RAG Systems
Teams are adopting AI assistants fast, often without treating retrieval as a new access path. This practical guide explains how to secure RAG systems with real authorization patterns: preserve permissions through chunking, enforce policy at retrieval time, separate trust zones, and keep adoption moving with guardrails instead of friction intact.
-
Secrets and Tokens: Rotation SLAs, Blast Radius, and Attacker Dwell Time
Long-lived secrets are not harmless leftovers. They are blast radius waiting for an incident. This post breaks down rotation SLAs, attacker dwell time, delegated OAuth risk, and the operational habits that keep non-human credentials from becoming tomorrow’s breach path. Built for practitioners who have to run the mess in production.
-
TechThatMattRs: Week Four – What Shipped, What Slipped, and What the Workflow Revealed
Four weeks into building a content engine in public, the output is real but the carry is uneven. This Week Four update covers what shipped, what slipped, what the numbers actually said, where the workflow helped, where it added drag, and what changed once the process had to survive real…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Tech That MattRs 