← All posts

Platform & Architecture

56 posts on platform & architecture.

Model Context Protocol Security: How the MCP Transport Layer Changes the Inspection Boundary

The Model Context Protocol standardizes how an LLM client connects to tool servers and exchanges context, tool calls, and tool results. The transport layer carries the agent identity, the tool call payloads, and the tool return values. The inspection boundary an MCP deployment owes is the HTTP leg between the MCP client and the MCP server. This piece walks through the transport modes MCP supports, the inspection target on each, the identity-aware policy decisions the deployment commits per call, and the audit record format that survives an Article 12 review.

mcpmodel-context-protocolagent-securityai-toolinginline-enforcementaudit-logs
Read post →

Zero Trust AI: Per-Request Evaluation at the Model Boundary

Zero trust applied to AI means evaluating every model request against verified identity, current policy, and prompt-level classification. The architectural pattern is an enforcement proxy at the HTTP AI request boundary. The post-authentication gap is the most common failure mode in current deployments.

zero-trustai-securityidentity-and-authorizationpolicy-enforcementinline-enforcementarchitecture
Read post →

22-Second Breach Windows: Why AI Enforcement Must Be Inline

Mandiant M-Trends 2026 measured median attack handoff at 22 seconds. At that tempo, log-and-alert fails as a control. Inline enforcement at the AI request boundary makes the policy decision before the request reaches the model. Under 50 ms enforcement overhead is invisible against 500 ms to 5 second model inference.

ai-securityinline-enforcementpolicy-enforcementcybersecurityarchitecturezero-trust
Read post →

Model Guardrails Are Probabilistic, Not Enforceable Controls

Model guardrails are trained behaviors inside the inference process. They degrade under fine-tuning, adversarial prompting, and role-play framing. External enforcement at the AI request boundary produces deterministic controls and identity-bound audit records that guardrails alone cannot.

ai-securityllm-securityprompt-injectionpolicy-enforcementarchitectureinline-enforcement
Read post →

AI Agent Identity: NIST Pillar 1 in Production Deployments

NIST Pillar 1 names verified agent identity as the foundation of the AI agent identity and authorization framework. Per-agent identifiers, delegated authority from the authorizing user, and structured propagation to the model API call are the production requirements. Static service credentials fail the test.

agentic-aiidentity-and-authorizationnist-ai-rmfai-securityarchitecturezero-trust
Read post →

AI Security for Engineering Copilots: The Identity, Source-Code, and Audit Controls a Production Deployment Has To Run

Engineering copilots reach across the source repository, the build infrastructure, the package registry, and the production credential store. The decisions the copilot supports cross export-control boundaries, the customer source-code confidentiality terms, and the secret-handling rules the security team has built. This piece walks through the identity-aware policy decisions an engineering copilot deployment has to commit at the request boundary, the audit record format that survives SOC 2 Type II and customer audit, and the architectural pattern that closes the gap.

engineering-copilotsource-codesecrets-managementai-securitysoc-2audit-logs
Read post →

Securing the Inference Lifecycle: The Five Stages Where the Enforcement Layer Has To Sit

The AI inference lifecycle is the sequence the application runs every time the model produces a response. Most security programs cover model training and the post-deployment monitoring stages but leave the inference path itself uninstrumented. This piece walks through the five stages of the inference lifecycle, the control points each stage exposes at the request boundary, the per-decision audit record the deployment has to commit, and the architectural pattern that closes the inference-time gaps a 2022-era AppSec program leaves open.

inference-lifecycleai-securityinline-enforcementaudit-logsai-architecturepolicy-enforcement
Read post →

OpenAI API Gateway Setup: An Implementation Walkthrough for Enterprise Deployments

A production OpenAI deployment that satisfies EU AI Act Article 12, NIST AI RMF MANAGE 1.3, and HIPAA audit obligations needs a gateway between the application and api.openai.com. This guide walks through the gateway's request path, the TLS handling, the identity model, the four classification stages, and the audit-record format that holds up under a regulator read. Code samples included.

openaiai-gatewayimplementation-guideenterprise-aiai-securityapi-proxy
Read post →

Anthropic API Gateway Setup: An Implementation Walkthrough for Enterprise Claude Deployments

Direct integrations with api.anthropic.com terminate TLS at Anthropic's edge, which leaves the deployer with no inspection point and no audit record. This guide walks through the gateway architecture that sits between the application and Anthropic's API, with attention to Claude-specific patterns: system prompts, tool use, prompt caching, and the message-completion streaming format. Code samples for the Anthropic Python SDK included.

anthropicclaudeai-gatewayimplementation-guideenterprise-aiapi-proxy
Read post →

AI Security for Coding Agents: The Source-Code, Secret, and Action Boundaries the Agent Crosses

Coding agents read source code, write code changes, run shell commands, call external APIs, and commit results back to the repository. The agent crosses multiple action boundaries inside a single workflow with the developer identity at the top and machine credentials at the bottom. This piece walks through the source-code data the agent reads at request time, the secret-handling surface the agent exposes, the action boundaries the inspection layer commits decisions at, and the audit record format the security team and the regulator consume.

coding-agentai-securityidentity-awareaudit-logsinline-enforcementdeveloper-tools
Read post →

AI Inline Enforcement Architecture: Where the Policy Decision Sits and What It Has To Commit

AI inline enforcement runs the policy decision in the request path, before the model API call returns to the calling application. The architecture places a deterministic policy decision point between the application identity and the model endpoint and commits a per-decision audit record before the response forwards. This piece walks through the architectural components, the decision-time data shape, the failure modes the implementation has to handle, and the regulatory profile that the inline placement satisfies (EU AI Act Article 12, NIST AI agent identity and authorization Pillar 2 and Pillar 3, Fannie Mae LL-2026-04, DORA Article 6).

inline-enforcementai-architectureai-gatewaypolicy-decision-pointauditeu-ai-act
Read post →

LiteLLM vs an AI Security Gateway: What Each One Does and Where They Compose

LiteLLM is an open-source LLM proxy that normalizes the API surface across more than 100 model providers and handles routing, retries, fallbacks, cost tracking, and basic key management. An AI security gateway sits at the same network position but answers a different question: identity-bound policy on prompt content, data classification at the request boundary, and a per-decision audit record that holds up under EU AI Act Article 12 review. The two products compose in production deployments. This piece walks through what each one does, where they overlap, and where the architectural responsibilities split.

litellmai-gatewaycomparisoninline-enforcementai-architectureaudit
Read post →