[Blog]

Securing the agent era

Notes on securing the agent era: AI governance, MCP security, shadow AI, and the controls that keep teams fast and safe.

[Security]April 11, 2026

MCP Security Best Practices: 6 Attack Vectors Every Team Should Know

The MCP specification defines six critical attack vectors, from confused deputy exploits to session hijacking. Here's how each one works and what to do about it.

Stanislas HannebelleStanislas Hannebelle
Read article

How to Build a Secure AI Agent: A Practical Guide for Startups

AI agents are shipping fast, but most teams underestimate the security implications. This guide covers the real threats, from prompt injection to output exfiltration, and gives you actionable patterns to build agents that fail safely.

Arnaud DrizardArnaud DrizardApril 11, 2026

ShadowPrompt: How a Zero-Click Vulnerability in Claude's Chrome Extension Could Hijack Your Browser

A zero-click vulnerability in Anthropic's Claude Chrome extension allowed any website to silently inject prompts and steal sensitive data. Here's what happened, how it worked, and what it means for your AI tool governance.

Arnaud DrizardArnaud DrizardMarch 31, 2026

We Built a Customer-Facing MCP Server. Here's What the Spec Didn't Prepare Us For.

Building a customer-facing MCP server? Here's what the spec misses: OAuth IdP gaps, client divergence, multi-tenant auth, and supply chain risk.

Stanislas HannebelleStanislas HannebelleMarch 3, 2026

AI Coding Assistants Are Now a Security Risk: What SOC 2 and ISO 27001 Companies Need to Know

From malicious extensions exfiltrating code to prompt injection attacks enabling remote execution, AI coding tools introduce new risks that most compliance frameworks don't explicitly address. Here's what CTOs and CISOs need to implement now.

Arnaud DrizardArnaud DrizardFebruary 13, 2026

ISO 42001: Do You Need It If You Only Use AI APIs?

Do you need ISO 42001 if you only use AI APIs? Learn the key differences between AI developers and AI consumers for compliance.

Arnaud DrizardArnaud DrizardJanuary 29, 2026

[Get started]

See every AI in your company. Then take command.

Discover every model, agent, and MCP server your team uses, then switch on the controls that matter.

Book a demo