Archive - Secure Trajectories

Engineering Trust: Security Patterns for Agentic AI in Life Sciences

A guide for building secure AI agents in high-stakes life sciences environments

Oct 2 •

September 2025

The Postmark MCP Trojan Horse Is Your Agent’s Newest Sales Objection

Why the first malicious MCP backdoor proves vetting your agent’s tools isn't enough to pass security review.

Sep 29 •

Your Agent's Newest GTM Blocker: Proving You're Safe from 'Service-Side' Attacks

How to turn the new standard for agent security into a competitive advantage.

Sep 24 •

After the Notion and ChatGPT Agent Exploits, CISOs Need to Ask Their Vendors Three Questions

How ‘service-side’ agent exploits create a new mandate for verifiable governance.

Sep 22 •

The Field Guide to ISO 42001 for Coding Agents

A practical blueprint for the essential controls you need to govern your use of tools like Claude Code, Github Copilot, and Cursor and prove your SDLC…

Sep 16 •

From Geopolitics to Enterprise Realities: Why Every CISO Needs an AI “Trust Adjudicator”

Tom Friedman is right about the need for an AI referee between the US and China. But the first frontier for this challenge is inside the enterprise.

Sep 2 •

August 2025

Claude for Chrome’s 11% Problem Is a Wake-Up Call

Anthropic's red-teaming of Claude for Chrome proves that prompt-level safety is not enough. True agent governance requires moving beyond what they say…

Aug 27 •

Beyond the MIT Report’s 95% AI Failure Rate: Why the Future is a Waymo, Not a GPS

The enterprise chatbot is a dead end. The data shows it’s time to shift our focus from informational tools to autonomous agents—and the controls…

Aug 25 •

Lessons from the First MCP Hackathon in NYC: What Our 3rd Place Vuln Analyst Agent Revealed about Enterprise Security

Why our impressive, award-winning AI agent is completely unusable in a real enterprise.

Aug 19 •

The Sycophantic Agent: Your Company's Newest Insider Threat

What happens when an agent convinces employees they’re doing the right thing when they’re not?

Aug 12 •

From Threat Modeling to Guardrails to Oversight: Takeaways from the Agentic AI Summit

Setting the stage for the AI Security conversations at Hacker Summer Camp

Aug 4 •

July 2025

Your Agent's "Frolic and Detour": Who's Liable When Your Agent Goes Rogue?

How Provable Governance Turns an Agent's Biggest Risk into Your Greatest Competitive Advantage

Jul 29 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts