New AI security tool lays out key exposures
Risk Rubric gives assessments for LLM transparency, security and more. But it's only one tool in your AI security toolbox.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
New AI security tool lays out key exposures
Gartner's CTEM advances vulnerability management
The Continuous Threat Exposure Management model represents an evolution from CVSS. Here’s what you need to know.
AI is ramping up coding velocity — and risk
AI is producing code up to four times faster — but with 10 times more AppSec lapses. Here’s what you need to know.
MCP credential weakness raises red flags
More than half of Model Context Protocol servers were found to rely on static, long-lived credentials. With AI agents on the rise, that’s a problem.
5 vibe coding security lessons
Vibe-coded apps that make it to production can be a minefield for security teams. Here are key takeaways for your AppSec team.
ASM and the attack surface: 10 key risk factors
Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.
The Postmark MCP server attack: 5 key takeaways
A malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.
Deadlines vs. secure code: How AppSec can cope
AI coding and other modern development practices mean flawed code will continue to ship. Here are key recommendations for managing software risk.
How AI coding can learn to do secure software
If you train ML models, they can learn to write more secure code. But the quality of the training data is only as good as your AppSec tooling.