KonaSense
Book a Demo

KonaSense Blog

Field notes on AI security

Research, attack patterns, and product thinking from the KonaSense team. Practical posts for security, platform, and governance leaders.

One Prompt, One Unauthenticated Shell on Your Laptop, Open to the Internet
FeaturedAI Security

One Prompt, One Unauthenticated Shell on Your Laptop, Open to the Internet

Series · Agent Control Plane — AI Real Risks · Part 3 of ∞

Rafael Da Silva12 min

Browse by category

AI Security6Enterprise AI Governance2Shadow AI Risk2AI Agents1

Topics

#ai-governance#ai-security#shadow-ai#agent-security#agents#ai-agents#company#compliance#discovery#governance#oauth#observability#product#regulation#risk-management#saas-security#shadow-production
AI Policy Generator: five customized policies for your organization
AI Security

AI Policies Your Auditor Will Actually Accept: A Free Generator for the Five You Need in 2026

Rafael Da Silva7 min
Your Coding Agent Just Opened an End-to-End Encrypted P2P Tunnel Out of Your Network
AI Security

Your Coding Agent Just Opened an End-to-End Encrypted P2P Tunnel Out of Your Network

In Part 1 we showed Claude Code stand up a Cloudflare quick tunnel in 37 seconds. The data sat on the laptop. A door opened to it. Part 2 is the inverse directi

Rafael Da Silva12 min
What Is an Agent Control Plane
AI Security

What Is an Agent Control Plane, and Why Does Every Enterprise Need One

Forrester named the category in December 2025. Five months later it is the most contested layer in the enterprise AI stack. Here is what an Agent Control Plane actually is, what it must do, and where KonaSense fits.

Rafael Da Silva11 min
Cloudflared quick tunnel exposing localhost:3000 in 37 seconds
AI Security

Everyone Is a Developer Now, and Something in Your Company Is About to Leak

AI coding tools turned every knowledge worker into a developer. The monitoring stack you bought in 2020 was not designed to see what happens next.

Rafael Da Silva8 min
Digital consent screen with concerned office worker and unseen threats
AI Security

Your security team has never seen the apps breaching you

Explore the risks of broad OAuth permissions in AI tools, highlighted by the Vercel breach, and learn essential steps to safeguard your accounts.

Rafael Da Silva9 min
Shadow AI visual selection diagram
Shadow AI Risk

What Is Shadow AI: And Why It Is Nothing Like Shadow IT

Shadow AI is not shadow IT. It is a faster, broader, and more invisible category of risk that the 2020 governance stack was not designed to see.

KonaSense4 min
Treasury AI risk visual selection diagram
Enterprise AI Governance

Treasury just raised the bar on AI risk. Here is the practical playbook.

What the new Treasury guidance on AI risk actually requires, and a practical playbook for security and compliance leaders implementing it this quarter.

Rafael Da Silva4 min
Multi agent orchestration visual selection diagram
AI Agents

Multi agent orchestration is the next blind spot

When agents call agents call tools, the audit trail breaks. Why multi-agent orchestration is the next visibility gap for security teams.

Rafael Da Silva4 min
Shadow AI risk identification diagram
Shadow AI Risk

Shadow AI: Identifying and Mitigating Your Organization's Invisible Risk

A practical guide for security leaders on detecting and reducing the invisible risk surface created by unsanctioned AI tool usage across the workforce.

KonaSense2 min
KonaSense timeline of milestones
Enterprise AI Governance

KonaSense: People-first AI security for the real world

Why AI security has to start with the people using AI every day, not the models. The thinking behind the KonaSense platform and what we are building.

KonaSense9 min