Cover image

Trust Issues? When AI Governance Stops Trusting Humans

Inventory is where AI governance usually begins to lie Inventory sounds harmless. Every governance program begins by asking a simple question: what systems do we have? Then reality behaves rudely. A developer tests a model API for one customer-support workflow. A product team quietly connects a retrieval system to internal documents. A data team fine-tunes a classifier because the foundation model was “almost good enough,” which is how many operational risks enter the building wearing a visitor badge. By the time compliance asks for the official AI system inventory, the list is already stale. ...

April 7, 2026 · 16 min · Zelina
Cover image

Trust No One, Train Together: Zero-Trust Federated Learning Grows Teeth

A factory can know exactly which machine submitted a model update and still train on a lie. The device may possess a valid cryptographic identity. Its software may have booted from an approved configuration. Its network connection may be encrypted. None of that proves that the update it sends is harmless—or that the resulting intrusion-detection model will recognize an attack crafted specifically to deceive it. ...

January 4, 2026 · 16 min · Zelina
Cover image

Keys to the Kingdom… with a Chaperone: How Agentic JWT Grounds AI Agents in Real Intent

Access tokens are convenient little monsters. Hand one to an application and, for a while, the receiving API behaves as if the bearer of that token is a faithful representative of the user. In normal software, that assumption is often good enough. The app has deterministic code. The button does what the button was built to do. The workflow may be dull, but dullness is a security feature. ...

October 1, 2025 · 16 min · Zelina