AuthSecAuthSec
AuthSec Blog

Ideas that shape the future of identity

Expert perspectives on identity security, AI agent authorization, zero-trust patterns, and the infrastructure powering autonomous systems.

Deep dives & tutorials
Latest in AI security
Trust Delegation: The Missing Piece in Multi-Team Identity
FeaturedInfrastructure

Trust Delegation: The Missing Piece in Multi-Team Identity

AuthSec TeamMar 13, 20265 min read
Read article

Showing 9 of 10 articles

We Built a Firewall for AI Agents. Here's What Happened When Claude Code Tried to Delete Our Files.
Security

We Built a Firewall for AI Agents. Here's What Happened When Claude Code Tried to Delete Our Files.

You give Claude Code your terminal. You give Codex your codebase. You give OpenClaw your entire machine — and they can rm -rf your home directory or git push --force to production before you know it. AuthSec Agent Shield stops that at the OS level. Here's what happened when we put it head-to-head with Claude Code.

Apr 20, 20268 min read
AuthSec for AI: Your Organization's Kill Switch for AI Agent Actions
Security

AuthSec for AI: Your Organization's Kill Switch for AI Agent Actions

AI agents can delete files, push code, query databases, scale infrastructure, and send customer emails with a single prompt. AuthSec adds a human approval layer before risky actions execute.

Apr 14, 202610 min read
Building an Authenticated AI Gateway: How We Put OpenClaw Behind Enterprise SSO
Infrastructure

Building an Authenticated AI Gateway: How We Put OpenClaw Behind Enterprise SSO

AI assistants are powerful, but deploying one inside an organization without authentication is like leaving the front door wide open. Here's how we built authsec-openclaw — a Go reverse proxy that wraps OpenClaw with enterprise-grade SSO and gives every chat session a verified identity.

Apr 13, 20269 min read
SCIM: The Enterprise Gateway Your AuthSec Deployment Needs
Infrastructure

SCIM: The Enterprise Gateway Your AuthSec Deployment Needs

Enterprise customers won't buy your SaaS if they have to manually provision users. Every new hire means a ticket. Every termination means a security gap. AuthSec SCIM fixes this by automating user sync from Okta, Entra ID, and Google Workspace.

Mar 12, 20266 min read
AuthSec: Open-Source Identity for AI Agents
Strategy

AuthSec: Open-Source Identity for AI Agents

Most identity products were designed around a very specific assumption—there's a human sitting in front of a browser. That model breaks down fast once you start shipping agents. AuthSec was built to fix that.

Mar 11, 20267 min read
Why AuthSec Is Built for Agents, Not Browsers
Strategy

Why AuthSec Is Built for Agents, Not Browsers

Most identity products were designed around a specific assumption: there's a human sitting in front of a browser. That model works well for web apps but breaks down fast once you start shipping agents.

Feb 4, 20266 min read
MCP server: The Protocol Your Service Mesh Has Been Missing
Infrastructure

MCP server: The Protocol Your Service Mesh Has Been Missing

Every component in your service mesh watches the same Kubernetes API. This creates a thundering herd problem at scale. MCP is the distributed configuration layer that solves this.

Feb 3, 20264 min read
The Cryptographic Identity Your Infrastructure Is Missing
Infrastructure

The Cryptographic Identity Your Infrastructure Is Missing

Microservices don't have passports—they have IP addresses and shared secrets. This falls apart at scale. SPIFFE/SPIRE gives every verified workload a cryptographic identity.

Feb 3, 20265 min read
The Authentication Problem Nobody Told You About
Security

The Authentication Problem Nobody Told You About

Your AI agent can't click a login button. Yet every identity platform assumes that's exactly what will happen. AuthSec fixes this.

Jan 20, 20255 min read

Stay in the loop

Get the latest articles on identity security and AI authorization delivered to your inbox.