Security

When applications interact with LLMs or MCP servers, every request and response is a potential attack surface. One way to add protection is to put a proxy at the edge, where you can inspect traffic and enforce security rules. Just as firewalls and WAFs shield web apps from SQL injection or XSS, a proxy can serve as an "AI firewall" to defend against risks like those in the OWASP Top 10 for LLMs. In this article, I will walk through how to build such a firewall using Nginx, OpenResty, and Lua.

Earlier this month, attackers compromised a popular npm maintainer via a phishing attack, then published malicious versions of 18 widely-used packages (including debug) that together have over 2 billion weekly downloads. These packages injected browser-side malware that intercepted cryptocurrency transactions, replacing wallet addresses with attacker-controlled ones using visually similar strings to evade detection. This was a supply chain attack with no CVE assigned at the time, meaning regular SCA scanners, which rely on published CVEs, could not detect it. In this post, I will explore an alternative approach of scanning for behavioral patterns and heuristics using small language models.

You have probably seen an email from your bank, Gmail, or Netflix that says, "We noticed a login from a new device." In this blog, I will discuss browser fingerprinting - one of the simplest techniques that can be used to identify the user device. This technique can be used for security, analytics, personalization, fraud prevention, etc.

AI adoption is accelerating across industries, transforming how businesses operate and innovate. As companies embrace AI, it is crucial to understand the security and privacy implications. This article will explore security considerations when building custom AI solutions and integrating AI into business operations.