Blog

Writing about cybersecurity, AI security, and things I find interesting.

xFire: AI Agents Debate Your Code So You Don't Ship Vulnerabilities and Bugs
·3 min read

xFire: AI Agents Debate Your Code So You Don't Ship Vulnerabilities and Bugs

Security review is too important for a single opinion and too noisy to tolerate false positives. xFire uses multi-agent adversarial debate to fix both.

AI AgentsSecurityCode ReviewOpen Source
Stop Telling Your AI Agent What Not to Do
·9 min read

Stop Telling Your AI Agent What Not to Do

We built structured skills for our AI agent and watched performance drop by 6x. Here's what we learned.

AI AgentsSecurityLLMClaude Agent SDK
Benchmarking SAST
·3 min read

Benchmarking SAST

Choosing the right static analyzer — comparing SAST tools using precision, recall, and F1 metrics on realistic codebases.

SASTAppSecBenchmarking
SecLint: An Agentic Code Vulnerability Scanner
·3 min read

SecLint: An Agentic Code Vulnerability Scanner

Context-Aware, Agent-Driven Security Scanning That Scales Beyond Manual Reviews

AI SecuritySASTRAGPython