<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>Infosec Writing Studio blog</title><link>https://infosec-content.online/blog/</link><description>Cybersecurity content research, analysis, and writing guidance.</description><language>en</language><atom:link xmlns:atom="http://www.w3.org/2005/Atom" href="https://infosec-content.online/rss.xml" rel="self" type="application/rss+xml" /><item><title>AI Agent Authorization: Tool Access, Delegation, and Least Privilege</title><link>https://infosec-content.online/blog/ai-agent-authorization-tool-access-delegation/</link><guid isPermaLink="true">https://infosec-content.online/blog/ai-agent-authorization-tool-access-delegation/</guid><description>Agents need enforceable limits on tools, data, and delegated authority. This article maps OAuth, MCP, approvals, revocation, audit, and confused deputy controls.</description><category>AI security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>How to Write CNAPP Website Copy That Explains Posture, Runtime, Identity, and Prioritization</title><link>https://infosec-content.online/blog/cnapp-website-copy-posture-runtime-identity-prioritization/</link><guid isPermaLink="true">https://infosec-content.online/blog/cnapp-website-copy-posture-runtime-identity-prioritization/</guid><description>CNAPP buyers need to understand what a platform sees, how its signals connect, and why one risk ranks above another. This guide shows how to explain the four ideas that carry most of that story.</description><category>Cloud security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>How AI Security Vendors Can Substantiate Product Claims</title><link>https://infosec-content.online/blog/how-ai-security-vendors-can-explain-product-claims/</link><guid isPermaLink="true">https://infosec-content.online/blog/how-ai-security-vendors-can-explain-product-claims/</guid><description>AI security claims need a defined scope, a relevant threat model, and evidence that matches the words on the page. This guide shows vendors how to build that proof before publishing.</description><category>AI security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>How to Explain IAM, ITDR, PAM, and Non-Human Identity Security</title><link>https://infosec-content.online/blog/identity-security-iam-itdr-pam-non-human-identities/</link><guid isPermaLink="true">https://infosec-content.online/blog/identity-security-iam-itdr-pam-non-human-identities/</guid><description>IAM, ITDR, PAM, and non-human identity security address different parts of identity risk. This guide helps security buyers compare their scope, controls, and evidence.</description><category>Identity security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>Machine Identity vs Non-Human Identity: Scope, Credentials, and Security</title><link>https://infosec-content.online/blog/machine-identity-vs-non-human-identity/</link><guid isPermaLink="true">https://infosec-content.online/blog/machine-identity-vs-non-human-identity/</guid><description>A technical comparison of machine and non-human identities, including their scope, credentials, lifecycle, access, and security controls.</description><category>Identity security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>What Is AI Identity Infrastructure? Identity for Agents, Models, and Tools</title><link>https://infosec-content.online/blog/what-is-ai-identity-infrastructure/</link><guid isPermaLink="true">https://infosec-content.online/blog/what-is-ai-identity-infrastructure/</guid><description>AI agents need more than API keys. This article maps the identity, delegation, policy, audit, and trust components used to control agents, models, tools, and data.</description><category>AI security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>What Is Non-Human Identity Security? Discovery, Ownership, Credentials, and Access</title><link>https://infosec-content.online/blog/what-is-non-human-identity-security/</link><guid isPermaLink="true">https://infosec-content.online/blog/what-is-non-human-identity-security/</guid><description>A practical guide to finding non-human identities, assigning owners, reducing credential risk, and controlling access across their lifecycle.</description><category>Identity security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item><item><title>Workload Identity Federation: How Cloud Services Authenticate Without Static Secrets</title><link>https://infosec-content.online/blog/workload-identity-federation-cloud-authentication/</link><guid isPermaLink="true">https://infosec-content.online/blog/workload-identity-federation-cloud-authentication/</guid><description>A technical guide to subject tokens, trust policies, cloud STS flows, Kubernetes service accounts, SPIFFE trust domains, and credential expiry.</description><category>Identity security</category><pubDate>Sat, 18 Jul 2026 00:00:00 GMT</pubDate></item></channel></rss>