Perspectives on building safe, controllable, AI-enabled applications
I found out about the OWASP Top 10 for Agentic Applications 2026 late, and slightly embarrassed. Reading it felt like déjà vu — the same architectural arguments we've been making here, arriving from the security side of the same problem. This post maps the convergence, and covers what OWASP sees that I hadn't fully worked out.
Read the post"Just put a human in the loop" sounds reassuring, but it often masks unclear ownership and weak workflow design. This post reframes HITL as deliberate intervention points that improve safety, accountability, and outcomes in AI systems.
Read the postBy now you've seen the MIT report from 2025 that claims only ~5% of enterprise AI pilots deliver measurable business impact. The other 95% quietly stall out or die on the vine. In this post I discuss what those failure patterns reveal, and how effective systems design can improve the odds of success.
Read the post