Content by mosiddi (5)

mosiddi walks through the OWASP Top 10 risks for agentic applications (2026) and maps each risk to concrete mitigations in Microsoft’s open-source Agent Governance Toolkit (AGT), including policy-as-code enforcement, capability sandboxing, zero-trust identity, execution isolation, encrypted inter-agent comms, and tamper-evident audit trails.

mosiddi explains how classic SRE practices map to running autonomous AI agents in production, using the Agent Governance Toolkit’s Agent SRE package. The post introduces Safety SLIs, autonomy/error budgets, behavioral circuit breakers, chaos experiments, replay debugging, and progressive delivery patterns for governing agent behavior.

mosiddi explains how the Agent Governance Toolkit (AGT) tackles post-hoc accountability for autonomous agents: proving who authorized an action, what scope was delegated across multi-agent chains, and whether audit evidence was tampered with, using cryptographic identities, signed delegation links, and append-only audit logs.

mosiddi explains how the Agent Governance Toolkit (AGT) “shifts left” governance for AI agents by catching security and compliance violations before runtime, using pre-commit hooks, PR gates, CI checks, and release-time controls like SBOMs, signing, and provenance attestations.

mosiddi explains how Microsoft’s open-source Agent Governance Toolkit implements production-grade security and reliability controls for autonomous AI agents, covering its package architecture, policy enforcement (Agent OS), zero-trust identity (Agent Mesh), privilege rings (Agent Hypervisor), and SRE/observability integrations, including Azure deployment patterns.