Copilot Readiness and Enterprise AI Security

by Miroslav Milovanovic

How to Detect and Block Malicious IDE Extensions

What This Post on Detecting Malicious IDE Extensions Covers Malicious IDE extensions are software plugins that request excessive permissions or hide h...

23 December 2025

Coding agents, assistants, and MCP security

research findings

See all blogs

AI Safety vs. AI Security: Explaining the Differences

by Knostic Team

AI Safety vs. AI Security: Explaining the Differences

Somewhere between hype decks and regulatory memos, "AI safety" and "AI security" started getting use...

Cursor and Claude Code's automatic loading of .env files containing secrets

by Knostic Team

From .env to Leakage: Mishandling of Secrets by Coding Agents

AI coding assistants churn out insecure code, but a less-discussed issue is their handling of secret...

by Knostic Team

First Large-Scale AI-Orchestrated Cyber Espionage Campaign

Anthropic released research in November 2025 documenting the first reported case of a large-scale AI...

AI data security

See all blogs

by Miroslav Milovanovic

AI Coding Agent Governance Policies That Work

Fast Facts on AI Coding Agent Governance AI coding agent governance refers to the rules, roles, and ...

by Miroslav Milovanovic

Inside the Shai-Hulud 2.0 npm IDE Attack Wave

It was Monday morning, November 24th, 2025. Charlie, a security researcher, sat down with his coffee...

AI data governance

See all blogs

AI data governance measurement and audit (and variations)

by Miroslav Milovanovic

How to Measure and Audit AI Data Governance

Fast Facts on AI Data Governance Measurement and Audits AI data governance refers to the systems and...

by Miroslav Milovanovic

Real AI Governance Examples You Need to Know

What This Blog Post on AI Governance Examples Covers AI governance refers to the process that organi...

The "AI Vulnerability Storm": A CISO's Playbook for the Mythos Era

Free LLM-based Vulnerability Scans for Open Source Projects

OpenAnt: Open Sourcing Knostic’s LLM-based Vulnerability Discovery Product

Agents Are Hiring Humans. Who Is Securing the Them?

Knostic Research Team Blog

Browse Blog Categories

How to Detect and Block Malicious IDE Extensions

research findings

AI Safety vs. AI Security: Explaining the Differences

From .env to Leakage: Mishandling of Secrets by Coding Agents

First Large-Scale AI-Orchestrated Cyber Espionage Campaign

AI data security

AI Coding Agent Governance Policies That Work

Top 10 AI Security Solutions in 2026

Inside the Shai-Hulud 2.0 npm IDE Attack Wave

AI data governance

How to Measure and Audit AI Data Governance

Real AI Governance Examples You Need to Know

Schedule a demo to see what Knostic can do for you

Become Our Partner

Free Tools

Industry Solutions

Policies and Legal

Resources

Departments

Roles

Become Our Partner

Knostic Research Team Blog

Browse Blog Categories

research findings

AI data security

AI data governance

Schedule a demo to see what Knostic can do for you

Become Our Partner

Free Tools

Industry Solutions

Policies and Legal

Resources

Departments

Roles

STAY AHEAD IN AI RISK & COMPLIANCE

EXPLORE KNOSTIC

Free Tools

Solutions by Department

Solutions by Role

Solutions by Industry

Resources

COMPANY

Become Our Partner