Threat-Modeling on Napat's Inverse Blog /tags/threat-modeling/ Recent content in Threat-Modeling on Napat's Inverse Blog Hugo en-us Thu, 02 Apr 2026 15:30:00 +0700 Five OWASP AI Lists, One Practitioner Problem /2026-04-02-five-owasp-ai-lists-one-practitioner-problem/ Thu, 02 Apr 2026 15:30:00 +0700 /2026-04-02-five-owasp-ai-lists-one-practitioner-problem/ <p>I was in a meeting recently where someone asked a simple question: &ldquo;Which OWASP list should we use for our AI security review?&rdquo;</p> <p>Nobody could answer it. Not because the people in the room were incompetent. The opposite, actually — they&rsquo;d all read the lists, which is precisely why they couldn&rsquo;t answer. There are five of them now. Five OWASP AI security lists. Each one a Top 10, except the one that&rsquo;s a 200-page guide. They overlap, contradict, and occasionally talk past each other. When someone finally pulled up Matt Adams&rsquo; <a href="https://owaspai.matt-adams.co.uk/">OWASP AI Top 10 Comparator</a> — a tool that exists specifically because the proliferation problem is bad enough to need its own website — the room collectively sighed.</p> DeerFlow vs OpenClaw Security Analysis (AI Experiment) /ai-analysis/deer-flow-openclaw-security-analysis-experiment/ Fri, 27 Mar 2026 12:20:00 +0700 /ai-analysis/deer-flow-openclaw-security-analysis-experiment/ An opinionated practitioner&#39;s deep dive into DeerFlow and OpenClaw security architectures — what works, what breaks at runtime, where the real risk lives, and how to harden before production. The USB-C Metaphor Hides the Hard Part /2026-03-22-the-usb-c-metaphor-hides-the-hard-part/ Sun, 22 Mar 2026 15:59:00 +0700 /2026-03-22-the-usb-c-metaphor-hides-the-hard-part/ <h2 id="threat-modeling-mcp-in-the-real-world">Threat Modeling MCP in the Real World</h2> <p>People like to describe MCP as &ldquo;USB-C for AI.&rdquo;</p> <p>It&rsquo;s a good line. It explains why people care.</p> <p>USB-C made hardware interoperability easier. MCP makes tool interoperability easier. Build once, connect everywhere, move faster.</p> <p>The problem with good metaphors is that they are usually true in one way and dangerously false in another.</p> <p>USB-C looks like a cable problem. MCP looks like a protocol problem.</p> <p>But the hard part isn&rsquo;t the connector. The hard part is delegation.</p> <p>When an AI client connects to tools through MCP, it is not just moving data. It is moving authority: who can read what, who can trigger what, and under which identity.</p> <p>That shift is what many threat models miss.</p> <p>They evaluate MCP like an integration layer, when they should evaluate it like an authorization fabric.</p> <hr> <h2 id="why-this-matters-now">Why this matters now</h2> <p>Standards compress engineering cost. They also compress attacker learning curves.</p> <p>Before MCP, every integration had custom quirks. That was messy for developers and inconvenient for attackers. With standardization, we gain velocity and lose diversity. A weakness in common implementation patterns becomes reusable across many environments.</p> <p>This doesn&rsquo;t mean MCP is unsafe. It means MCP is now important enough to threat model as first-class infrastructure.</p> <p>The teams that do this early will avoid the coming cycle: rapid adoption, soft defaults, then expensive retrofitting under incident pressure.</p> <hr>