Posts
Notes on Software Engineering, Cloud Development, and AI.
Privilege at the Tool Call: AI Agents Inside Law and IP FirmsPart 7
Law and IP firms handle information where confidentiality is not a compliance box. It is the product. An AI agent with unrestricted tool access can waive legal professional privilege by surfacing protected material in the wrong context.
No Journal Postings at 3am: Time-Windowed Access as a ControlPart 6
An allowlist controls which tools an AI agent can call. A time window controls when. A legitimate tool call at the wrong time is not legitimate at all.
Deny by Default: How AI Agents Quietly Accumulate Excessive PrivilegePart 5
MCP servers expose every tool equally. The finance agent that posts journals can also call delete_account. Human users go through access reviews. AI agents get full tool access on day one.
Human in the Loop for the First Payment: Approval Workflows for High-Risk Agent ActionsPart 4
Not every AI agent tool call needs a human. But some do. An approval workflow that holds the call, issues a ticket, and time-boxes the grant gives you segregation of duties without taking the tool offline
In Your Subscription, Not Ours: Why Regulated Firms Can't Use SaaS AI ObservabilityPart 3
SaaS AI observability tools route your agent's tool-call arguments through someone else's infrastructure. For regulated firms handling health data, payment data, or anything under GDPR, that is a data residency problem hiding inside a monitoring decision
Orphaned AI Agents and the Tool-Call Audit GapPart 2
Most regulated firms can't say what their AI agents did, or whether it was allowed. Why agent inventory isn't enough, and where the audit evidence lives.
Five Conversations That Kill AI Agent Deployments Part 1
I built the MCP Audit & Compliance Gateway specifically because I kept watching these conversations end the same way.
Four things the docs don't tell you about MCP on APIMPart 6
Troubleshooting MCP streams on Azure APIM: missing buffer-response attributes, load balancer timeouts, and more.
The Shift to Streamable HTTP: Future-Proofing MCP in .NET 9Part 5
How to adapt your Azure API Management infrastructure to match the mid-2025 MCP specification updates, moving from HTTP+SSE to Streamable HTTP in .NET 9
Advanced Auth: Dynamic Discovery for MCP ServersPart 4
Implement RFC 9728 in Azure API Management to allow MCP clients to dynamically discover your Entra ID authorization servers
Tracking AI Agent Tool Usage: Custom Metrics in APIMPart 3
Leverage Azure API Management policies to gain deep observability into which AI agents are using specific tools and functions
Automating the MCP Gateway: Infrastructure as Code with TerraformPart 2
How to deploy APIM shared policy fragments and routing patterns using Terraform, including the crucial named value propagation fix.
Exposing enterprise APIs as MCP servers through Azure APIMPart 1
A reference architecture for exposing enterprise REST APIs as Model Context Protocol servers through Azure API Management.
Application Insights: Best Practices & Azure Functions GuidePart 1
The Modern Guide to App Insights & Azure Functions
Running Azure Functions on Kubernetes with KEDAPart 1
Azure Functions on Kubernetes with KEDA
Stop Restarting Your Apps: Dynamic Azure App ConfigurationPart 1
How to update your .NET API settings on the fly using the Sentinel Pattern and Azure Event Grid. No downtime required.
Securing Secrets: Migrating to Azure Key Vault & App ConfigurationPart 2
How to combine Azure Key Vault and App Configuration to securely manage and distribute secrets and settings across distributed applications
Marketplace Privacy PolicyPart 1
Privacy Policy for Marketplace offerings