Ulrich.dev — Field notes on AI × security

Ulrich.dev — Field notes on AI × securityEssays, tools and field notes on practical AI and cybersecurity, by Ulrich Dohou.https://ulrich.dev/enThe prompt is the new perimeterhttps://ulrich.dev/writing/the-prompt-is-the-new-perimeter/https://ulrich.dev/writing/the-prompt-is-the-new-perimeter/Twenty years of firewall thinking taught us to draw a circle around the things we trust. LLMs ate the circle. What replaces it isn't another box — it's a discipline.Thu, 21 May 2026 00:00:00 GMTSecurityLLMThreat modelingArchitecturePrompt injectionWhat OWASP misses about LLM agentshttps://ulrich.dev/writing/what-owasp-misses-about-llm-agents/https://ulrich.dev/writing/what-owasp-misses-about-llm-agents/The Top-10 is a checklist for web apps. Agents aren't web apps. Here's the column I'd add — and the one I'd quietly remove.Thu, 14 May 2026 00:00:00 GMTSecurityOWASPLLMAgent securityThreat modelingI shipped an AI feature on Friday. By Monday it was a liability.https://ulrich.dev/writing/shipped-ai-feature-friday-liability-monday/https://ulrich.dev/writing/shipped-ai-feature-friday-liability-monday/A two-week postmortem on going fast with an LLM, and the four guardrails I won't ship without again.Thu, 07 May 2026 00:00:00 GMTAIPostmortemLLMGuardrailsProductionA small ritual for reading other people's threat modelshttps://ulrich.dev/writing/reading-other-peoples-threat-models/https://ulrich.dev/writing/reading-other-peoples-threat-models/Five questions I ask before I ever pull up a diagram. Most documents fail on question two.Wed, 29 Apr 2026 00:00:00 GMTNotesThreat modelingProcessSecurity reviewYour RAG pipeline is a confused deputyhttps://ulrich.dev/writing/rag-pipeline-confused-deputy/https://ulrich.dev/writing/rag-pipeline-confused-deputy/A 1988 paper has more to say about modern retrieval-augmented agents than most of the 2024 ones do.Wed, 22 Apr 2026 00:00:00 GMTAIRAGConfused deputySecurity architectureLLMThe audit log is the most underrated AI safety featurehttps://ulrich.dev/writing/audit-log-underrated-ai-safety-feature/https://ulrich.dev/writing/audit-log-underrated-ai-safety-feature/If you can't replay what your agent did, you don't have a product — you have a wager.Wed, 15 Apr 2026 00:00:00 GMTSecurityAudit loggingAI safetyObservabilityProductionOn charging for software you can run locallyhttps://ulrich.dev/writing/charging-for-local-software/https://ulrich.dev/writing/charging-for-local-software/Three pricing models I tried for an offline-first tool, and what each one actually rewarded.Wed, 08 Apr 2026 00:00:00 GMTSolo opsPricingIndie softwareBusiness model