Policy as Code Musings and News
Subscribe
Sign in
Home
Archive
About
Enterprise Architecture
Latest
Top
Discussions
Security Governance: Defense In Depth
Thinking through the layers we need to create to fully protect our data, infrastructure, systems, and people
May 22
•
John Brothers
2
Securing Atlassian Rovo: Fine-Grained Policy for AI Agents with PortcullisMCP
A PoC of agent-specific policy in action
May 19
•
John Brothers
1
2
The Risks of Dynamic Tool Discovery
Another reason you need an MCP Authorization Gateway
May 8
•
John Brothers
1
AWS Bedrock AgentCore Policy
Reviewing AWS's MCP Authorization Policy Solution
Apr 24
•
John Brothers
2
1
EnforceAuth: out of stealth-mode
EnforceAuth has announced its existence.
Feb 9
•
John Brothers
3
1
2
Integrating Policy as Code with DSPM
Classify, then Protect
Oct 3, 2025
•
John Brothers
1
Zero-Trust MCP Integrations
Reducing the chances that AI-powered solutions are misused
Jul 28, 2025
•
John Brothers
2
An Overview of Model Context Protocol
The Standard Mechanism for Integrating Organizational Data with 3rd Party AI Systems
Jul 28, 2025
•
John Brothers
1
Are your AI solutions in regulatory compliance? Will that still be true tomorrow?
A strategy to deal with the rapidly changing regulatory environment surrounding AI
May 13, 2024
•
John Brothers
1
The SALAD Principles of Policy as Code Development
Introduction
Feb 28, 2024
•
John Brothers
1
Policy-as-Code might represent a paradigm shift in enterprise software development
When I first learned about Policy-as-Code, I was under the impression it was all about policing your Infrastructure-as-Code deployments.
Nov 10, 2023
•
John Brothers
1
Architectural Concerns with Policy-as-Code
I recently wrote a document introducing the concepts of Policy-As-Code.
Oct 3, 2023
•
John Brothers
1
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts