Research

AI Agent Security
Intelligence

Original research, technical analysis, and practical guidance from the team building Amajoni.

TECHNICAL

Prompt Injection Is Not Theoretical: How Production AI Agents Get Compromised

A technical breakdown of how prompt injection attacks work against production AI agents, with real attack patterns, dangerous permission combinations, and copy-paste CloudWatch detection queries.

May 2026 · 6 min read

Read →

COMPLIANCE

NIST AI RMF for Security Teams: A Practical Implementation Guide

The NIST AI Risk Management Framework is becoming the de facto audit standard for enterprise AI. Here is what it actually requires, what evidence auditors want to see, and how to implement it without a consultant.

April 2026 · 10 min read

Read →

RESEARCH

AI Agent Exposure in South African Fintech: What We Found Scanning Public Domains

We ran our OSINT domain scanner against the top 20 SA fintech companies. Using only public signals — no credentials, no access, no intrusion — here is what we found visible from the outside.

March 2026 · 5 min read

Read →

METHODOLOGY

Introducing the Amajoni Blast Radius Score: A New Standard for AI Agent Risk Quantification

There is no industry standard for measuring how dangerous an AI agent is if compromised. We built one. Here is the methodology, the formula, and an open invitation for community feedback.

February 2026 · 7 min read

Read →

TECHNICAL

Secure by Default: The Developer's AI Agent Security Checklist

Most AI agent security problems are introduced during development, not deployment. This checklist covers the eight controls that prevent the majority of production incidents — with copy-paste IAM policies, CloudWatch alarm configs, and LangChain callback patterns.

January 2026 · 9 min read

Read →

Stay ahead of AI agent threats

Monthly research and threat intelligence from Amajoni.

No spam. Unsubscribe anytime.