New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications

Summary

Atsign has launched AI Architect, a platform designed to enhance the security of applications developed using AI coding. The tool applies cryptographic protections to make application identities effectively invisible to attackers, thereby preventing the exploitation of vulnerabilities. This approach aims to address the security risks introduced by the rapid development of AI-powered applications, which often lack built-in security measures.

Full text

A new agentic coding concept uses the cloak of invisibility to provide security by design in vibe coded apps. AI coding is a boon, a threat, and an opportunity: it dramatically increases the ease of development; threatens the release of insecure apps – but presents an opportunity for true security by design. The basic problem is that the security industry has taken 50 years to learn that the internet perimeter that requires protection is the individual identity of every single entity involved. We’re learning that now, but only after decades of applying different layers of security that would have been unnecessary if the internet itself had been built secure by design. However, we now have AI coding taking the internet by storm, and all we’ve learned over these past 50 years risks being discarded. AI coding does not build apps secure by design – it builds apps for speed and ease of development in building apps. New apps are being built by anyone, with or without any coding or security expertise, and including unprotected identities and recognized open source code containing known vulnerabilities. Atsign has launched AI Architect to tackle the problem – a problem recently summarized by Broadband-Testing Ltd. “Securing those generative and agentic apps has not exactly been top of the list of ‘to do’ tasks before sending said apps out into the wild. This is sugar coated ether candy for the cyber attackers, especially when those apps are in supply chain environments. But businesses are under pressure to maximize the ‘AI moment’ and gain that age-old competitive edge over their rivals, while DevOps teams simply want to pump out more and more AI apps.” The result is that new apps are likely to contain unknown vulnerabilities. But, and the key element of Atsign’s approach to security, the primary attack vector in almost all vulnerabilities is an identity. If the identity is secured, the vulnerability remains but is neutered.Advertisement. Scroll to continue reading. Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay Atsign already has experience in this. It secures all identities, both human and non-human, through advanced cryptology. Adversarial scans cannot recognize ciphercode as anything, never mind an identity. So, identities become invisible to attackers. Attackers are unable to attack what they cannot see, and the vulnerabilities cannot be exploited through credentials. Now Atsign has included this concept into the process of AI coding with its AI Architect product. AI Architect adds security value to vibe coding. “Most AI development tools stop at code generation. But enterprise AI development does not begin with code, it begins with architecture, governance, security boundaries, and system behavior,” explains Aparna Rayasam, CEO of Atsign. This is the purpose of AI Architect. It helps the developer specify the app’s purpose and produces finely tuned, precise prompts that force the agent to generate secure and only relevant code. The process is agnostic to the coding agent and LLM chosen by the developer – it simply requires the agent to be configured to use AI Architect’s own custom MCP server. The MCP (dubbed AAIA for ‘Atsign AI Architect’) is a set of mechanisms and policies ensuring every interaction between every resource involved is authenticated, authorized, encrypted and governed by the context it provides. Each resource is assigned its own unique cryptographic identity, with privileges and policies controlling what each identity can do. The cryptographic keys are non-custodial, ensuring they belong solely to the developer and cannot be stolen from Atsign’s relay servers. Even if an Atsign server is compromised, it can only contain ciphertext, no cleartext or credentials. Through these means, all the resources used in the app development are invisible to any attacker. No ports or public APIs remain open and an attacker has nothing to scan. An AI Architect agent-coded app maintains Atsign’s concept of security through invisibility. The tool helps the user to build a ‘blueprint’; a high-level description of the app’s purpose. Major coding agents are increasingly allowing this to avoid hallucinated outcomes in the code creation process. In this case the blueprint is developed within AI Architect. The blueprint, combined with the MCP’s security rules and build instructions generates and exports JSON-based prompts that include all the necessary instructions and SDK references. The user pastes these prompts into the chosen coding agent, and the agent builds the app. The process builds context-based, deterministic and precise prompts that ensure the coding agents neither adds to nor misconstrues any of the prompt instructions. The developer can achieve the speed and ease of agentic coding, while the CISO can release the app to the world with heightened confidence. The design concept behind AI Architect is solid. The intent is to produce an AI generated app like a polished steel ball. This steel ball may not be invisible to adversaries, but it is difficult to find any structural flaw that will allow entry. Even if the attackers get inside the app they will see nothing to exploit – all credentials are hidden by the cryptographic cloak of invisibility. This is security by design; and the design is complete invisibility. Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay Related: The Credential Crisis: How Stolen Credentials Defeat Modern Security Related: The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore Related: Venom Stealer Raises Stakes With Continuous Credential Harvesting Related: OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds Written By Kevin Townsend Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Kevin Townsend OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in SecondsOffroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity RiskSecurity of 100 AI Agents Tested and Ranked – What You Need to KnowTwo New Reports Offer Competing Explanations for Cybersecurity’s Growing CrisisExclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at RiskRussia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge CyberattacksNew Edamame Platform Aims to Catch AI Coding Agents Going Off the RailsThe Credential Crisis: How Stolen Credentials Defeat Modern Security Latest News SAP Patches Critical NetWeaver, Commerce VulnerabilitiesOver 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain AttacksWill AI Kill the Bug Bounty Industry?Check Point VPN Zero-Day Exploited in Qilin Ransomware AttacksGoogle Patches 5th Chrome Zero-Day Exploited in 2026A Security Raises $37 Million for Autonomous Offensive Security PlatformEverybody Is Vibe Coding But Nobody Told the Security TeamWhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Third-Party Risk in Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register Virtual Roundtable: CISO Forum 2026 Mid-Year Review June 10, 2026 Ex

Entities