@correlic

Your AI Agent Got Poisoned Through a Tool Description. Here's Why Only the Kernel Saw It Coming.

Apr 20 · 13 min read · MCP tool poisoning is the attack you can't see in your UI. We built the defense you can see in your kernel. In Part 3, I covered how we taught Correlic's AI investigation layer to analyze security inc

I Built an AI System to Investigate AI Agents. Here's What I Learned About Making It Not Lie.

Apr 11 · 14 min read · *From raw incident timelines to confident, evidence-grounded analysis — the engineering decisions behind Correlic's AI investigation layer.* In [Part 2](https://correlic.hashnode.dev/your-ai-agent-mad

[Part 2] Building Correlic: Your AI Agent Made 70 System Calls Per Second. Here's How I Taught My System Which Ones Matter.

Apr 9 · 15 min read · From 200 daily alerts to 3 real incidents — the detection, baseline, and correlation systems that turned raw events into actionable security. In Part 1, I walked through the journey of capturing every

[Part 1] Building Correlic: Capturing Every Action Your AI Agent Tries to Hide

Apr 4 · 19 min read · In my last post, I talked about the security blind spot around AI coding agents — and why nothing in your existing security stack sees what they actually do on your machine. I promised I'd show you wh

Do You Actually Know What Your AI Coding Agent Did in the Last Hour?

Mar 31 · 7 min read · Right now, on your machine, there's probably a process tree you didn't spawn. It read files you didn't open. It made network connections you didn't ask for. It had access to your SSH keys, your cloud