Security Research & Updates
Threat intelligence, engineering deep-dives, and product updates from the Navil team.
Which MCP Client is Being Attacked? How Navil Agent Identity System Works
Use agent-prefix to namespace agent identities by client for full multi-client visibility and per-client security policies.
navil wrap vs navil shim -- What is the Difference and Why It Matters
Understanding the two-step pipeline: wrap rewrites your config, shim enforces security at runtime.
How 12 Statistical Detectors Catch Threats That Rules Cannot
Deep dive into Navil adaptive anomaly detection: 12 detectors, EMA baselines, trust scores, and the architecture that keeps security off the hot path.
Navil Watches Your Agents for a Week, Then Writes Your Security Policies
How the AI Policy Builder observes agent behavior and auto-generates security policies with human-in-the-loop approval.
Your Agent Can Read Your Codebase But Can Never Touch Your Secrets
How Navil policy engine uses YAML rules to control what tools agents can call, what data they access, and where they send it.
How Navil Cuts 94% of Your MCP Token Costs Without Breaking Anything
MCP dumps every tool schema into every agent session — 50,000+ tokens you're paying for but never using. Here's how context-aware scoping fixes it.
We Published the First Open Threat Taxonomy for AI Agents
11 attack classes, 30 detection categories, 200+ base vectors. The MITRE ATT&CK of agent security — published as open data.
Hello World: Welcome to the Navil Blog
Introducing the Navil blog — where we share security research, product updates, and insights on protecting AI agents from emerging threats.