A new agentic coding concept uses the cloak of invisibility to provide security by design in vibe coded apps.
AI coding is a boon, a threat, and an opportunity: it dramatically increases the ease of development; threatens the release of insecure apps – but presents an opportunity for true security by design.
The basic problem is that the security industry has taken 50 years to learn that the internet perimeter that requires protection is the individual identity of every single entity involved. We’re learning that now, but only after decades of applying different layers of security that would have been unnecessary if the internet itself had been built secure by design.
However, we now have AI coding taking the internet by storm, and all we’ve learned over these past 50 years risks being discarded. AI coding does not build apps secure by design – it builds apps for speed and ease of development in building apps. New apps are being built by anyone, with or without any coding or security expertise, and including unprotected identities and recognized open source code containing known vulnerabilities.
Atsign has launched AI Architect to tackle the problem – a problem recently summarized by Broadband-Testing Ltd. “Securing those generative and agentic apps has not exactly been top of the list of ‘to do’ tasks before sending said apps out into the wild. This is sugar coated ether candy for the cyber attackers, especially when those apps are in supply chain environments. But businesses are under pressure to maximize the ‘AI moment’ and gain that age-old competitive edge over their rivals, while DevOps teams simply want to pump out more and more AI apps.”
The result is that new apps are likely to contain unknown vulnerabilities. But, and the key element of Atsign’s approach to security, the primary attack vector in almost all vulnerabilities is an identity. If the identity is secured, the vulnerability remains but is neutered.
Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay
Atsign already has experience in this. It secures all identities, both human and non-human, through advanced cryptology. Adversarial scans cannot recognize ciphercode as anything, never mind an identity. So, identities become invisible to attackers. Attackers are unable to attack what they cannot see, and the vulnerabilities cannot be exploited through credentials.
Now Atsign has included this concept into the process of AI coding with its AI Architect product. AI Architect adds security value to vibe coding. “Most AI development tools stop at code generation. But enterprise AI development does not begin with code, it begins with architecture, governance, security boundaries, and system behavior,” explains Aparna Rayasam, CEO of Atsign. This is the purpose of AI Architect. It helps the developer specify the app’s purpose and produces finely tuned, precise prompts that force the agent to generate secure and only relevant code.
The process is agnostic to the coding agent and LLM chosen by the developer – it simply requires the agent to be configured to use AI Architect’s own custom MCP server.
The MCP (dubbed AAIA for ‘Atsign AI Architect’) is a set of mechanisms and policies ensuring every interaction between every resource involved is authenticated, authorized, encrypted and governed by the context it provides. Each resource is assigned its own unique cryptographic identity, with privileges and policies controlling what each identity can do.
The cryptographic keys are non-custodial, ensuring they belong solely to the developer and cannot be stolen from Atsign’s relay servers. Even if an Atsign server is compromised, it can only contain ciphertext, no cleartext or credentials.
Through these means, all the resources used in the app development are invisible to any attacker. No ports or public APIs remain open and an attacker has nothing to scan. An AI Architect agent-coded app maintains Atsign’s concept of security through invisibility.
The tool helps the user to build a ‘blueprint’; a high-level description of the app’s purpose. Major coding agents are increasingly allowing this to avoid hallucinated outcomes in the code creation process.
In this case the blueprint is developed within AI Architect. The blueprint, combined with the MCP’s security rules and build instructions generates and exports JSON-based prompts that include all the necessary instructions and SDK references. The user pastes these prompts into the chosen coding agent, and the agent builds the app. The process builds context-based, deterministic and precise prompts that ensure the coding agents neither adds to nor misconstrues any of the prompt instructions.
The developer can achieve the speed and ease of agentic coding, while the CISO can release the app to the world with heightened confidence.
The design concept behind AI Architect is solid. The intent is to produce an AI generated app like a polished steel ball. This steel ball may not be invisible to adversaries, but it is difficult to find any structural flaw that will allow entry. Even if the attackers get inside the app they will see nothing to exploit – all credentials are hidden by the cryptographic cloak of invisibility. This is security by design; and the design is complete invisibility.
Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay
Related: The Credential Crisis: How Stolen Credentials Defeat Modern Security
Related: The Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore
Related: Venom Stealer Raises Stakes With Continuous Credential Harvesting
Related: OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
