Moltbot (formerly Clawdbot) exploded in popularity. Thousands of instances spun up in days. Most people followed quick-start tutorials that skip security entirely.

The result? Shodan searches for "Clawdbot Control" return exposed dashboards with:

• Shell command execution
• Browser automation (CDP)
• API keys, OAuth tokens, bot credentials
• Full conversation histories
• Ability to impersonate users across WhatsApp, Telegram, Discord, Slack

This isn't theoretical. Security researcher Matvey Kukuy demonstrated a prompt injection attack: send a malicious email to an exposed instance, the AI reads it, believes it's legitimate instructions, forwards victim's emails to attacker. Five minutes start to finish.

Quick Self-Check

Before reading further, find out if you're exposed:

# Replace with your public IP
nmap -p 18789,18791

Results:

• filtered or closed → You're probably fine, but keep reading to verify
• open → You have a problem. Keep reading.

If you're on a home network and didn't port forward, you're likely okay. But if you used ngrok, Cloudflare Tunnel, or similar to get "remote access" — that counts as exposed.

Choose Your Path

Where is your Moltbot running, and what matters to you?

The tradeoff is the same regardless of deployment:

Neither is wrong. Pick based on whether you value convenience or independence.

🏠 Home + Tailscale (Fast Setup)

Time: ~10 minutes
Complexity: Low
External dependency: Tailscale coordination servers

This is the path of least resistance. Moltbot has Tailscale support built-in. You're not adding something new — you're turning on something that's already there.

What You're Getting

+-------------------------------------+
|  Home Network                       |
|  +-------------------------------+  |
|  |  Mac Mini                     |  |
|  |  +- Tailscale daemon          |  |
|  |  +- Moltbot (localhost:18789) |  |
|  +-------------------------------+  |
|                                     |
|  Router: No port forwarding         |
|  Firewall: Default (nothing open)   |
+-------------------------------------+
              ^
              |
       Tailscale mesh (encrypted)
              |
              v
       Your phone/laptop (anywhere)

• Gateway binds to localhost only
• Tailscale Serve provides HTTPS + handles routing
• No router configuration needed
• No dynamic DNS
• Access from anywhere on your tailnet

What You're Trusting

Tailscale's coordination servers handle connection brokering. They see:

• Device metadata (IPs, hostnames)
• When devices connect

They don't see:

• Your traffic (end-to-end encrypted via WireGuard under the hood)
• What you're doing on Moltbot

If this tradeoff bothers you, jump to Home + WireGuard.

Setup

1. Install Tailscale on your Mac Mini:

# macOS
brew install tailscale
# Or download from https://tailscale.com/download/mac

# Linux
curl -fsSL https://tailscale.com/install.sh | sh

# Start and authenticate
sudo tailscale up

2. Install Tailscale on your phone/laptop(s):

Same account. They'll automatically join your tailnet.

3. Configure Moltbot:

Edit your config (~/.moltbot/config.json or via moltbot configure):

{
  "gateway": {
    "bind": "loopback",
    "port": 18789,
    "tailscale": {
      "mode": "serve"
    },
    "auth": {
      "mode": "token",
      "allowTailscale": true
    }
  }
}

4. Restart Moltbot:

moltbot gateway restart
# or if running as service
sudo systemctl restart moltbot

5. Access from anywhere:

Your Moltbot is now available at https://<hostname>.<tailnet>.ts.net from any device on your tailnet.

Verify It's Working

# On your Mac Mini - should show tailscale serve active
tailscale status

# From your phone/laptop - should connect
curl https://..ts.net:18789/health

# From outside your tailnet - should fail
curl http://:18789/health  # timeout or refused

🏠 Home + WireGuard (Full Control)

Time: ~30 minutes
Complexity: Medium
External dependency: None

You want full control. No external services. You own every piece.

What You're Getting

+-------------------------------------+
|  Home Network                       |
|  +-------------------------------+  |
|  |  Mac Mini                     |  |
|  |  +- WireGuard server          |  |
|  |  +- Moltbot (localhost:18789) |  |
|  +-------------------------------+  |
|                                     |
|  Router: Forward 51820/udp only     |
+-------------------------------------+
              ^
              |
       Single UDP port (encrypted)
              |
              v
       Your devices (with WG config)

• One port forwarded through your router
• Connect via VPN → access localhost services
• Zero external dependencies

What You're Responsible For

• Port forwarding on your router
• Dynamic DNS if your home IP changes (or get a static IP)
• Key generation and distribution per device
• Updating configs when you add devices

Setup

1. Install WireGuard on your Mac Mini:

# macOS
brew install wireguard-tools

# Linux
sudo apt install wireguard

2. Generate server keys:

# macOS
cd /usr/local/etc/wireguard

# Linux
cd /etc/wireguard

umask 077
wg genkey | tee server_private.key | wg pubkey > server_public.key

3. Create server config:

macOS: /usr/local/etc/wireguard/wg0.conf
Linux: /etc/wireguard/wg0.conf

[Interface]
PrivateKey = 
Address = 10.200.200.1/24
ListenPort = 51820

# Your phone
[Peer]
PublicKey = 
AllowedIPs = 10.200.200.2/32

# Your laptop
[Peer]
PublicKey = 
AllowedIPs = 10.200.200.3/32

4. Generate client keys (repeat per device):

wg genkey | tee phone_private.key | wg pubkey > phone_public.key

5. Client config (e.g., phone):

[Interface]
PrivateKey = 
Address = 10.200.200.2/24
DNS = 1.1.1.1  # or your preference

[Peer]
PublicKey = 
Endpoint = :51820
AllowedIPs = 10.200.200.0/24
PersistentKeepalive = 25

Note: This config uses split tunneling — only traffic destined for your Moltbot network (10.200.200.0/24) goes through the VPN. Your normal internet browsing stays on your local connection, so speeds aren't affected.

If you wanted all traffic routed through your home server (full tunnel), you'd use AllowedIPs = 0.0.0.0/0 instead. But for just accessing Moltbot, split tunnel is what you want.

Import this config into the WireGuard app on your phone/laptop.

6. Router config:

Forward UDP port 51820 to your Mac Mini's local IP. Every router is different, but look for "Port Forwarding" or "NAT" settings.

7. Dynamic DNS (if needed):

If your ISP gives you a dynamic IP, set up DDNS:

• Free options: DuckDNS, No-IP, Dynu
• Many routers have built-in DDNS clients

8. Start WireGuard:

# Start
sudo wg-quick up wg0

# Auto-start on boot (macOS)
sudo brew services start wireguard-tools

# Auto-start on boot (Linux)
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

9. Configure Moltbot:

{
  "gateway": {
    "bind": "loopback",
    "port": 18789,
    "auth": {
      "mode": "token",
      "token": ""
    }
  }
}

Verify It's Working

# On a client device, connect to WireGuard first, then:
curl http://10.200.200.1:18789/health

# From public internet (should fail)
curl http://:18789  # timeout

# Only 51820 should be reachable from outside
nmap -sU -p 51820   # should show open
nmap -p 18789        # should show filtered

☁️ Cloud VPS + WireGuard (Recommended for Cloud)

Time: ~30 minutes
Complexity: Medium
External dependency: None (just your VPS)

You're running Moltbot on AWS Free Tier, Hetzner, or similar. By default, everything is exposed. Lock it down to a single port.

What You're Getting

+--------------------------------------+
|  AWS Free Tier Instance              |
|  +--------------------------------+  |
|  |  WireGuard server (51820/udp)  |  |
|  |             |                  |  |
|  |             v                  |  |
|  |  Moltbot (127.0.0.1:18789)     |  |
|  +--------------------------------+  |
|                                      |
|  Security Group:                     |
|  - ALLOW 51820/udp from 0.0.0.0/0    |
|  - DENY everything else inbound      |
+--------------------------------------+
              ^
              |
       Your devices (WireGuard clients)

Setup

1. Security Group (AWS Console or CLI):

Start with only SSH for initial setup:

# After WireGuard is working, your security group should only have:
aws ec2 authorize-security-group-ingress \
  --group-id  \
  --protocol udp \
  --port 51820 \
  --cidr 0.0.0.0/0

2. Install WireGuard on the instance:

sudo apt update && sudo apt install -y wireguard

3. Generate keys:

cd /etc/wireguard
umask 077
wg genkey | tee server_private.key | wg pubkey > server_public.key

4. Server config (/etc/wireguard/wg0.conf):

[Interface]
PrivateKey = 
Address = 10.0.0.1/24
ListenPort = 51820

[Peer]
PublicKey = 
AllowedIPs = 10.0.0.2/32

5. Enable and start:

sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

6. Firewall (belt and suspenders with security group):

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 51820/udp
sudo ufw enable

7. Configure Moltbot:

{
  "gateway": {
    "bind": "loopback",
    "port": 18789,
    "auth": {
      "mode": "token",
      "token": ""
    }
  }
}

8. Client config (your laptop/phone):

[Interface]
PrivateKey = 
Address = 10.0.0.2/24

[Peer]
PublicKey = 
Endpoint = :51820
AllowedIPs = 10.0.0.0/24
PersistentKeepalive = 25

Note: This config uses split tunneling — only traffic destined for your Moltbot network (10.0.0.0/24) goes through the VPN. Your normal internet browsing stays on your local connection, so speeds aren't affected.

If you wanted all traffic routed through your AWS instance (full tunnel), you'd use AllowedIPs = 0.0.0.0/0 instead. But for just accessing Moltbot, split tunnel is what you want.

9. Remove SSH from security group:

Once WireGuard is working, you can SSH over the tunnel:

ssh user@10.0.0.1

Then remove port 22 from your security group entirely.

Verify

# Connect via WireGuard, then:
curl http://10.0.0.1:18789/health

# From public internet:
nmap -p 18789,18791,22   # all should show filtered/closed
nmap -sU -p 51820        # should show open

☁️ Cloud VPS + Tailscale (Fast Setup)

Time: ~10 minutes
Complexity: Low
External dependency: Tailscale coordination servers

Same as the home Tailscale setup, but on your VPS. The advantage: zero ports open to the public internet.

What You're Getting

+--------------------------------------+
|  AWS Free Tier Instance              |
|  +--------------------------------+  |
|  |  Tailscale daemon              |  |
|  |             |                  |  |
|  |             v                  |  |
|  |  Moltbot (127.0.0.1:18789)     |  |
|  +--------------------------------+  |
|                                      |
|  Security Group: DENY ALL inbound    |
+--------------------------------------+
              ^
              |
         Tailscale mesh
              |
              v
         Your devices

Setup

1. Initial access:

You'll need SSH temporarily for setup. Keep port 22 open in your security group until Tailscale is working.

2. Install Tailscale:

curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up

Follow the auth link to add the instance to your tailnet.

3. Configure Moltbot:

{
  "gateway": {
    "bind": "loopback",
    "port": 18789,
    "tailscale": {
      "mode": "serve"
    },
    "auth": {
      "mode": "token",
      "allowTailscale": true
    }
  }
}

4. Enable Tailscale SSH (optional but recommended):

sudo tailscale up --ssh

Now you can SSH via Tailscale:

ssh user@..ts.net

5. Lock down security group:

Remove ALL inbound rules. Yes, including SSH. You access everything through Tailscale now.

Verify

# From your tailnet:
curl https://..ts.net:18789/health

# From public internet (should all fail):
nmap -p 18789,18791,22   # all filtered/closed

Universal Checklist

Regardless of which path you took, verify these:

• [ ] Moltbot binds to loopback (127.0.0.1), NOT 0.0.0.0 or LAN
• [ ] No ports forwarded directly to Moltbot (18789, 18791)
• [ ] No ngrok/Cloudflare tunnels pointing to Moltbot
• [ ] Gateway auth token is set and strong
• [ ] Can access Moltbot through your tunnel (Tailscale or WireGuard)
• [ ] Cannot access Moltbot from public internet

Quick verification commands:

# From OUTSIDE your tunnel - these should all fail/timeout:
curl http://:18789/health
curl http://:18791/health

# Shodan check (replace with your IP range):
# Search: port:18789 net:
# Should return nothing

What NOT To Do

❌ gateway.bind: "lan" or "0.0.0.0" with ports exposed

This is how you end up on Shodan.

// DON'T DO THIS
{
  "gateway": {
    "bind": "lan"
  }
}

❌ Port forwarding 18789 through your router

You've just exposed shell access to the internet.

❌ ngrok / Cloudflare Tunnel to the gateway

These give you a public URL. That's the opposite of what you want.

# DON'T DO THIS
ngrok http 18789

❌ Tailscale Funnel without password auth

Funnel makes your service public. If you must use Funnel (you probably don't), enforce gateway.auth.mode: "password". Moltbot refuses to start Funnel without this, for good reason.

// If you MUST use Funnel (think twice)
{
  "gateway": {
    "tailscale": {
      "mode": "funnel"
    },
    "auth": {
      "mode": "password",
      "password": ""
    }
  }
}

❌ "I'll add auth later"

You won't. Do it now.

Summary

The choice isn't about skill level. It's about what you value:

• Convenience → Tailscale
• Independence → WireGuard

Both are free. Both work. Pick one and actually do it.

Further Reading

• Moltbot Security Docs
• Moltbot Tailscale Integration
• Tailscale Serve
• WireGuard Quick Start

Don't be the next Shodan screenshot.

Now before I get hate for saying Rust is the better C, let me break down why I think it is better than both Python and C.

Why is Python so popular? I think anyone with the knack for programming or someone whose knowledgeable in syntax simplicity can agree that Python is easy to learn. It’s simple structure for create functions like:

def greet(name):
    return f"Hello, {name}!"

message = greet("World")
print(message)

OR simple if else:

def auth(code):
    if code == 'areallysecurecode123':
        return True
    else:
        return False

But, honestly, the real reason Python is so popular is it's extensive libraries. Everyone who is creating machine learning models leans towards Python because of that. Pandas, Tensor all essential to operations and with new ones like PufferLib rising as well for some applications no wonder people choose it.

What about C? C is the OG. The grandfather of modern programming languages. It's been around since 1972 and it still powers operating systems, embedded systems, and performance-critical applications. When people say "close to the metal," they mean C. Here's how those same functions look:

#include <stdio.h>
#include <string.h>

void greet(const char *name) {
    printf("Hello, %s!\n", name);
}

int main() {
    greet("World");
    return 0;
}

And the auth function:

#include <stdbool.h>
#include <string.h>

bool auth(const char *code) {
    if (strcmp(code, "areallysecurecode123") == 0)
        return true;
    else
        return false;
}

See what I mean about low-level? You're manually managing strings, dealing with pointers, and including headers for basic functionality. The power is undeniable, C gives you direct memory access and blazing speed. But that power comes with responsibility. One wrong pointer and you've got segfaults, buffer overflows, or worse: silent memory corruption that haunts you in production.

Well, how is Rust better than both? With Rust you get C-level performance without the footguns. No garbage collector slowing you down like Python. No manual memory management nightmares like C. The Rust compiler enforces memory safety at compile time through its ownership system. You literally cannot compile code with data races or null pointer dereferences.

fn greet(name: &str) -> String {
    format!("Hello, {}!", name)
}

fn main() {
    let message = greet("World");
    println!("{}", message);
}

And auth:

fn auth(code: &str) -> bool {
    code == "areallysecurecode123"
}

Clean, right? Almost as readable as Python, but with C's speed. So why are companies eyeing Rust for ML? Speed without sacrifice. Hugging Face built their tokenizers library in Rust (with Python bindings). We're talking up to 100x faster than pure Python. Their candle framework is bringing native Rust ML inference. Discord rewrote critical services in Rust and slashed resource usage. Cloudflare runs Rust at the edge.

When you're running inference on millions of requests, Python's GIL and interpreter overhead become bottlenecks. C could do it faster, but one memory bug in production ML infrastructure? Catastrophic. Rust gives you that performance ceiling with a safety net built into the language itself. Rust's ecosystem isn't as large as Python's, but that is changing. The learning curve is steep and the borrow checker will humble you. But once it clicks, you'll wonder how you ever trusted yourself with malloc().

Some Background

The first company I worked for at 21 as a self-taught software developer was in the SaaS space. We had several platforms. We had our main customer hubs, but the focus of today is the one platform that was used as a process for the others with call reviews. It was responsible for handling call reviews and had users from all over the world on it. There was a big issue though where we constantly had issues where users were utilizing TamperMonkey, a firefox extension that allowed client side automated script execution, to automate reviews causing incorrect data. This had been going on for years and there were some problems, where records had missing data, which would break automated processes.

The CEO at the time had even brought it to everyone’s attention because this affected everything. I saw this as an opportunity to show my skills, so I dove in headfirst.

OSINT(Open Source Intelligence):

\ the practice of gathering information from publicly available sources. This includes a wide range of information found on the internet, in print, or through other open channels.

Think of OSINT as like the easy mode for intelligence gathering. Many agencies and law enforcement are known to use this to their advantage. Anything posted on the internet that is public facing is free game for someone to find and use in a goal they have. Used ethically it can be a game changer for tracking down things, people etc.

I knew the users that had been cheating because they all followed a systematic pattern. Now how do I find out who these people are? At least one of them made a major mistake using their personal email on the account.

Google Dorking:

\ A technique that employs advanced search queries to uncover information on the internet that might not be readily accessible through standard searches. It leverages Google's search capabilities to locate specific text strings.

I went to Google and used a technique called Google Dorking to searched with the email that they used and lo and behold: an accurate full name. I started searching facebook next to locate him, I knew they were from Venezuela because of their IP and previous knowledge of users from their cheating. I found one that I thought was actually him, but wasn't sure. I switched to looking for facebook groups that were tied to these actions. This ended up being fruitful because one group was public(and to this day still is) with posts about TamperMonkey.

To maintain anonymity, I created a fake facebook profile following similar characteristics of others within the group. I had a Venezuelan flag as my background and a picture of a famous soccer player from there. I needed to get into the group next, so I just submitted requests to join and surprisingly they just let me in. I joined the group and now I had a list of at least 100 known people actively cheating or trying to.

Where was the script? I didn't see it in the group, but it looked like there was a facebook message group, I requested to join and they let me in. All of the messages were in spanish and even though I knew some I used Google Translate to see what they were saying. It seemed the group had a main person who built it and then was selling it for ~$15. I bought it and now had the means to at least patch one version of it.

Script Kiddie:

\ A person who uses existing computer scripts or code to hack into computers, lacking the expertise to write their own.

It seemed that ~90% of the people using the script had no idea what is was doing actually and required a ton of help to get it working. That worked to my advantage because that means there are less people with actual technical knowledge.

I even found the creator of the script on LinkedIn which was fairly crazy. He was a professor at a college in Venezuela. It's pretty crazy what you can find on the internet from just an email.

From there I looked at the script -> reverse engineered it -> wrote notes about how it works.

Honey-patch:

\ A deceptive security measure that involves deploying software patches that, while appearing to fix vulnerabilities, actually mask the fact that the vulnerability has been addressed, and in some cases, even simulate the vulnerability being exploited, but with the outcome redirected to the defender.

I used a honey-patch of sorts to "patch" the system and log the users that were flagged. I watched this for a while initially and once I felt it was accurate enough I pushed the change to production. It started catching tons of users and I had to push back some because a lot of users were complaining they were caught. Some of course were false positives which were corrected, but that script sat there actively catching users of that version of the script. It wasn't an end-all solution, but pushed back.

At the time, I was the only person still working on it and this lead me to working on helping solve another bug, which seemed related because of data patterns that the CEO asked me to look at as well. I helped fix this one almost completely, but before I could COVID happened and unfortunately it was no longer a priority. It's unfortunate I didn't have time to provide a final fix, but I did what I could with the time I had. If I had more time, the endgame would have been a machine learning–driven detection system leveraging authentication patterns, IP history, timing analysis, and server-side behavioral monitoring to detect and block malicious automation in real time.

For all my hard work over months I was awarded 25 bobbleheads that the CEO had made for me. It's wild how this all started with me using social engineering to gain access to code used against the platform. I had a lot of growth there and learned so much about myself and how to work with a team. Those early days solving such complex problems will always be remembered. #HackerFarm

Even if your login flow is bulletproof, compromised or malicious accounts can still wreak havoc from the inside and that’s why IAM must go beyond just authentication.

What’s Next?

IAM is just the foundation of my new Monday series: Modern Identity & Access.

Coming soon:

• What makes CIAM (Customer IAM) different

• WebAuthn & Phishing-Resistant MFA: Is Bio-Based MFA the Final Boss?

• Why MFA is more than a checkbox

• What XIAM is and why it’s emerging now

• The Identity Threat You’re Ignoring: Session Hijacking and Token Theft

Follow along to understand how identity is shaping the future of secure, scalable systems.

Sure, you could Google it. Or ask ChatGPT.
But OneLogin’s blog and learning center already have the answers and fewer hallucinations.

Most people in the industry today know this term →

Seed Dataset:

\ a small, initial set of data used to train or guide machine learning models often curated or labeled to bootstrap learning, classification, or data expansion

It’s typically the first step in building a modern model. That term and conversation sparked an idea that I scribbled down on a sheet of yellow legal paper a simple but powerful realization:

True AGI will need to be pretrained on seed datasets and instinctive wiring just like how humans are preloaded with information when they are born

Which led to the idea of what is needed for true AGI as we compare AGI to human intelligence.

Seed Logic:

\ the foundational rules, instincts, or heuristics preloaded into an intelligent system before it begins learning.

This is what I call the foundational layer of what will be AGI.

Think about it; humans aren’t born as blank slates.
We come into the world with innate wiring:

• A sense of spatial awareness

• Primitive logic and reasoning

• Facial recognition

• Emotional triggers like fear or joy

These hardwired instincts form the basis for how we interpret and interact with the world.

Most LLMs and generative AI models don’t have that.
They’re statistical engines trained on massive datasets of text and while they’re powerful, they still hallucinate. A lot.

But here’s what’s wild:
Today’s best models don’t learn everything from scratch either.
They’re pretrained on filtered, instruction-tuned, or curated datasets just like the “seed” knowledge I envisioned back then.

Some of the top AI researchers today argue that “foundational models” need baked-in reasoning frameworks or symbolic logic; the same thing I was getting at eight years ago:
Give the model a foundation to build off of, not just data to pattern match.

And when you think about it...
The best tech we’ve ever built mimics nature.
From neural networks mimicking the brain to reinforcement learning mirroring how we learn through trial and error we're not building from scratch, we're building from what already works.

Biomimicry:

\ the design and production of materials, structures, and systems that are modeled on biological entities and processes.

Take flight, for example.

Birds have been perfecting aerodynamics for millions of years.
When humans wanted to take to the skies, we didn’t invent flight from scratch we studied wings, lift, and gliding patterns.

• The Wright brothers looked at how birds tilted their wings to steer, which led to the concept of wing warping a core principle in early flight (Smithsonian Air & Space).

• Modern aircraft wings (airfoils) are inspired by the curvature of bird wings, optimizing lift and reducing drag (NASA Glenn Research Center).

• Drones and VTOL aircraft often mimic the flight mechanics of hummingbirds, bees, and even bats because nature’s design is already proven through evolution (National Geographic).

And it doesn’t stop with flight.

Nature has inspired some of the most powerful breakthroughs in tech:

• Velcro was invented after studying how burrs stuck to dog fur (Velcro Official History).

• Sharkskin-inspired materials are now used on swimsuits and ship hulls to reduce drag and bacteria (Nature - Bioinspiration in Marine Design, Sharklet Technologies).

• Termite mounds inspired architects designing sustainable buildings with natural airflow systems (Biomimicry Institute).

• Spider webs influenced next-gen materials that are light, flexible, and insanely strong (Scientific American).

Even in computing:

• Neural networks are modeled after the structure of the human brain (Deep Learning, Goodfellow et al.).

• Genetic algorithms mimic evolution random mutations, selection, and survival of the fittest to solve complex optimization problems (Holland, J.H., 1975).

• Swarm intelligence in robotics and traffic systems is modeled on the behavior of ants, birds, and fish moving collectively with simple rules (IEEE Swarm Intelligence Research).

When we follow nature, we’re not copying; we’re learning from billions of years of R&D we didn’t have to pay for.

So it’s no surprise that when we talk about AGI, the same principle applies.

We shouldn’t expect true intelligence to emerge from a blank slate because humans aren’t blank slates either.
We have biases, instincts, logic patterns, and the ability to override them.

If we want to build an AI that thinks like us, or better than us, it needs more than just data it needs the right starting point.

A seed.

Diagram: The role of seed data in AGI

                      +-------------------------+
                      |     Seed Knowledge      |
                      |  (Rules, logic, bias,   |
                      |   instincts, ethics)    |
                      +-----------+-------------+
                                  |
                                  v
               +------------------+------------------+
               |   Pretraining on Curated Datasets   |
               |  (text, symbols, images, math, etc) |
               +------------------+------------------+
                                  |
                                  v
                   +-----------------------------+
                   |    Reasoning Framework      |
                   |(Symbolic Logic, Constraints)|
                   +-----------------------------+
                                  |
                                  v
                      +--------------------+
                      |   Fine-Tuning via  |
                      |   Environment or   |
                      |    Human Feedback  |
                      +--------------------+
                                  |
                                  v
                      +--------------------+
                      |  Intelligent Agent |
                      |   (Emergent AGI?)  |
                      +--------------------+

This seed will contain all preloaded logic / rules that it can follow. Which paths to take when “learning”. How it will handle unforeseen obstacles. What it can and cannot do.

Examples of Curated "Seed" Logic for AGI:

We have built reasoning before into many different systems such as for defense companies, but I think the ability for a system to have "Seed" logic that can be refined as it learns plus true reasoning with "Morals" will be the advent of AGI.

What’s Next?

This is just the beginning of my new Thursday series: AI & the Future of Security, where I explore the big ideas shaping how we think about artificial intelligence, digital trust, and what comes next in cybersecurity and society.

Coming soon:

• The Ethical Seed: How to Preload Morality into AI Systems

• How Vector Databases Make LLMs Smarter (and Less Dangerous)

• Should Your AI Have a Memory?: Balancing Privacy, Identity, and Persistence

• Can AGI Be Trusted with Autonomy?: Designing Constraints that Actually Work

• [REDACTED]

Follow along if you’re into AGI alignment, human-centric AI, and the security implications that come with intelligent systems. I’ve spent nearly a decade building real tech and I’m fascinated by what it means to do it responsibly.

Sure, you could Google it. Or ask ChatGPT.
But OneLogin’s blog and learning center already have the answers and fewer hallucinations.

From asking how to do a recipe to fixing HVAC issues it has become an integral part of so many lives. Fact is, some companies have been working on machine learning for a long time like Google who integrated machine learning for spell check 2001.

There is one major issue with LLMs and that is hallucinations. Hallucinations are like statistical fluctuations within its guesswork. Guesswork you say?!? Yes - primarily LLMs are statistical analysis in which there is no true intelligence simply retrieval of data that statistically matches what you are looking for. Apple even wrote a white paper the illusion of thinking on how the LRM(Large Reasoning Models), which is built on top of LLMs, are not true intelligence and just hallucinate to a statistically ‘close’ answer. Does this mean LLMs will fall short in our search for true artificial intelligence? Yes, it is not an end all be all tool.

 But I digress, LLMs are still an incredibly powerful tool that can handle so many different tasks to make jobs easier. The real question is how do we limit hallucinations within LLMs?

With RAG(Retrieval Augmented Generation) & fine tuning. I will give you an example to better explain:

Let’s say you have a company with public-facing documentation on different products. You want your customers to more easily search / use that documentation and possibly lower the amount of time support uses for talking to customers, but don’t want to upload it into an internet based LLM like ChatGPT. You are also afraid of hallucinations causing issues by providing customers with incorrect information. 

There is a solution:

1.) Utilize an open source model like Mistral-7B-Instruct or Mistral-7B which checks all the boxes

• Open weight license (Apache 2.0 or similar) → fully commercial use

• Fast and efficient → excellent for inference and fine-tuning

• Supported by major frameworks: HuggingFace Transformers, vLLM, and more

• With great ecosystem with tools like:

  • LangChain

  • LlamaIndex

  • Qdrant, Weaviate, Pinecone, ChromaDB, etc.

2.) Host that model locally, on a server on-prem, or if you are not against it in the cloud such as AWS, Azure, or Machine Learning specific hosting services.

3.) Use Langchain(my personal preference) or similar to create a RAG(Retrieval Augmented Generation) based system for your needs. This comprises typically of a model(Mistral-7B), a vector database, and your documents that are the facts.

4.) Once those systems are built we feed the vector database the information we want to use as the facts. This is where the RAG comes into play. You search your vector DB for the information then use the model to create the response in a grounded way. There is no need for the model to know anything other then how to formulate a response that is more easily digestible than “a+b=c” instead it says “based on your question you can do a+b=c because it fits more to your problem”. Of course you can remove the Model and just retrieve information like a powerful search engine, but as humans that’s not ideal. Why is that??

Humans are inherently biased toward human-sounding responses
We’re wired to:

• Trust conversational tone more than raw data

• Interpret empathy and context as signs of intelligence

• Assign intent, reasoning, and meaning to well-structured language — even when none exists

That’s exactly why LLMs feel so convincing -
They don’t truly understand, but they sound like they do and that’s enough for our brains to trust them.
Even if the model is just rephrasing something like:
“You can reset your device by holding the power button for 10 seconds,”
it sounds more trustworthy when framed like:
“No problem! Based on what you’re asking, it sounds like your device might need a reset. You can do that by holding the power button for about 10 seconds that should do the trick.”

                   +-------------------+
                   |   User Query      |
                   +-------------------+
                             |
                             v
                   +-------------------+
                   |   Search Vector   |
                   |   Database (e.g., |
                   |   ChromaDB, etc)  |
                   +-------------------+
                             |
         +-------------------+-------------------+
         |                                       |
         v                                       v
+-------------------+                +-----------------------+
|  Retrieved Chunks |                |   Open Source LLM     |
|  (Relevant Docs)  |                |   (e.g., Mistral-7B)   |
+-------------------+                +-----------------------+
         |                                       ^
         +-------------------+-------------------+
                             |
                             v
                   +-------------------------+
                   |   Response Generator    |
                   | (LLM crafts answer from |
                   |   doc + prompt context) |
                   +-------------------------+
                             |
                             v
                   +-------------------+
                   |   Final Answer    |
                   +-------------------+
                             |
                             v
                   +---------------------------+
                   |  Feedback Logging System  |
                   | (Log uncertain responses, |
                   | enable fine-tuning later) |
                   +---------------------------+

5.) Once you have your system built with RAG then next thing to do is test it. Going through it internally or within close peers to have them find flaws. You’ll still have some slight issues, but you can check for the confidence of a models answer. If it doesn’t reach a specified limit, return “I’m sorry, but I was unable to find an answer to the question you are asking” -> Log that specific question that was asked and fine tune it for that or block that question if it wasn’t even contextually in that realm.

Once your RAG system is ready, you’ll likely want to make it public-facing. But how do you protect it from bots, abuse, or unauthorized users?

That’s where CIAM (Customer Identity and Access Management) comes in.

CIAM, or Customer Identity and Access Management, is essentially IAM tailored for customer-facing environments. It enables you to build a secure, slightly restricted portal where customers can easily sign up and access documentation or other services; while ensuring that only authorized users get through. A well-designed CIAM system becomes the foundation for a centralized customer experience and supports scalability as your platform grows.

You can build your own backend for access management using frameworks like PHP with Phalcon, Python with Django, or Node.js. However, in many cases, it’s more efficient to offload this responsibility to a platform like OneLogin CIAM. Offloading reduces technical overhead, avoids reinventing the wheel, and allows your team to focus on your core product.

OneLogin CIAM still offers full customizability via APIs and SDKs while providing out-of-the-box compliance with standards like GDPR, SOC 1 Type 2, SOC 2 Type 2, SOC 3, and following the NIST Cybersecurity Framework.

Regardless of which option you go with RAG, vector search, and grounded AI responses aren’t just technical challenges, they’re trust challenges. If your users can’t trust what the AI says (or who’s using it), the tech doesn’t matter.

What’s Next?

This is just the beginning of my new Tuesday series: Tech Tuesday, where I break down interesting technical systems, tools, and real-world projects and maybe how something works.

Coming soon:

• Reverse-Engineering a Scam from the Inside (with Social Engineering and Honeypots)

• Fixing LLMs with Real-Time Feedback Loops: Building a self-correcting RAG system

• Tracking User Behavior Without Cookies: Building lightweight, privacy-respecting session intel

• How I Built a Personal Threat Detection System: Using AI + browser fingerprinting

• What Happens When You Inject IAM Context into Frontend UI?: Designing apps that show trust levels, not just enforce them

Follow along if you’re into engineering, real security stories, and the code that makes it all possible. I've been in it for nearly 10 years and I love to learn what is possible and push the boundaries of what can be done.

Sure, you could Google it. Or ask ChatGPT.
But OneLogin’s blog and learning center already have the answers and fewer hallucinations.

IAM, short for Identity and Access Management, is a strategic framework that defines how identities are created, managed, and granted access to resources. It’s just as foundational to your architecture as network design or infrastructure planning.

Why IAM Matters

Today, every user, app, and device needs access and every access point is a potential vulnerability. A single misconfigured IAM policy can open the door to:

• Data breaches

• Compliance violations

• Ransomware attacks

The fallout? Millions in lawsuits, regulatory fines, and in some cases, companies going bankrupt.

Case Study: Petersen Health Care
After a breach that exposed sensitive identity data, the company filed for Chapter 11 bankruptcy citing over $295 million in debt. It's a stark example of how identity failures can threaten a business’s survival.

Confidence Is Harder to Rebuild Than Capital

Financial institutions may not always go bankrupt from breaches, but they can still lose almost everything when customers lose faith.

Example: TalkTalk (2015)
UK telecom TalkTalk lost 95,000 customers in the wake of a breach that exposed personal data. The cause? A basic SQL injection attack on an outdated webpage.

But the real issue wasn’t just the exploit, it was the lack of IAM enforcement.
The vulnerable application account had excessive privileges. With least privilege access and proper controls, the attacker wouldn’t have reached sensitive customer records even if the injection succeeded.

TalkTalk’s reputation never fully recovered.

A Shift in Priority

As cloud adoption accelerates and hybrid work becomes the norm, IAM is no longer just a backend IT concern — it’s a business-critical function. One that must be:

• Thoughtfully designed

• Continuously maintained

• Built with safeguards and redundancy in mind

Summary: Access = Risk

These examples underscore a crucial point: IAM misconfigurations, not just technical flaws, are often the weakest links in cybersecurity.

Whether you're a financial firm, healthcare provider, or tech company:

• Human targets (support agents, executives) are often entry points

• IAM must defend against misuse (phishing-resistant MFA, behavioral analytics, zero-trust enforcement)

  • Example: OneLogin’s SmartFactor Auth

• One missed deprovisioning step can have massive consequences

What’s Next?

IAM is just the foundation of my new Monday series: Modern Identity & Access.

Coming soon:

• What makes CIAM (Customer IAM) different

• WebAuthn & Phishing-Resistant MFA: Is Bio-Based MFA the Final Boss?

• Why MFA is more than a checkbox

• What XIAM is and why it’s emerging now

• Reverse-Engineering a Scam from the Inside (with Social Engineering and Honeypots)

Follow along to understand how identity is shaping the future of secure, scalable systems.

Sure, you could Google it. Or ask ChatGPT.
But OneLogin’s blog and learning center already have the answers and fewer hallucinations.

#IAM #CyberSecurity #AccessManagement #ZeroTrust #OneLogin #OneLoginByOneIdentity #OneIdentity #IdentitySecurity #PhishingResistance