Blog

Pranav Shikarpur

As companies increasingly turn to AI-driven systems to support customer interactions through systems like chatbots and streamline operations, Retrieval-Augmented Generation (RAG) has become a popular framework for enhancing large language models (LLM...

Oct 31, 2024

Keith Casey

When we look at the current state of generative AI, we think of products like ChatGPT, Google Gemini, Claude, and similar. Those are all publicly available tools trained on public data and useful for general topics for a general audience. But if we e...

Oct 30, 2024

Vanessa Villa

It’s been a few months since Microsoft Build 2024 where one of the highlights was the launch of the Pangea extension for GitHub Copilot. Pangea was able to interface with Copilot Chat, bringing security into the development environment. Developers ...

Oct 29, 2024

Bruce McCorkendale

Pangea is proud to announce the general availability of Secure Share. Secure Share is a set of APIs that make it easy to add secure file sharing to your application. Apps often need to send and receive sensitive files - such as a mortgage applicatio...

Oct 16, 2024

Romana Vasyleha

Where AI-Powered Software is Going, We Need Secure, Paved Roads Organizations are rushing to build AI applications using Retrieval-Augmented Generation (RAG) and agentic architectures that integrate enterprise and customer data with large language mo...

Oct 15, 2024

Vanessa Villa

Introduction Access control is a vital component of both operational security and compliance, especially in the Healthcare space. Access control systems help protect sensitive patient data, ensure the safety of patients and staff, and maintain the in...

Oct 4, 2024

Pranav Shikarpur

In recent years, large language models (LLMs) like GPT-3 and GPT-4 have revolutionized how enterprises, especially in healthcare and finance, process and interact with data. These models enhance customer support, automate decision-making, and generat...

Oct 3, 2024

Bruce McCorkendale

If you need to know when a token stored in Vault is expiring or rotating, you can now set a watch to get notification emails in advance of the change, and when it occurs. You can add project members to a watch so that they will receive notification ...

Oct 1, 2024

Bruce McCorkendale

We are happy to announce that today, Pangea is launching the Sanitize API to ensure that PDF documents are cleansed of dangerous and sensitive content such as: Malware, including file format irregularities that could be exploitable Links to dangero...

Sep 30, 2024

John Gamble

Do you remember when and where you first used an AI-powered product that caused you to question reality? I do. In the spring of 2022, I tested a synthetic text-to-voice app that was so uncannily realistic that I briefly questioned if it was truly AI ...

Sep 19, 2024

Vanessa Villa

What is ABAC? Attribute-based Access Control is an authorization schema that allows for fine-grained access policies to be created based on attributes like location, time of day, and a user’s department. For a more detailed look as to the benefits of...

Sep 10, 2024

Keith Casey

All of access control comes down to one fundamental question: How do we grant the right access to the right things to the right people and systems for the right amount of time? Every other question addresses an aspect or nuance within that question. ...

Sep 10, 2024

Romana Vasyleha

Composable Security APIs highlighted in new Gartner Hype Cycle report. As cloud applications grow and AI-powered software becomes more prevalent, a Composable Security API approach to security is essential for building and scaling your apps efficient...

Sep 10, 2024

Pranav Shikarpur

Your data has been exposed—and not because of a classic bug, but because your LLM accidentally leaked it. Sensitive information disclosure is a growing concern, especially with the rise of Large Language Models (LLMs) in our apps. This vulnerability ...

Sep 5, 2024

Michael Weinberger

In the ever-evolving landscape of AI code generation and developer assistance tools, providing users with accurate and relevant information quickly is crucial. To help ensure that developers can swiftly and easily add security features to their produ...

Sep 5, 2024

Vanessa Villa

What is authorization (AuthZ)? Authorization is a cornerstone of enterprise security. It dictates who can access specific resources, what actions they can perform, when, and the authorization logic can be as rigorous as to include attributes such as ...

Sep 4, 2024

Baruch Mettler

Account takeover (often abbreviated as ATO) is a compromise where a user has lost control of their authentication credentials resulting in them being exposed to malicious actors. These credentials are then used to commit data theft, fraud, and other ...

Sep 3, 2024

Vanessa Villa

"Your data may have been exposed". The reason you hear this statement is to meet compliance with the Health Insurance Portability and Accountability Act (HIPAA). This law is a critical aspect of protecting sensitive patient information and identifia...

Aug 22, 2024