Defensive Intelligence
Defensive
Intelligence

Insights

Intelligence for the people building AI programs

Research, analysis, and perspective on enterprise AI security, governance, and the risks that most organisations discover too late.

ProductFeatured

The Model Never Needed to See Your Data

We have been solving the wrong problem. PII scrubbing removes data and destroys context. Stateful Tokenization removes data and keeps context. The LLM reasons with tokens. You get real values back.

Introducing Stateful Tokenization in OBEL v3.2.0: PII entities replaced with stable indexed tokens before reaching any external model. The LLM reasons with tokens, never real values. Re-hydrated at the proxy boundary before returning to users. Zero enterprise data at the provider.

DB

Denis Bouton

Chief Architect, OBEL™

Jul 7, 20269 min read
Perspective6 min

Why Prompt Engineering is a Governance Problem

Most teams treat AI agent prompts like config files: edited directly, undocumented, no rollback procedure. When an agent starts behaving differently, nobody knows which prompt change caused it. ninthLABS on why prompts are policy documents, not configuration, and what proper prompt governance looks like.

Jun 28, 2026Read →
Intelligence Brief9 min

Why Chatbot Governance Does Not Transfer to Agentic AI

Multi-step agentic AI systems introduce a fundamentally different risk profile from conversational AI tools. Existing governance controls designed for single-turn prompts are necessary but not sufficient. Here is what changes, what breaks, and what a defensible agentic governance model looks like.

Jun 3, 2026Read →
Product7 min

Why Your AI Needs a Job Description

AI personas are not a personalisation feature. They are a governance control. Here is why role-scoped AI behaviour reduces your organisation's security exposure, compliance risk, and prompt injection attack surface.

Jun 1, 2026Read →
Product4 min

Introducing OBEL Managed Services

OBEL Managed Services lets ninthLABS operate your AI governance deployment on your behalf - configuring policy, monitoring security events, reviewing governance posture - under a fully audited, session-scoped access model.

Jun 1, 2026Read →
Intelligence Brief9 min

What the EU AI Act Actually Requires of Your Organisation

The EU AI Act is in force. Here is what it actually requires, without the maximalist reading or the dismissive one, for organisations building with, deploying, or using AI systems in Europe.

May 8, 2026Read →
Intelligence Brief7 min

Shadow AI in Your Organisation: How to Find It and What to Do Next

Shadow AI (the unsanctioned use of AI tools by employees) is growing faster than most IT departments are tracking. Here is how to find it, what you typically discover, and what to do about it.

Apr 22, 2026Read →
Intelligence Brief7 min

The Questions Your Cyber Insurer Is Now Asking About AI

Cyber insurers are adding AI-specific questions to renewal applications in 2026. Here are the five questions appearing most consistently, and what a confident 'yes' actually requires.

Mar 11, 2026Read →
Perspective7 min

Why We Built OBEL

OBEL was conceived in mid 2023 at the intersection of RPA, cybersecurity consulting, and the first serious enterprise conversations about responsible AI. Two years later, what felt like a novel idea is now a necessity.

Dec 10, 2025Read →