// #ai-governance
2 articles
AI Workflow Builder Security Governance: Langflow CVE-2026-5027 and the Unmanaged AI Tool Problem
Langflow CVE-2026-5027's active exploitation is accelerating because many enterprise Langflow deployments are outside the formal IT security perimeter — deployed by data science and developer teams without security review, not in the CMDB, not in the vulnerability scanning scope. This article provides a governance framework for bringing AI workflow tools under security management.
Enterprise AI Tool Governance: Controlling Access, Data Flows, and Shadow AI Risk
The rollout of ChatGPT Lockdown Mode highlights the broader challenge of governing AI tool access in enterprise environments: organisations must balance productivity benefits against data loss risk, prompt-injection exposure, and the proliferation of unofficial AI tools used without IT oversight. This guide covers the IAM and DLP controls that define an enterprise AI governance posture.