Guides & templates

Delivered by email, the low-commitment first step before a pilot conversation.

Framework mapping

How Helixar’s controls map to SOC 2, ISO 27001, ISO 42001, DORA, PCI DSS v4, APRA CPS 234, RBNZ BS-11 and the NZ Privacy Act 2020.

Get the mapping

Architecture & residency pack

Deployment surfaces, editions, integration points, and the US / AU managed-environment residency posture, for your technical reviewers.

Get the pack

DPA template

The data-processing agreement your procurement team will ask for, productised, referencing the Australian Privacy Act and NZ Privacy Act 2020.

Get the template
Analysis

Capability analysis

How Helixar compares across AI governance and compliance vendors, 34 capabilities benchmarked, including the cryptographic-evidence and ANZ-framework rows no competitor in scope matches.

Request the analysis

Sent by a person, by email, no gated form, no auto-download. Or write to [email protected] and we’ll send it directly.

Articles & press

LatestJune 2026 · Threat Intelligence
n8n AI Component Flaw Opens Browser to Unauthenticated Control

A vulnerability in n8n’s MCP Browser component lets any network-reachable attacker take over browser sessions when run in a specific, non-default mode.

June 2026 · Threat Intelligence
Nuxt Dev Server Flaw Exposes Local Files on Shared Linux Systems

A local information-disclosure vulnerability in the popular web framework, discovered by an AI research firm, highlights the risks in shared development environments.

June 2026 · Threat Intelligence
AI Threat Brief: Weak Keys, New Artifacts, and Federal Mandates

Factorable RSA keys, a new macOS forensic artifact, and a federal logging mandate, the evolving landscape of digital evidence and cryptographic integrity.

June 2026 · Threat Intelligence
Dex Flaw Bypasses Connector ACLs on Token Exchange Endpoint

A vulnerability in Dex’s token-exchange handler fails to enforce client-specific access controls, letting an attacker with a leaked client secret escalate privileges across agent workloads.

June 2026 · Threat Intelligence
Critical LiteLLM Flaw Allows Command Injection in AI Systems

CVE-2026-42271 lets any authenticated user, even with a low-privilege key, run arbitrary commands on the host running BerriAI’s LiteLLM, the router sitting at the centre of many agentic stacks.

June 2026 · Threat Intelligence
CVE-2026-47261: Wasmtime Flaw Bypasses Filesystem Sandboxing

A high-severity flaw in the wasmtime-wasi crate lets WebAssembly modules bypass read-only file permissions, a sandbox escape that threatens any agentic system using Wasmtime to run untrusted code.

Research, threat intelligence, and announcements from the Helixar team. Browse all articles →

New guides & articles by email