AI Architecture PatternsSecurity-First
The industry ships AI systems without understanding the security architecture. We're fixing that.
Most AI architecture guidance treats security as an afterthought—a guardrail to add after you've built the system. That's backwards.
This is an opinionated pattern library. We document how AI systems are actually built, identify where the security assumptions fail, and provide guidance that treats security as a design constraint, not a compliance checkbox.
We challenge conventional wisdom when it's wrong. We say "this is broken" when it is.
What you'll find:
- Architectural patterns across agents, retrieval, prompting, memory, and emerging approaches
- Trust boundary analysis for each pattern—where the security properties actually are
- Threat surface mapping—not generic risks, but specific attack vectors
- The ZIVIS position—our opinionated take on how to build these systems securely
Pattern Categories
Agent Patterns
ReAct, multi-agent, MCP, tool calling, and more
17 patterns
Retrieval Patterns
RAG variants, caching, knowledge graphs
13 patterns
Prompting Patterns
Chain-of-thought, few-shot, structured output
11 patterns
Security Patterns
Defense patterns (and their limitations)
11 patterns
Memory Patterns
Context management, state, persistence
6 patterns
Emerging Patterns
Speculative decoding, continuous learning, and what's next
7 patterns
A ZIVIS resource. We red team AI systems and help organizations build them securely.