<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
  <url>
    <loc>https://blog.milgram.dev/</loc>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/nist-ai-rmf-generative-ai-llm-firewall-compliance</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/preventing-data-leaks-llm-workflows-practical-guide</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/adversarial-ai-defense-resilience-beyond-prompt-injection</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/enterprise-llm-firewall-vs-traditional-dlp-whats-different</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/what-your-siem-cant-see-ai-traffic-monitoring-blind-spot</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/ai-coding-agents-new-attack-surface-securing-developer-ai</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/how-to-secure-enterprise-llm-implementation-architecture-guide</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/owasp-top-10-llm-firewall-controls-mapping</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/ai-data-exfiltration-how-attackers-move-data-through-llms</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/prompt-injection-detection-defense-guide</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/posts/why-enterprises-need-llm-firewall-ai-data-leaks</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
  <url>
    <loc>https://blog.milgram.dev/authors/zoe/</loc>
    <lastmod>2026-07-13</lastmod>
  </url>
</urlset>
