LangGrinch: A Bug in the Library, A Lesson for the Architecture
A critical CVE in LangChain shows why credential isolation matters more than perfect code.
security langchain cve credentials architecture
blog
Technical writing on AI agent security, capability-based authorization, and the infrastructure gap between identity, orchestration, and choreography.
ForcedLeak: What Salesforce's Agentforce Vulnerability Reveals About Agent Security
Salesforce patched a critical prompt injection vulnerability in Agentforce. The attack chain reveals why input filtering alone can't secure agentic AI—and what actually works.
security prompt-injection salesforce agents confused-deputy capabilities
Why NHI Can't Secure Agentic AI: The Confused Deputy Returns
Non-Human Identity (NHI) is necessary hygiene, but it can't solve the authority-flow problems in multi-agent systems. The right unit is the transaction, and the right primitive is capability-based authorization.
security identity authorization capabilities nhi architecture
79% of Organizations Have No Guardrails for AI Agents
Akto surveyed 100+ CISOs and security leaders. The findings: agents are in production, but inventory, governance, and runtime controls are missing. The gap is now measurable.
market research security governance mcp
Agents Need Kernels, Not Guardrails
OS history solved process isolation structurally, not behaviorally. Agents need the same treatment: a kernel that controls what they can see and do.
architecture security kernel isolation
MCP Security: Why Guardrails Aren't Enough
A new paper proposes defense-in-depth for MCP security. The diagnosis is right, but policy enforcement can't solve what structural isolation must.
security mcp capabilities architecture research
Why Microsoft Copilot's Audit Log Failure Was Inevitable
The Copilot vulnerability that allowed silent file access exposes a structural flaw: ambient authority plus bolt-on audit logging. Capability chains make that class of bug impossible.
security ai-agents microsoft capability-security confused-deputy
Your Agent's Memory Is a Security Hole
Default agent memory patterns leak unless you enforce scoping at the runtime boundary. The problem isn't implementation bugs—it's architectural.
memory security architecture enterprise
IAM Locked Cloudflare Out. It'll Lock Your Agents Out Too.
Cloudflare's December 2025 resilience report reveals what every zero-trust org learns: your security stack becomes the outage when the platform is on fire.
security iam availability cloudflare incidents
When OAuth Becomes a Weapon: Lessons from CVE-2025-6514
A critical vulnerability in mcp-remote affected 558,846 downloads. The bug was client-side, but the attack exploited OAuth dynamic discovery—a trust assumption that breaks for autonomous agents.
security oauth mcp vulnerability analysis
Stop Hardcoding API Keys in Your Agents
API keys in prompts, env vars, or code turn agents into confused deputies. Here is the safer pattern.
security agents authorization best-practices
Agents That Can Actually Do Things
Enterprise agents that demo autonomous refunds ship with 'click to approve' buttons. Here's why—and what changes when authorization is solved.
agents authorization enterprise security trust
Capabilities 101: The Security Primitive That Changes Everything
What capabilities are, how they differ from ACLs, and why they matter for AI agent security—but also why capabilities alone aren't enough.
security capabilities authorization technical fundamentals
The Confused Deputy Problem, Explained
A 1988 security paper predicted why AI agents are vulnerable. The standard fix is incomplete.
security confused-deputy capabilities authorization technical
GitHub's Agentic Security: Right Problem, Incomplete Solution
GitHub's security principles minimize autonomy to minimize risk. But what if you could maximize autonomy within cryptographic bounds?
github security copilot agents authorization
Context Engineering for Agent Trust
Everyone's optimizing what agents know. Nobody's solving what agents are permitted to do. The context engineering revolution is incomplete without trust.
context-engineering security authorization multi-agent architecture
Researchers Broke Every Major Agent Defense. Here's What Failed.
AgentVigil achieved 70%+ attack success rates against o3-mini and GPT-4o agents—with all defenses active. Linguistic defenses are necessary but insufficient.
research security attacks validation prompt-injection
MCP Standardizes Tools. It Doesn't Secure Them.
The Model Context Protocol solves agent-to-tool communication. But who authorized the agent to use that tool, with what constraints, for which transaction?
mcp security tools anthropic infrastructure
LangChain State of Agent Engineering: Security Is Now a Top Barrier
1,340 practitioners surveyed. 57% have agents in production. Security ranks as the #1 concern for large enterprises. What this means for agent infrastructure.
market research langchain security production
Proof of Continuity for Compliance: EU AI Act, SOC2, and Beyond
How capability-based authorization maps to regulatory requirements—and what auditors actually need to see.
compliance eu-ai-act soc2 regulations
5 Ways Your AI Agents Will Get Hacked
A threat taxonomy for multi-agent systems—and where traditional security controls struggle.
security threats attacks taxonomy
Why We're Demoing Agent Security with Insurance Claims
Insurance isn't just a convenient example—it's a perfect example. It exposes exactly why existing security models break.
insurance demo use-case proof-of-continuity
Cross-Organizational Agent Trust in 30 Seconds
How a referral agent proves authorization without sharing credentials—and why OAuth can't do this.
healthcare cross-org interoperability use-case
What the Definitive Book on AI Agent Security Gets Right—and What It Leaves Open
Springer just published the most comprehensive treatment of agentic AI security. It validates the problem. It acknowledges the gap. It does not fill the gap.
security architecture analysis industry
Proof of Continuity: Why Token Theft Becomes Useless
Traditional security asks what you possess. Capability security asks who you are in the transaction.
security cryptography proof-of-continuity technical
Why Multi-Agent Security Isn't Optional: What Google and MIT Found
New research quantifies the chaos: uncoordinated agents amplify errors 17x. The question is who builds the guardrails.
research multi-agent security validation
The Missing Layer: Authorization After Identity
Identity providers solve 'who is this agent?' Orchestration platforms solve 'what should this agent do?' But what solves 'what can this agent actually do right now, in this transaction?'
security architecture identity authorization
a16z Calls 'Know Your Agent' a Big Idea for 2026. Here's Why.
When the architect of a $150B stablecoin calls for cryptographic agent credentials, the market is sending a signal.
market validation a16z infrastructure
OpenAI's Agent Playbook Has a Security-Shaped Hole
The #1 AI lab just told enterprises how to build agents. They forgot to explain how to secure them.
security openai agents analysis