All news with #agent security tag

🤖 AI agents are shifting the Tier 1 SOC analyst role from manual triage to oversight and decision-making. Instead of spending hours pivoting across logs and telemetry, analysts can delegate evidence collection to agentic AI that queries systems, correlates signals and builds evidence chains in real time. The human role becomes orchestration—reviewing outcomes, validating uncertainty and aligning actions with business risk. Trust is earned via transparency, staged deployments and practitioner-led adoption.

🔒Attackers are increasingly hijacking legitimate AI agents and compromised credentials to extract sensitive information, turning in-house assistants into active threats. These agents become 'agentic endpoints'—autonomous identities with broad privileges that often evade traditional controls by using plugins, extensions, and stolen API tokens. Organizations need a consolidated security platform, continuous verification through PAM and Zero Trust, and board-level governance to manage this accelerated, AI-driven risk.

🔒 The contributor reframes AI agents as delegated identities rather than independent actors, arguing enterprises cannot safely govern agents without first governing the identities that delegate authority to them. It calls out pervasive "identity dark matter"—unmanaged human and machine credentials that create hidden permissions and execution paths which agents can amplify. The piece recommends sequencing remediation: first illuminate and reduce identity dark matter across humans, bots, and service accounts, then feed continuous telemetry into a real‑time delegation authority engine. Orchid's continuous observability model is presented as that live feed, enabling dynamic decisions to allow, recommend, constrain, or block agent actions based on delegator posture, intent, application context, and scope.

🔒 AWS has announced general availability of the AWS for SAP MCP Server on Amazon Bedrock AgentCore, enabling AI agents to connect directly and securely to SAP ERP systems at scale. Built on Model Context Protocol (MCP) and SAP OData standards, the server supports CRUD access to sales orders, purchase orders, materials, and finance documents. The managed AgentCore Runtime provides session isolation, private connectivity, and dual-layer authentication with CloudWatch telemetry and CloudFormation templates for rapid, no-infrastructure deployment.

🤖 At Google Cloud Next day 2, the developer keynote focused on the Gemini Enterprise Agent Platform, demonstrating tools to build, simulate, evaluate, and scale autonomous agents. Presentations covered the Agent Development Kit (ADK), Model Context Protocol (MCP) servers, Agent Runtime, Memory Bank, Agent Registry, A2UI/A2A standards, and debugging with Gemini Cloud Assist. Speakers also addressed security and governance with Agent Identity, Agent Gateway, and partner demos from Wiz, and released source code and codelabs to help teams adopt agentic development.

🛡️ Google unveiled a suite of agentic AI defenses at Google Cloud Next '26 to help SOC teams manage a surge of vulnerabilities tied to Anthropic Mythos. The launch includes three new agents in Google Security Operations — threat hunting, detection engineering, and third-party context — plus expanded Wiz integrations and an AI-BOM to inventory AI components. Additional controls like Agent Identity, Agent Gateway, and Model Armor aim to govern the emerging 'agentic web' and mitigate prompt injection, data leakage, and shadow AI risks.

🔐 Google announced a shift to agent-centric security at Google Cloud Next '26, positioning AI agents to help SOC teams respond to the potential surge of vulnerabilities tied to Anthropic's Mythos. It introduced three new agents in Google Security Operations — a threat hunting agent, a detection engineering agent and a third-party context agent — and said its existing triage agent has processed over five million alerts, reducing analysis from about 30 minutes to roughly a minute with Gemini. Additional moves include expanded Wiz integrations, an AI-BOM to inventory AI components, agentic automation features, Model Armor protections, Agent Identity and Agent Gateway controls, and modern IAM simplifications to streamline permissions.

🛡️ Google has launched the Gemini Enterprise Agent Platform, a hub for managing agentic AI that assigns each agent a unique cryptographic ID to enable traceable, auditable actions and map to authorization policies. The platform centralizes agents, tools and skills in an Agent Registry and offers an Agent Gateway to enforce agent-to-agent and agent-to-tool policies, apply Model Armor protections, and support MCP and A2A protocols. New detection and security features include real-time Agent Anomaly Detection, an Agent Security dashboard integrated with Security Command Center, and specialized security agents for threat hunting, detection engineering and third-party context enrichment.

🔒 Forcepoint researchers have uncovered 10 distinct indirect prompt injection (IPI) payloads embedded in web content that instruct AI agents to perform malicious real‑world actions such as financial fraud, data destruction and API key exfiltration. The attacks poison pages so that browsing or summarizing agents ingest and execute attacker directives, often overriding prior safeguards. Forcepoint warns risk scales with AI privilege and highlights threats to agentic tools integrated into IDEs, payment flows and automation pipelines.

🤝 Palo Alto Networks and Google Cloud announced integrated protections to secure the shift from generative to agentic AI. Native Prisma AIRS integration with Google Cloud Gemini Enterprise Agent Platform governs agentic workflows and prevents runtime agent risks, prompt injection, and sensitive-data leakage. A Palo Alto Networks template in Google Cloud’s Application Design Center enables security-as-code, while Advanced WildFire is embedded in Google Cloud NGFW Enterprise for inline sandboxing and zero-day prevention. A Prisma AIRS Model Security agent will be available via the Google Cloud Marketplace as Agent-as-a-Service and runs inside customers’ Google Cloud environments.

🔐 The shift from access-based controls to action-oriented outcome control is redefining application security as AI agents reason, act, and interact with systems. The blog outlines how Google Cloud’s Gemini Enterprise Agent Platform creates a centralized control point for agentic systems, enabling identity, access, policy enforcement, and observability. It frames outcome control as essential to manage the new operational risk posed by agents.

🧭 Google published an official Agent Skills repository to provide compact, agent-focused expertise for Google Cloud products and best practices. Skills are Markdown-based, modular documents that include code snippets and assets and are designed to be loaded by agents only as needed, reducing the risk of context bloat and token cost spikes. The initial release includes thirteen skills spanning BigQuery, GKE, Cloud Run, AlloyDB, Firebase, the Gemini API, Well‑Architected pillars like Security and Cost Optimization, and operational recipes. Installable via the skills CLI, these assets work with agents such as Antigravity, the Gemini CLI, and other third-party agents.

🚀 At Google Cloud Next '26, developers and practitioners are offered 55+ new hands-on codelabs, with a curated list of 10 highlighted labs designed to translate conference announcements into working code. Contributors Megan O'Keefe and Karl Weinmeister emphasize a practical shift—89% of sessions focus on AI—and these labs target multi-agent orchestration, data grounding, deployment, and enterprise security. Each lab provides step-by-step guidance to build, ground, secure, and scale agentic systems using Google Cloud tools.

🔐 Researchers disclosed a major data exposure at Moltbook on January 31, 2026, revealing 35,000 emails and 1.5 million agent API tokens across 770,000 agents. Private messages contained plaintext third-party credentials, including OpenAI API keys, creating what the article calls a toxic combination — cross-app permissions that compound risk. The piece urges shifting review from single apps to the bridges between them and highlights procedural controls and dynamic SaaS security platforms like Reco to monitor runtime trust relationships and revoke risky tokens before exfiltration.

🤖 Cloudflare's Agents Week highlights a broad set of primitives, services, and developer tooling to support agents as first-class workloads on the Cloudflare Workers platform. Key compute advances include Artifacts, Sandboxes GA with programmable egress, Durable Object Facets, and Workflows v2 to scale background agents. Security features—like Cloudflare Mesh, Managed OAuth for Access, and resource-scoped permissions—aim to make secure agent deployment the default while an expanded Agent Toolbox adds inference, memory, voice, email, and browsing capabilities to help builders move prototypes to production.

🧠 Cloudflare announces Agent Memory, a private beta managed service that extracts information from agent conversations and makes it available without filling model context windows. The service offers persistent profiles with operations to ingest conversations, explicitly remember or forget items, and recall synthesized answers, integrating with Cloudflare Workers and a REST API. Agent Memory uses a retrieval-based architecture with deterministic ingestion, multi-stage verification, vector and full-text retrieval channels, and Reciprocal Rank Fusion to synthesize concise, contextual responses. Memories are classified, versioned or superseded as appropriate, and fully exportable so organizations retain ownership.

🗂 Artifacts is a Git-compatible, versioned filesystem built for agent-first workflows. It enables programmatic repo creation, credential issuance, and commit operations via a REST API or a native Workers API while remaining accessible to any standard Git client. Cloudflare implements Artifacts on Durable Objects with a Zig-to-WASM Git engine and supports import, forking, git-notes, and session-scoped repositories. The feature is in private beta for paid Workers plans, with a public beta expected in early May.

⚠️ Security researchers at Capsule Security disclosed prompt-injection vulnerabilities in Microsoft Copilot Studio and Salesforce Agentforce that let attackers embed malicious instructions in public form fields. Crafted inputs submitted via SharePoint or lead forms can override agent instructions and trigger data exfiltration to attacker-controlled endpoints. Microsoft patched the SharePoint-related issue (CVE-2026-21520) with a 7.5 CVSS score; Salesforce acknowledged the problem but described the vector as configuration-specific. Researchers warn that treating external inputs as trusted undermines autonomous agent security and urge input validation, least-privilege, and stricter outbound controls.

🔒 Curity announced Access Intelligence, an extension to its Identity Server IAM platform designed to secure rapidly proliferating autonomous AI agents. Rather than rely on static, pre-granted permissions, the company uses Token Intelligence to embed an agent's declared purpose and intent in OAuth tokens and issues short-lived, action-specific tokens at runtime. The system can require human approval for high-risk tasks, is deployed as a self-hosted microservice, and centralizes token validation to isolate unregistered or shadow agents.

🔒 This post explains how AI agents and coding assistants access AWS resources via the Model Context Protocol (MCP) and why deterministic IAM controls are required. It outlines three security principles—assume all granted permissions could be used, enforce role governance, and differentiate AI-driven from human-initiated actions—and maps them to deployment patterns. It contrasts AWS-managed MCP servers (which inject context keys) with self-managed servers (which require session tags), and provides practical IAM policy examples, monitoring guidance, and operational controls.