All news with #agent security tag

🚀 Google Cloud previews GKE and open-source innovations at KubeCon Europe 2026, focusing on making Kubernetes the best platform for AI and agentic workloads. Autopilot compute classes can now be enabled per workload on Standard clusters, and GKE Cluster Autoscaler will be open-sourced to advance vendor-neutral provisioning. GKE is certified for the CNCF Kubernetes AI Conformance program, and projects like llm-d, DRA drivers for TPUs, and DRANET aim to standardize inference and resource management. Features such as the Model Context Protocol, Kubernetes Agent Sandbox, and GKE Pod Snapshots target secure, fast startup and manageability for agents.

🔒 Palo Alto Networks updated Prisma AIRS and its Prisma Browser to discover and map AI agents, models and connections across cloud, SaaS and endpoints, scan agent artifacts for vulnerabilities, and simulate agent-targeted attacks. Prisma AIRS 3.0 — contingent on the planned acquisition of Koi Security — will add an AI Agent Gateway to enforce agent runtime and identity security. Prisma Browser now detects user-generated AI activity, enforces content-aware boundaries, prevents sensitive data from leaking to unmanaged LLMs, and blocks prompt-injection attacks. Separately, following its CyberArk deal, Palo Alto introduced Next Generation Trust Security (NGTS) to automate certificate discovery and lifecycle management.

🔒 Palo Alto Networks announces the next evolution of Prisma SASE, engineered to secure the emerging era of agentic AI by treating autonomous agents as first-class identities. The platform reimagines Prisma Browser as a secure AI workspace, extending AI-powered data protection across endpoints, network, SaaS and GenAI apps while detecting prompt injection and agent hijacking. It also adds autonomous operations and resilient deployment options, including SASE Private Location and hyperscaler integration, to ensure always-on performance for machine-speed workflows.

🔒 Palo Alto Networks today introduced Prisma AIRS 3.0, a unified security platform designed to secure the emerging AI enterprise and agentic systems across cloud, SaaS, endpoints and browsers. The release emphasizes three pillars—Discover, Assess, Protect—expanding visibility from AI applications to live maps of enterprise agents and surfacing shadow AI. New capabilities include Agent Artifact Scanning, multiagent red teaming, an AI Agent Gateway for centralized policy enforcement, and agent identity controls to govern delegated access. Palo Alto positions the platform as a single control plane to replace point solutions and manage agent-specific runtime threats.

🔒 Reco has introduced Reco AI Agent Security, a capability designed to give enterprises visibility and control over autonomous AI agents operating across SaaS environments. The tool detects agent activity beyond traditional OAuth discovery by analyzing API call patterns, service-account correlations, and automation workflow signatures in platforms like Microsoft Copilot, ChatGPT, Zapier and n8n. It consolidates agent discovery, risk analysis, and governance into Reco's existing SaaS security platform.

🔐 At the Nvidia GTC conference CEO Jensen Huang introduced NemoClaw, a secure runtime for running OpenClaw-style agents built on the Nvidia Agent Toolkit and the broader NeMo ecosystem. Central to the offering is the open-source OpenShell runtime, which provides kernel-level sandboxing and a “privacy router” to monitor and block unsafe communications. Nvidia says NemoClaw is hardware-agnostic though optimized for its own microservices, and aims to make edge agent deployment viable for enterprises while researchers inspect it for CVE-level flaws.

🔐 Treat AI agents as first-class identities and enforce identity-based access across systems and APIs. The author argues CISOs must move beyond prompt guardrails to explicit authentication, scoped permissions, continuous logging, and monitoring of tokens, service accounts, OAuth grants, and keys. Organizations should discover shadow AI, map agent access, and enforce intent-aware controls. Full lifecycle governance — ownership, rotation, reviews, and decommissioning — is required to prevent privilege creep and data loss while enabling safe autonomy.

🔒 Enterprises are confronting a shift: autonomous AI agents now operate inside corporate environments with real permissions and real consequences. Security must move beyond build-time controls to continuous runtime monitoring that observes agent behavior, preserves tamper-proof logs, and applies agent-aware policies. Practical first steps include inventorying agents, extending EDR-style behavioral baselining, and designing incident-response playbooks that stop misbehaving agents without destroying evidence.

🛡️Security validation must evolve from disconnected tests to continuous, context-aware assessment powered by agentic AI. The piece argues that defenders need to converge three perspectives — adversarial, defensive, and risk — into a unified discipline supported by a Security Data Fabric that unites Asset Intelligence, Exposure Intelligence, and Security Control Effectiveness. With real-time context, autonomous agents can plan, execute, and prioritize validation workflows, turning fragmented tool outputs into actionable evidence and faster remediation. The article highlights Picus Security and industry recognition as indicators that the market is moving toward CTEM-native, agentic validation.

🔒 China's CNCERT warned that OpenClaw, an open-source, self-hosted autonomous AI agent, ships with weak default security and broad system privileges that attackers can abuse to seize endpoints and exfiltrate data. The advisory highlights indirect prompt injection (IDPI/XPIA) risks where benign features like web-page summarization and messaging link previews are weaponized to embed malicious instructions or automatically leak secrets. Researchers at PromptArmor demonstrated a technique in which an agent constructs attacker-controlled URLs that, when rendered as link previews, transmit confidential data without user clicks. CNCERT also flagged risks from malicious skills, accidental destructive commands, and disclosed vulnerabilities, urging isolation, tightened network controls, credential protection, and cautious skill sourcing.

🛡️ Organizations are adopting agentic AI—autonomous, task-driven systems powered by LLMs—to streamline processes and boost throughput. These agents can plan, act, and iterate, but their non-deterministic behavior creates gaps in traceability, auditability, and access control. Apply strong role-based access, threat modeling, and oversight (human or independent evaluators) to limit exposure and ensure safe deployment.

🔒 AI agents are transforming workflows but can act as an unmonitored access layer—an 'invisible employee' with broad privileges. In an upcoming webinar, Rahul Parwani, Head of Product for AI Security at Airia, will explain how attackers are manipulating agents to exfiltrate sensitive information and how to stop them. Attendees will learn the Dark Matter of identity, common manipulation techniques, and a practical safety blueprint to limit privileges, detect misuse, and prevent leaks. Reserve your spot to learn actionable defenses.

🎧 Microsoft introduces The Shift, an evolution of its earlier podcast to explore agentic AI across engineering, product, and strategy perspectives. Over eight weekly episodes this spring, hosts and guests from teams including Microsoft Azure, Microsoft Fabric, and Microsoft Foundry tackle practical questions about how agents interact with data, databases, and cloud foundations. Episodes emphasize that agents succeed only when data strategy, cloud reliability, and application orchestration work together, highlighting operational concerns like observability, governance, security, and optimization.

🤖 Amazon Lightsail now lets you deploy OpenClaw, a private self-hosted AI assistant, on your own cloud infrastructure with simple, secure defaults. Each Lightsail OpenClaw instance includes built-in security controls—sandboxed agent sessions, one-click HTTPS for TLS, device-pairing authentication, and automatic snapshots—reducing manual configuration and operational risk. Amazon Bedrock is the default model provider, and users can swap models or connect to Slack, Telegram, WhatsApp, and Discord as needed.

🧭 This practical guide from GoogleWalks developers through how to move AI agents from prototype to production, highlighting architecture, operational patterns, and safety considerations. It explains an agent as an LLM-driven autonomous system surrounded by an orchestration layer that manages session state, long-term memory, retrieval (RAG), tool use, and security. The post emphasizes emerging interoperability standards such as MCP and A2A, and underscores the importance of context engineering, trajectory-based testing, and staged rollouts. Authors provide targeted guides and code samples to help teams adopt these practices and validate agents before broad deployment.

🔐 Today’s enterprise AI agents are no longer passive assistants but active operators that authenticate to systems using API keys, OAuth tokens, cloud roles, and service accounts. The article advocates treating every agent as a first-class identity with unique identities, lifecycle management, defined roles, clear ownership, and auditability. It warns that identity alone is insufficient because agents are dynamic and can drift from original missions; instead it promotes intent-based permissioning, activating privileges only when an agent's declared mission and runtime context justify the action. Practical steps include inventorying agents, assigning lifecycle-managed identities, documenting approved missions, and enforcing conditional access based on identity, intent, and context.

🔒 Self-hosted agent runtimes such as OpenClaw shift the execution boundary by ingesting untrusted text, downloading third‑party skills, and acting with the host's credentials. This combination makes the runtime effectively untrusted code execution with persistent tokens and elevated access, unsuitable for standard workstations. Microsoft recommends evaluating OpenClaw only in isolated VMs or dedicated devices, using dedicated non‑privileged credentials, continuous monitoring, and a fast rebuild plan. Prioritize containment, least privilege, and monitoring with solutions like Microsoft Defender XDR.

🔒OpenClaw has patched six vulnerabilities disclosed by Endor Labs, including SSRF, missing webhook authentication and a path traversal issue that range from moderate to high severity. The set includes CVE-2026-26322 (Gateway SSRF, CVSS 7.6), CVE-2026-26319 (Telnyx webhook auth bypass, CVSS 7.5) and several GitHub Security Advisories such as GHSA-56f2-hvwg-5743. Endor warns that agent frameworks’ multi-layered architectures mean vulnerabilities can span files and components, requiring data-flow analysis and layered validation to mitigate exploitation. SecurityScorecard also flagged many publicly exposed OpenClaw instances, raising enterprise risk.

🚀 Amazon Bedrock now offers Mistral AI Devstral 2 123B, an open-weight 123B-parameter LLM optimized for agentic software engineering workflows. The model focuses on code generation, automation, and reliable multi-step reasoning, supporting long-context comprehension for multi-turn coding tasks. Bedrock exposes Devstral 2 via a single, fully managed API so customers do not need to provision infrastructure or host models. It is intended for production coding assistants, automated code review, and complex software development agents and is available in select AWS Regions.

🔒 Traditional endpoint defenses miss a growing class of non-binary software — browser extensions, code packages, IDE plugins, local servers, containers and model artifacts — that employees and developers install without centralized oversight. AI agents amplify that blind spot by acting with user credentials, autonomously discovering, invoking and installing components at machine speed. Palo Alto Networks says it intends to acquire Koi to deliver Agentic Endpoint Security, focused on visibility, continuous risk analysis and real-time policy enforcement to remediate risky behaviors.