< ciso
brief />
Tag Banner

All news with #agentic ai tag

619 articles · page 13 of 31

AI Inflection Point: Strategic Imperatives for CISOs

🤖 AI has moved from experimentation into production in security operations, creating a strategic operating-model choice for CISOs: layer AI onto existing workflows or rebuild processes around it. Defenders briefly hold a Cyber AI Parity Window, but advantage favors teams that adopt multi-agent architectures, embed deep contextual integration and measure outcomes in production. Leaders must demand transparency, reliability and workflow redesign to elevate analysts into oversight and strategy roles.
read more →

Nemotron-3-Super-120B and Qwen3.5 Models Added to SageMaker

🚀 Amazon SageMaker JumpStart now includes NVIDIA’s Nemotron-3-Super-120B and the Qwen3.5 family (9B and 27B), giving customers turnkey access to foundation models optimized for agentic reasoning, multilingual coding, and advanced instruction following. Nemotron-3-Super-120B employs a hybrid LatentMixture-of-Experts architecture with Mamba-2 and MoE layers to support collaborative agents and high-volume automation such as IT ticket triage and cybersecurity workflows. The Qwen3.5-9B prioritizes efficiency for resource-constrained environments, while Qwen3.5-27B offers deeper contextual and multimodal reasoning for large-scale document processing and complex scenarios. Users can deploy these models directly from the JumpStart catalog or programmatically via the SageMaker Python SDK.
read more →

Anthropic's Mythos Spurs Structural Cybersecurity Shift

⚠️A new Cloud Security Alliance (CSA) briefing warns that Anthropic's Claude Mythos (Preview) marks a structural shift in cybersecurity. The model can autonomously discover and exploit thousands of vulnerabilities and orchestrate attacks at speeds that compress discovery-to-weaponization from weeks to hours. The paper — informed by leading security figures — says Mythos is not an outlier and urges CISOs to build Mythos-ready programs, harden fundamentals, and elevate the issue to the board.
read more →

Durable Object Facets: Isolated Databases for Workers

🧩 Durable Object Facets let you instantiate dynamic Durable Object classes inside a supervisor Durable Object, giving each AI-generated app its own isolated SQLite-backed storage. Using the Dynamic Worker Loader API, a supervisor loads agent code, instantiates the exported DurableObject class as a facet via this.ctx.facets.get(...), and forwards requests while retaining logging, quotas, and billing controls. Facets enable near-zero-latency local storage and safe multi-tenant application patterns.
read more →

Cloudflare Sandboxes and Containers Reach General Availability

🧰 Cloudflare has declared Sandboxes and Cloudflare Containers generally available, delivering persistent, isolated development environments tailored for AI agents and human developers. Key additions include secure credential injection via an egress proxy, PTY-backed WebSocket terminals, persistent Python/JavaScript/TypeScript interpreters, filesystem event streams, background dev servers with public preview URLs, and fast disk-state snapshots. Higher instance limits and Active CPU Pricing reduce cost and improve scalability; the SDK is at version 0.8.9.
read more →

Your MTTD Looks Great — Fix the Post-Alert Investigation Gap

🔍 Detection tooling has pushed MTTD toward zero for known techniques, but real risk now lives in the post-alert investigation gap. Alerts still require analysts to assemble context across multiple tools, queue work, and perform 20–40 minute investigations — timelines attackers now exploit in seconds or minutes. Agentic AI can collapse that window by investigating every alert, correlating evidence, and producing defensible determinations in minutes. Prophet Security positions AI-driven investigation as the lever that shifts SOC reporting from throughput to actual security outcomes.
read more →

Building the Internet for Agents: Cloudflare’s Agents Week

🔔 Cloudflare is launching Agents Week to announce platform work aimed at scaling one-to-one AI agents across the Internet. The post argues that traditional container-based cloud models don't map well to ephemeral, per-user agents and highlights Workers and lightweight isolates as efficient primitives alongside GA container sandboxes and improved browser rendering. It also stresses integrating security, identity, payment, and open standards like MCP to make agents practical and sustainable.
read more →

SAP Concur Automates Expense Reporting with Agentic AI

🤖 SAP Concur and Google Cloud modernized expense automation by upgrading ExpenseIt from OCR-first processing to an agentic AI workflow that reasons about missing data. The system combines a deterministic text-extraction core with a Gemini-powered Receipt Analysis Agent that triggers only for ambiguous receipts. Using routing, contextual reasoning, and tool access to travel and calendar data, the agent infers missing fields and completes entries, reducing manual corrections and speeding expense submission.
read more →

Achieving Near-100% Agent Accuracy with Context Engineering

🧭 This article explains why agentic workflows need near-100% accuracy when they query enterprise databases and how comprehensive context engineering can deliver it. It introduces QueryData as a tool that combines three context pillars—Schema Ontology, Query Blueprints, and Value Searches—to guide LLMs toward correct, auditable SQL. A real-estate tenant onboarding example illustrates the risk of compounding errors, and the post recommends templates, facets, and database-aware value lookups to ensure both accuracy and explainability for human-in-the-loop verification.
read more →

Accelerating Public Sector Innovation with Gemini Platform

🤖 Google positions Gemini Enterprise as a unified agentic platform and offers Gemini for Government to help public sector organizations move beyond pilots to agency-wide deployments that accelerate mission outcomes. Agencies including the CDAO, DOT, and FDA are deploying agents for administrative tasks, regulatory reviews, and scientific collaboration, while state and local governments modernize services and constituent support. Google highlights an integrated stack built for velocity, precision, cost efficiency, and security, cites industry recognition, and invites leaders to engage at Google Cloud Next.
read more →

Local Testing of a Multi-Agent System with Vertex AI Memory

🧪 This article describes how to validate the Dev Signal multi-agent system locally before deploying to Cloud Run. It covers configuring local secrets, an environment-aware env utility that initializes Vertex AI, and a test runner which connects to the cloud-based Vertex AI memory bank to persist user preferences. The guide demonstrates a two-phase scenario that teaches preferences, generates multimodal content, wipes local session history, and verifies cross-session memory recall.
read more →

OpenSearch Adds Managed Prometheus and Agent Tracing

🔧 Amazon OpenSearch Service now delivers a unified observability workspace that combines metrics, logs, traces, and AI agent tracing with native integration for Amazon Managed Service for Prometheus. You can query Prometheus metrics directly with PromQL alongside logs and traces in the OpenSearch UI using live queries that avoid data duplication and reduce costs compared with premium platforms. New RED-based application monitoring workflows and OpenTelemetry GenAI semantic conventions enable correlating slow traces, overlaying Prometheus metrics on service dashboards, and tracing LLM agent execution within a single tool.
read more →

The Agentic SOC: Rethinking SecOps for the Next Decade

🔐 The agentic SOC reframes SecOps from reactive incident handling toward adaptive, autonomous defense where AI agents work alongside humans to accelerate investigation, prioritization, and action. Built on deterministic, policy‑bound protections and agentic orchestration, it aims to block high‑confidence threats at machine speed while freeing analysts for strategic judgment. Early results show faster containment and large‑scale automation of routine investigations. Organizations progress through unified platform, generative AI for triage, and full agentic automation as trust and governance mature.
read more →

AWS Agent Registry for AgentCore Now Available in Preview

🔍 AWS has previewed the Agent Registry in AgentCore, a private, governed catalog and discovery layer for agents, tools, skills, MCP servers, and custom resources across an organization. The registry is accessible via the AgentCore Console, APIs (AWS CLI, AWS SDK), or as an MCP server that builders can query from their IDEs, and it supports IAM and OAuth (Custom JWT) access. Teams can register resources manually or use URL-based discovery to harvest metadata from live endpoints; records pass through an approval workflow and are auditable via AWS CloudTrail. Semantic and keyword search lets developers find capabilities by describing use cases in natural language.
read more →

Using AI Agents to Detect Documentation Breakage in OSS

🤖 Drasi's team turned documentation testing into a monitoring problem by running AI-driven synthetic users that follow tutorials verbatim inside Dev Containers using the GitHub Copilot CLI. The agent is naïve, literal, and unforgiving: it executes commands exactly, verifies outputs, and captures screenshots, terminal logs, and a final markdown report. Weekly automated runs detect silent drift and environment regressions; failures automatically file issues with reproducible artifacts.
read more →

Governance Gaps as AI Agents Drive 76% NHI Increase

⚠ The SANS Institute warns that rapid adoption of agentic AI is outpacing security controls, driving a 76% rise in non-human identities (NHIs) such as service accounts, API keys and automation bots. Based on interviews with more than 500 security professionals for the 2026 State of Identity Threats & Defenses Survey, SANS identified widespread credential hygiene failings and a surge in agent-linked NHIs that can double or triple in number. The report highlights that many organizations do not rotate machine credentials on a 90-day cycle and lack coordinated AI governance, and recommends secrets vaults, automated rotation and scoped least-privilege access to mitigate risk.
read more →

Amazon Bedrock AgentCore Browser Adds OS-Level Actions

🖱️ Amazon announced that Bedrock AgentCore Browser now supports OS-level interaction capabilities to automate browser workflows beyond the Chrome DevTools Protocol (CDP). The update adds mouse and keyboard operations, full desktop screenshots, and handling for native system dialogs and print flows. It targets AI agent developers, test automation engineers, and teams building LLM-powered web interaction tools. The feature is enabled by default across all AgentCore Browser instances in the 14 supported AWS Regions.
read more →

Agentic AI Collapses Zero-Day Timeline: What Leaders Must Do

🔒 Agentic AI is accelerating vulnerability discovery and shrinking the window between unknown flaws and active exploitation. A zero-day is dangerous because it exists in a defensive vacuum with no vendor patch and no established playbook, forcing emergency responses. Automated agents can probe, adapt and iterate continuously, so periodic assurance measures like quarterly scans and annual penetration tests are no longer sufficient as the primary resilience strategy. Organizations should emphasize data minimization, strict API discipline, least-privilege controls and micro-segmentation while embedding security into day-to-day IT operations and aligning CIO and CISO responsibilities.
read more →

Microsoft Agent Governance Toolkit Addresses OWASP AI Risks

🛡️ Microsoft has released the open-source Agent Governance Toolkit to monitor and control AI agents during runtime as organizations move them into production. The toolkit enforces policies aligned with OWASP top risks for agentic systems, such as prompt injection, identity abuse, and tool misuse, while improving visibility across multi-step workflows. It ships as multi-language components and integrates with existing frameworks like LangChain without requiring agent rewrites. The project is in public preview under an MIT license.
read more →

Tabletop Exercises Grow Up: AI Transforms Cyber Drills

🤖 Traditional tabletop exercises build shared understanding, clarify escalation paths and satisfy compliance, but they often test knowledge of a plan rather than the ability to execute it. The authors—experienced facilitators—note scripted injects and calls to “suspend disbelief” reveal a gap between documentation and operational reality. AI agentic capabilities can simulate adaptive adversaries and reactive stakeholders, turning static scenarios into dynamic, consequence-driven drills. Even so, skilled facilitators and a judgment-focused post-mortem remain essential.
read more →