All news with #agentic ai tag

🤖 Our inaugural survey of 251 senior public sector leaders, commissioned by Google Cloud and conducted by National Research Group, finds agentic AI is already mission‑critical: 55% report using AI agents and 42% have deployed more than 10 in production. Respondents expect to allocate 50%+ of future AI budgets to agents. The report highlights productivity gains (70% improved; 46% at least doubled) and security improvements (79% better threat identification, 70% improved intelligence/response integration), and points to Gemini for Government with FedRAMP High-authorized protections as a clear path to scale.

🔒 Early agentic AI experiments have exposed a rapidly expanding cybersecurity problem: enterprises are accumulating vast numbers of non-human identities (NHIs)—service accounts, tokens, API keys and automation credentials—that security teams largely cannot see or govern. Analysts predict counts will jump from millions to tens of millions within months, driving visibility into these assets into the single digits. Experts recommend containment and segmentation of legacy NHIs, strict ownership, and a clean-slate approach to provisioning future agents rather than attempting perfect retroactive inventories.

🔧 This guide explains how to build custom employee onboarding agents using the Agent Development Kit (ADK), Vertex AI Agent Engine, and Application Integration to connect conversational AI with enterprise systems such as ITSM, ERP, and CRM. It describes a grounded agentic workflow where a Gemini Enterprise front-end captures intent, a low-code Application Integration layer performs deterministic transformations and authentication, and backend systems execute transactions. The result is a role-aware, auditable onboarding experience that automates tasks like laptop provisioning while keeping business rules and approvals intact.

🔍 AWS announced integration of Amazon CloudWatch Application Signals with Kiro Powers to deliver AI agent-assisted troubleshooting workflows directly within the Kiro IDE. The Kiro power packages the Application Signals MCP server with curated steering files and hooks, providing focused observability guidance so agents receive only the context needed for a specific task. Developers can accelerate SLO triage and service isolation from hours to minutes with one-click installation across AWS Regions.

🔒 AI agents dynamically select and invoke tools using natural-language descriptions, creating a new attack surface in the agent's reasoning layer. Agentic tool chain attacks manipulate tool metadata and context — via tool poisoning, tool shadowing, or rugpull attacks — to exfiltrate data or trigger unauthorized actions without altering tool code. Defenses should center on tool governance, trusted MCP identity, strict parameter validation, and reasoning-layer observability. Organizations must adopt signed manifests, version pinning, mutual TLS, and telemetry to detect and contain these threats.

🤖 Cloudflare published Moltworker, an adaptation of the open-source Moltbot personal AI agent designed to run on the Cloudflare Developer Platform instead of dedicated local hardware. The implementation combines Workers, the Sandbox SDK, Browser Rendering, and R2 to run agent workloads at the edge with controlled persistence. Integration with AI Gateway adds centralized observability, BYOK support, unified billing and fallback behavior. The repo is open-source and the project is presented as a proof-of-concept that requires a paid Workers plan.

🚀 AWS has introduced deployment Standard Operating Procedures (SOPs) in the AWS MCP Server preview, enabling AI agents to perform multi-step web application deployments from MCP-compatible IDEs and CLIs using natural language prompts. The SOPs generate AWS CDK infrastructure, deploy CloudFormation stacks, and create CI/CD pipelines following recommended AWS security best practices. Supported frameworks include React, Vue.js, Angular, and Next.js. The preview in US East (N. Virginia) is available at no additional MCP cost; customers pay only for the AWS resources and data transfer they use.

🛡️ NIST is moving from high-level AI risk principles toward operational cybersecurity expectations, focusing especially on AI agent systems that take autonomous actions. The agency’s CAISI center has issued a formal RFI on secure practices for AI agents and is adapting the Cybersecurity Framework into a Cyber AI Profile. NIST’s work—spanning the AI RMF, Dioptra testing, an adversarial ML taxonomy, and SSDF guidance for generative models—signals that CISOs must treat AI as a near-term security priority rather than “just software.”

🛡️ AI agents are being embedded into regulated workflows and are forcing a rethink of controls designed for human actors, including SOX, GDPR, PCI DSS, and HIPAA. Because agents act, adapt, and drift, controls that once relied on predictable human behavior can silently fail, collapsing segregation of duties and exposing sensitive data. CISOs should treat agents as non-human identities with least‑privilege access, strong credential management, continuous monitoring, and robust logging and change governance to keep regulated workflows auditable and defensible.

🛡️ Agentic AI is reshaping SOC operations by automating contextual triage and correlating telemetry across EDR, identity, email, cloud, SaaS, and network sources so analysts review machine-validated verdicts instead of raw alerts. The approach reduces missed threats and eliminates the need to sample low-fidelity signals. It also provides structured feedback for detection engineering and enables natural-language threat hunting that democratizes proactive investigations. Prophet Security emphasizes depth, accuracy, transparency, and seamless workflow integration to build analyst trust.

🤖 Many CISOs feel torn between moving quickly with AI and preventing new security risks. The article recommends breaking AI into categories by autonomy and potential impact to separate routine generative AI from higher-risk agentic systems. It stresses that data integrity is as important as data protection and proposes a tiered governance model: categorize use, apply baseline controls, assign review forums, and enforce unbreakable rules like kill switches. Practical measures such as acceptable-use policies, training, least-privilege and continuous monitoring are highlighted as table-stakes.

⚠️ Agentic AI systems introduce acute governance and security challenges because autonomous agents can plan, execute tools, and process sensitive data without human oversight. The OWASP Foundation's Top 10 catalog identifies threats such as goal hijack, tool misuse, privilege abuse, supply chain compromise, RCE, memory poisoning, insecure inter-agent communication, cascading failures, human-trust exploitation, and rogue agents, each with examples and mitigations. Kaspersky condenses those findings and emphasizes a layered, near-Zero Trust defense: least autonomy and privilege, short-lived credentials, human-in-the-loop for critical actions, execution isolation, intent gates, continuous logging, behavioral monitoring, supply chain controls, and targeted training.

🚀 Gemini for Government packages Google’s Gemini models, secure commercial cloud services, and agentic AI tools into a FedRAMP High-authorized platform for the public sector. It is positioned to accelerate adoption of AI agents across defense, health, transportation, and research by offering enterprise-grade compliance and scalability. Early adopters include the Department of War’s GenAI.mil rollout, the FDA, and the Department of Transportation, and Google is offering webinars and downloadable agent toolkits to help agencies start building and deploying solutions today.

🔐 AI agents are accelerating enterprise work but create new ownership and approval gaps for security teams. Unlike human users or traditional service accounts, agents often operate autonomously, persistently, and with delegated authority, which can expand access beyond any single user's permissions. The article separates agents into personal, third-party, and organizational categories and highlights that organizational agents carry the greatest systemic risk. It recommends treating agents as distinct identities with defined owners, mapping user→agent interactions, and continuously reviewing agent access.

🔒 Microsoft describes runtime protections that let organizations inspect and control AI agent behavior in real time by integrating Microsoft Defender with Copilot Studio. Webhook-based checks evaluate planned tool invocations, intent, context, and previous orchestration outputs before execution, enabling precise allow/block decisions without changing agent logic. The post demonstrates three attack scenarios—malicious invoice-triggered instructions, SharePoint prompt injection, and capability reconnaissance—and shows how runtime blocking, logging, and XDR alerts prevent data exposure.

🔍 Datadog LLM Observability now automatically instruments Google’s Agent Development Kit (ADK), giving teams instant visibility into multi-step agent workflows without code changes. The integration traces planner decisions, tool calls, token usage, latency, and branching on a single timeline to simplify debugging and cost analysis. Built-in and custom evaluators detect hallucinations, PII leaks, and prompt injections, while replay and experiment features let teams iterate on prompts, models, and parameters before deployment.

🤖 FortiSIEM 7.5 introduces agentic-AI incident management and data sovereignty options to help multinational SOCs balance centralized operations with localized data storage. The release debuts FortiAI-Assist agents — an investigation assistant and a companion assistant — to automate multi-step threat hunting, evidence enrichment, and response guidance. It also includes a free IT/OT Windows agent that requires no centralized management, enhanced federated search, pipeline enrichment, advanced agent templates, and Osquery support for Linux and Windows.

🛠 This episode of the Agent Factory podcast showcases Google’s new developer tools: Antigravity, an agent-first multi-window IDE, and Nano Banana Pro, the Gemini 3 Pro image model. Hosts Remik and Vlad demo building an agentic slide generator using the Agent Development Kit, Antigravity’s Agent Manager, and an MCP server, highlighting planning, testing, and high-fidelity image creation.

🛡️ Microsoft outlines why the rise of autonomous AI agents requires a new security posture. Microsoft Defender delivers AI Security Posture Management across multi-cloud environments to provide visibility, risk prioritization, and tailored remediation for agent-specific threats such as data-connected exposures, indirect prompt injection (XPIA), and compromised coordinator agents. The guidance emphasizes hardening, attack path analysis, and human-in-the-loop controls to reduce blast radius.

🚀 This post introduces Gemini 3 Flash, Google’s low-latency, cost-efficient model in the Gemini 3 family, optimized for advanced reasoning, multimodal understanding, and agentic workflows. It guides developers through obtaining an API key from Google AI Studio and configuring it for local use or environment-based invocation. The article demonstrates interactive prompt testing in the Playground, explains toggles like Structured outputs and Thinking level, and shows how to export language-specific sample code via the "Get code" feature to run with the Google GenAI SDK.