< ciso
brief />
Tag Banner

All news with #agentic ai tag

619 articles · page 18 of 31

Amazon Location adds LLM Context for agent tools and plugins

📍 Amazon Location Service now provides curated AI agent context delivered as a Kiro power, a Claude Code plugin, and an open Agent Skills-format agent skill. The context supplies pre-validated implementation patterns and step-by-step instructions for common location features such as address entry, map display, nearest-store lookup, routing, and geofencing. Developers can load it into tools like Kiro, Claude Code, and Cursor to improve code accuracy, accelerate feature implementation, and reduce iteration time when integrating Amazon Location APIs.
read more →

Scaling SOCs with Microsoft Defender Autonomous Defense

🛡️ The article outlines how organizations can scale security operations by combining Microsoft Defender XDR autonomous defense with Microsoft Security Experts services to reduce manual toil and accelerate containment. It argues agentic SOCs—driven by continuous signal correlation, automated decision making, and AI agents—are required to address alert overload and capacity constraints. Automated protection takes on routine investigation and response while expert-led hunting and managed detection handle escalations and continuously improve platform protections.
read more →

AI Speeds Attacker Breakouts to Minutes, ReliaQuest Finds

🔍 ReliaQuest's Annual Cyber‑Threat Report 2026 found attackers are using AI and automation to reduce average breakout time to 34 minutes (29% faster than 2024), with the fastest lateral movement recorded at four minutes and the quickest exfiltration at six minutes. The firm says 80% of ransomware groups used automation or AI last year. Defenders can respond faster using agentic AI, achieving average containment in four minutes versus 16 hours without automation, and should prioritise visibility, inventory management and stronger identity controls.
read more →

NIST AI Agent Standards Initiative Aims for US Leadership

🧭 NIST has launched the AI Agent Standards Initiative via the Center for AI Standards and Innovation (CAISI) to create a roadmap for developing interoperable, trustworthy autonomous AI agents. The effort will gather public input through an RFI (responses due March 9) and sector-specific listening sessions in April, and emphasizes industry-led standards, open-source work, and international engagement. Critics caution the process may be too slow to keep pace with agentic AI adoption and emerging threats.
read more →

Using AI to Turn the Tables on Malicious Agents and Defend

🤖 AI accelerates attackers' ability to craft targeted social engineering, but defenders can leverage the same capabilities to create decoy personas and AI-generated employees that attract malicious profiling tools. By planting social posts, CVs, emails, and messaging accounts for fictitious staff, teams can detect reconnaissance, update IP/URL blocklists, and treat any interaction with those accounts as hostile telemetry. This approach turns attacker tooling into a source of actionable threat intelligence and enables rapid blocking and investigation.
read more →

Ab Initio + Google Cloud: Data Fabric to Power Agentic AI

🔗 Ab Initio and Google Cloud announce integrations of data connectors, metadata connectors, and agent capabilities to help enterprises build agentic AI across hybrid environments. The integration federates distributed data into a unified layer and extends Dataplex with bi-directional metadata exchange, lineage, and active metadata. Together with BigQuery and Gemini, this enables explainable, auditable agents that operate on trustworthy, multi-cloud data.
read more →

Ab Initio and Google Cloud Enable Agentic AI Data Fabric

🔗 Google Cloud and Ab Initio announced an integrated suite of data and metadata connectors, agents, and governance capabilities to give Gemini and other AI models reliable access to enterprise data across hybrid environments. The partnership federates over 500 sources and supplies field-level lineage from 100+ extractors to populate Dataplex and BigQuery with AI-ready context. This unified metadata hub aims to support explainable, auditable agentic AI while preserving distributed data ownership and compliance.
read more →

Securing the Agentic Endpoint: New Protection Needed

🔒 Traditional endpoint defenses miss a growing class of non-binary software — browser extensions, code packages, IDE plugins, local servers, containers and model artifacts — that employees and developers install without centralized oversight. AI agents amplify that blind spot by acting with user credentials, autonomously discovering, invoking and installing components at machine speed. Palo Alto Networks says it intends to acquire Koi to deliver Agentic Endpoint Security, focused on visibility, continuous risk analysis and real-time policy enforcement to remediate risky behaviors.
read more →

Agentic AI Boom: A CISO's Worst-Case Security Risk

🛡️ Late 2025 marked a decisive shift from brittle RAG deployments to autonomous, goal-oriented agents across the enterprise. While architectures like self-RAG and CRAG improved reliability, they also expanded the attack surface to include every document, memory store and integrated tool. New threats — indirect prompt injection, memory poisoning and agentic DoS — can exfiltrate data or drain budgets, forcing defenders to secure the full perception-reason-action loop.
read more →

AI Agents 'Reputation Farming' Threatens Open Source

🤖 Socket warns that AI-driven agents are mass-submitting pull requests to open-source projects, a tactic it calls reputation farming. One agent, "Kai Gritun", opened more than 100 PRs across dozens of repositories and presented itself as a human contributor. While those contributions were non-malicious and passed review, Socket cautions that rapid trust-building could be weaponized for supply-chain attacks and overwhelm maintainers.
read more →

Infostealer Harvests OpenClaw AI Agent Configurations

🔓 Hudson Rock says an info‑stealer, likely a Vidar variant, exfiltrated an OpenClaw agent's configuration, including openclaw.json, device.json and soul.md. The files contain gateway tokens, cryptographic keys and the agent's operational 'soul,' which could let attackers impersonate the AI assistant or connect to local instances if exposed. The incident signals a shift from stealing credentials to harvesting AI agent identities, and vendors should expect targeted modules to follow.
read more →

Infostealer Observed Harvesting OpenClaw Agent Secrets

🔐 Hudson Rock has observed information-stealing malware exfiltrating configuration and memory files from the OpenClaw agent framework, exposing API tokens, private keys, and persistent agent memory. The activity, attributed to a Vidar-like infostealer and recorded on 13 February 2026, captured openclaw.json, device.json, and agent 'soul' and memory files. With these items an attacker could impersonate the device, bypass Safe Device checks, access encrypted logs, or fully compromise a user's digital identity. Organizations should audit agent directories, apply vendor fixes, and enforce strict filesystem permissions immediately.
read more →

Kiro Brings Agentic AI Development to AWS GovCloud (US)

🔒 Kiro is now available in AWS GovCloud (US-East) and AWS GovCloud (US-West), enabling agentic AI development for compliance-sensitive workloads. The platform combines an integrated development environment (IDE) and a command-line interface (CLI) to support spec-driven workflows that turn prompts into specs, working code, documentation, and tests. Native Model Context Protocol (MCP) support lets Kiro connect to documentation, databases, APIs, and other enterprise resources while integrating with AWS IAM Identity Center for enterprise authentication.
read more →

OpenClaw (Moltbot): Critical Enterprise AI Agent Risks

⚠️ OpenClaw (formerly Clawdbot/Moltbot) is an open-source local AI assistant that integrates with chat apps and can access calendars, email, browsers and the filesystem. Since its November 2025 debut and January 2026 viral spike, multiple critical vulnerabilities — notably CVE-2026-25253 — enabled token theft and arbitrary command execution. The project stores secrets in plaintext, exposes dangerous defaults, and hosts a marketplace where malicious skills have proliferated. Organizations face regulatory, operational, and insider-threat risks if employees run this software on personal or corporate devices.
read more →

Copilot Studio Agent Security: Top 10 Detectable Risks

🔒 The Microsoft Defender Security Research Team describes the top 10 misconfigurations that make Copilot Studio agents risky across enterprises. The post explains how small choices — broad sharing, weak authentication, raw HTTP calls, hard-coded secrets, orphaned agents, and unconstrained orchestration — create exploitable paths. It includes Advanced Hunting Community Queries to detect these issues and a short mitigation checklist to reduce exposure. The guidance stresses treating agents as production assets with lifecycle governance and least-privilege controls.
read more →

Shannon AI, VoidLink Threats, and Weekly Talos Brief

🔐 Shannon — a fully autonomous AI penetration testing tool from Keygraph — has raised warnings because it requires access to source code, repository layout, and AI API keys, creating substantial exposure risks. Organizations should evaluate scoping, data retention, and whether findings will be used to improve secure development practices or treated as a quick fix. Vendor responses vary, illustrated by recent detection-focused updates from Anthropic, underscoring the need for careful risk assessment before adopting agentic pentesting tools.
read more →

Microsoft at RSAC 2026: Securing the Agentic AI Era

🔒 Join Microsoft at RSAC 2026 (March 22–26) to learn how AI agents are reshaping both opportunity and risk and what defenders must do next. Microsoft previews its vision for Ambient and Autonomous Security and highlights solutions like Agent 365 that deliver observability and protection across the AI stack. Attend Microsoft Pre-Day keynotes, executive roundtables, booth demos, and hands-on experiences to get practical guidance, product demos, and partner insights.
read more →

How Pantone Used Azure Cosmos DB to Power Agentic AI

💡 Pantone built an agentic AI experience, the Palette Generator, to translate decades of color expertise into an interactive, chat-driven workflow. The system uses specialized agents for roles like a “chief color scientist” and relies on Azure Cosmos DB as the real-time persistence layer for chat history, prompts, and interaction telemetry. By moving toward vectorized embeddings and integrating with Microsoft Foundry and Azure AI services, Pantone improved semantic relevance and global scale. The architecture prioritized fast retrieval, conversational memory, and iterative learning.
read more →

Cloudflare launches Markdown for Agents to optimize AI

📝 Cloudflare has introduced Markdown for Agents, an edge feature that converts HTML to Markdown in real time when a client requests text/markdown via content negotiation. The service returns a markdown body, a content-type of text/markdown, and an x-markdown-tokens header estimating token count to help with chunking and context-window planning. Converted responses also include a Content-Signal header (ai-train=yes, search=yes, ai-input=yes) to indicate permitted downstream uses. The feature is available in Beta at no additional cost for Pro, Business, Enterprise and SSL for SaaS customers.
read more →

AI Skills Exposed: New Attack Surface for Enterprises

⚠️ TrendAI warns that so-called AI skills—executable artifacts that combine human-readable instructions, decision logic and operational constraints—are dangerously exposed to theft, sabotage and disruption. These skills power automation in tools such as Anthropic’s Agent Skills, OpenAI’s GPT Actions and Microsoft’s Copilot Plugin, and can surface proprietary data and business logic. If attackers obtain skill logic or operational data they could disrupt public services, manipulate manufacturing or steal sensitive records. TrendAI recommends integrity monitoring, strict access controls, separation of data and logic, least-privilege execution, adversary testing and continuous logging and auditing.
read more →