All news with #agentic ai tag

⚠ The SANS Institute warns that rapid adoption of agentic AI is outpacing security controls, driving a 76% rise in non-human identities (NHIs) such as service accounts, API keys and automation bots. Based on interviews with more than 500 security professionals for the 2026 State of Identity Threats & Defenses Survey, SANS identified widespread credential hygiene failings and a surge in agent-linked NHIs that can double or triple in number. The report highlights that many organizations do not rotate machine credentials on a 90-day cycle and lack coordinated AI governance, and recommends secrets vaults, automated rotation and scoped least-privilege access to mitigate risk.

🖱️ Amazon announced that Bedrock AgentCore Browser now supports OS-level interaction capabilities to automate browser workflows beyond the Chrome DevTools Protocol (CDP). The update adds mouse and keyboard operations, full desktop screenshots, and handling for native system dialogs and print flows. It targets AI agent developers, test automation engineers, and teams building LLM-powered web interaction tools. The feature is enabled by default across all AgentCore Browser instances in the 14 supported AWS Regions.

🔒 Agentic AI is accelerating vulnerability discovery and shrinking the window between unknown flaws and active exploitation. A zero-day is dangerous because it exists in a defensive vacuum with no vendor patch and no established playbook, forcing emergency responses. Automated agents can probe, adapt and iterate continuously, so periodic assurance measures like quarterly scans and annual penetration tests are no longer sufficient as the primary resilience strategy. Organizations should emphasize data minimization, strict API discipline, least-privilege controls and micro-segmentation while embedding security into day-to-day IT operations and aligning CIO and CISO responsibilities.

🛡️ Microsoft has released the open-source Agent Governance Toolkit to monitor and control AI agents during runtime as organizations move them into production. The toolkit enforces policies aligned with OWASP top risks for agentic systems, such as prompt injection, identity abuse, and tool misuse, while improving visibility across multi-step workflows. It ships as multi-language components and integrates with existing frameworks like LangChain without requiring agent rewrites. The project is in public preview under an MIT license.

🤖 Traditional tabletop exercises build shared understanding, clarify escalation paths and satisfy compliance, but they often test knowledge of a plan rather than the ability to execute it. The authors—experienced facilitators—note scripted injects and calls to “suspend disbelief” reveal a gap between documentation and operational reality. AI agentic capabilities can simulate adaptive adversaries and reactive stakeholders, turning static scenarios into dynamic, consequence-driven drills. Even so, skilled facilitators and a judgment-focused post-mortem remain essential.

⚠️ Attackers are increasingly abusing enterprise AI services—poisoning connectors, impersonating Model Context Protocol (MCP) servers, and using platforms as covert C2 channels—to exfiltrate sensitive data and hide malicious traffic. Notable incidents include a counterfeit MCP package siphoning transactional emails, the SesameOp backdoor tunneling commands through the OpenAI Assistants API, and command-injection flaws in Microsoft Copilot and OpenClaw that enabled agent hijacking. Threat actors also automate espionage with Claude Code and assemble modular black‑hat stacks like Xanthorox and Hexstrike. Security teams should treat AI assistants like privileged users, enforce governance, and harden supply-chain and connector integrity.

🔧Envoy is presented as a production-ready data plane for agentic AI networking, arguing that networks must parse protocol payloads and enforce governance centrally rather than acting as blind transports. The post explains how Envoy deframes MCP, A2A, and OpenAI-style traffic to expose protocol attributes to filters and reuse HTTP extensions such as RBAC, ext_authz, and tracing. It also covers per-request buffer controls, session management for streamable transports, AgentCard-based discovery, and integration with control planes for policy rollout.

🔒AWS outlines four security principles for agentic AI in its NIST CAISI response, arguing existing security frameworks should be extended rather than replaced. It emphasizes secure development lifecycles for both traditional and AI components, continued use of standard controls, and deterministic, infrastructure-level enforcement outside the agent's reasoning ('security box'). AWS applies these through Amazon Bedrock AgentCore, which provides compute isolation, identity and access controls, centralized tool gateways, observability, and secure model execution.

🚀 GKE Inference Gateway enables teams to run both real-time and asynchronous AI inference on a single shared pool of accelerators (GPUs/TPUs). It applies latency-aware scheduling using runtime signals such as KV cache utilization to prioritize deterministic, low-latency requests while treating queued batch work as 'filler' via an Async Processor Agent integrated with Cloud Pub/Sub. The open-source stack reduces idle capacity, consolidates software stacks, and preserves strict priority and retry controls for reliable delivery.

🔍 Amazon OpenSearch Service now includes agentic AI capabilities that let engineering and support teams analyze log data through a conversational interface. The features simplify log querying, generate and refine Piped Processing Language (PPL) queries in Discover, and surface visualization insights. An investigation agent can autonomously plan and execute root cause analysis and return ranked hypotheses with transparent reasoning. Agent memory preserves context across pages and sessions to maintain conversational continuity.

🚀 Amazon expanded S3 Vectors into 17 additional AWS Regions — now available in 31 Regions worldwide. S3 Vectors is the first cloud object storage with native vector support, built for AI agents, inference, Retrieval-Augmented Generation (RAG), and semantic search at billion-vector scale. It supports up to two billion vectors per index, elastic scaling to 10,000 vector indexes per bucket, low-latency queries (frequent queries as fast as 100 ms; infrequent under one second), and native integration with Amazon Bedrock Knowledge Bases to help reduce RAG costs.

🚀 Google Cloud Spanner’s interoperable multi-model capabilities are being adopted by customers to run relational, graph, vector, and full-text workloads together at global scale. Real-world examples across fraud detection, recommendation engines, hybrid search, and autonomous network operations show consolidation of database sprawl, elimination of ETL, and improved real-time analytics. Customers such as DANA, Palo Alto Networks, Target and Inspira highlight Spanner’s global consistency, native graph and vector search, and high availability as enablers of simpler, future-proof architectures.

🔍Spanner positions itself as a unified, globally consistent database designed for agentic AI by combining relational, key-value, graph, vector and full-text search capabilities in one platform. The post argues this interoperable multi-model approach reduces data silos, removes brittle synchronization logic, and improves governance, availability, and development velocity. Google highlights features such as GQL graph support, a Cassandra native endpoint for lift-and-shift, and ScaNN-based ANN vector search. The customer example of MakeMyTrip illustrates significant operational simplification and faster AI feature delivery.

🎯 Amazon Bedrock AgentCore Evaluations is now generally available to deliver automated, continuous and on-demand quality assessment for AI agents. The feature provides online evaluation to sample and score live production traces and on-demand evaluation for programmatic tests in CI/CD pipelines and interactive workflows. It includes 13 built-in evaluators covering response quality, safety, task completion and tool usage, plus Ground Truth and customizable LLM- or code-based evaluators.

🔒 Microsoft and Armada are integrating Azure Local and Foundry Local into Armada’s Galleon modular datacenters to provide a customer-controlled cloud for intermittently connected, contested, or fully disconnected environments. The validated reference architecture supports Azure Local control plane and managed clusters with multi-rack scalability, flexible hyperconverged or SAN-backed storage, and resilient multi-network connectivity including satellite, LTE/5G, RF, and SD-WAN. Designed for defense, public safety, energy, and other regulated sectors, the solution preserves Azure’s cloud operating model while enabling local AI inference and analytics to meet sovereignty, latency, and regulatory requirements.

🛡️ AI agents are shifting enterprise automation from passive assistants to autonomous actors, creating new security challenges centered on access, autonomy, and identity governance. The article groups agents into three types—agentic chatbots, local agents, and production agents—and outlines how each carries distinct operational capabilities and risk profiles. For CISOs, the immediate priority is discovering and governing agent identities, limiting over-permissioned access, and aligning permissions with an agent’s intended purpose.

🔒 The weaponization of AI is compressing the attack lifecycle and outpacing traditional defenses. Platforms like PlexTrac consolidate cloud misconfigurations, identity risks, application flaws, and pentest findings into a unified, dynamic view of exposure. Combined with Agentic AI for continuous threat assessment and automated remediation, organizations can prioritize actionable risk, orchestrate fixes, and validate controls at machine speed.

🤖 Dev Signal is a multi-agent system designed to turn raw community signals into reliable technical guidance by automating the path from trend discovery to expert content creation. It relies on the Model Context Protocol (MCP) to standardize integrations with Reddit, Google Cloud Docs, and a custom Nano Banana Pro MCP server, all coordinated by a Root Orchestrator that manages three specialist agents. A dual-layer memory model uses Vertex AI for long-term embeddings while the Session Service preserves short-term state, with automated callbacks and tools (save_session_to_memory_callback, PreloadMemoryTool, LoadMemoryTool) to persist and fetch user preferences and stylistic signals.

🔐 This post summarizes the OWASP Top 10 for Agentic Applications (2026) and explains how Microsoft applies practical mitigations using Copilot Studio and Agent 365. It highlights that agentic systems merge application, identity, and data risk and can act autonomously across workflows, amplifying the consequences of failures. The article lists ten failure modes — including goal hijack, tool misuse, identity abuse, memory poisoning, and rogue agents — and outlines development and operational controls such as containment, scoped permissions, observability, and lifecycle governance to reduce exploitation and cascading impact.

🔒 APIs are increasingly the enterprise perimeter, and recent breaches show traditional protections often miss API-layer abuse. Security teams report attacks that exploit business logic or use stolen credentials, which EDR and WAF tools can treat as legitimate traffic. CISOs are adopting API governance, centralized inventories, identity-aware access controls, and API gateways integrated into CI/CD to enforce least-privilege and reduce misconfiguration risk. As agentic AI and automated agents proliferate, stronger token handling, credential rotation, and real-time behavioral monitoring are becoming essential.