Two searches are running hot in every enterprise security team right now. One is for prompt injection detection. The other is for a gateway that handles agent tool access through delegated identity. Both are reasonable instincts. Both aim at the wrong boundary. In the space of a month, Anthropic spelled ... Read More

On 04 May, an attacker drained roughly $175,000 in tokens from an AI-controlled crypto wallet using a tweet written in Morse code. The wallet belonged to Grok, xAI’s chatbot. Bankrbot, an automated finance agent connected to Grok through a tool-calling layer, executed the transfer. The attack required no smart-contract bug, ... Read More

Anthropic made the architectural case for MCP gateways at an AI Engineer conference recently. The talk was titled “Why Gateways Are All You Need”. It laid out exactly why enterprise MCP deployments stall and what the path forward looks like. Three specific takeaways were shared: invest in common infrastructure, treat ... Read More

This week, researchers from Johns Hopkins University published findings showing they could hijack AI agents from three of the world’s largest technology companies to steal API keys and credentials. The targets were not obscure tools. They were production-grade agents integrated with GitHub Actions from Anthropic, Google, and Microsoft. All three ... Read More

Anthropic published a detailed framework on 09 April outlining how to build trustworthy AI agents. The paper, Trustworthy Agents in Practice, is significant not just for what it recommends, but for what it admits. The model layer alone cannot secure agentic AI. For anyone working on agentic AI security, this ... Read More

Cybersecurity stocks dipped the day Anthropic released Mythos Preview. LinkedIn feeds filled with founders and security leaders sounding the alarm. The reaction was understandable. Every executive should assess what a model capable of finding thousands of zero-day vulnerabilities means for their business. That assessment should be precise, however. Mythos represents ... Read More

All technological disruptions of the past three decades have exhibited a similar trait wherein security took a backseat to innovation, and generative AI (GenAI) has been no exception. While enterprises and consumers are rushing to embrace this new disruptive technology, security is simply not top of mind for most of ... Read More

All technological disruptions of the past three decades have exhibited a similar trait wherein security took a backseat to innovation, and generative AI (GenAI) has been no exception. While enterprises and consumers are rushing to embrace this new disruptive technology, security is simply not top of mind for most of ... Read More

This article is the first in a series of six covering key API security topics and provides some answers to common questions we often get when talking to potential customers. This series will cover the following topics: API Discovery (this article) API Posture Management Attack Protection API Security Testing Attack ... Read More

Application Programming Interfaces (APIs) facilitate seamless communication and data exchange between various software components, forming the connective tissue between modern enterprise applications. With the increasing dependence on applications and APIs, robust security measures are essential. The extended Berkeley Packet Filter (eBPF) is a promising technology for API security and traffic ... Read More