The Agentic Era Just Got the Authentication Model It Needs
Workload identity federation has come to AI agents. The agentic identity era starts here. Using API Keys to access AI platforms was never going to survive the agentic era. Anthropic’s support for ...
Chain Reaction: How One Stolen Token Tore Through Five Ecosystems
Why Your Static Credentials Are a Ticking Time Bomb The TeamPCP campaign, one of the largest credential theft campaigns of 2026, began with a compromise in Trivy. A security tool trusted to ...
AI Agents Don’t Need Better Secrets. They Need Identity.
Last week, Wiz disclosed a major security exposure involving Moltbook, an AI agent social network. A misconfigured database exposed 1.5 million API keys, each one capable of fully impersonating an agent on ...
TruffleNet and Cloud Abuse at Scale: An Identity Architecture Failure
The recent TruffleNet campaign, first documented by Fortinet, highlights a familiar and uncomfortable truth for security leaders: some of the most damaging cloud attacks aren’t exploiting zero-day vulnerabilities. They’re exploiting identity models ...
Your AI Agents Aren’t Hidden. They’re Ungoverned. It’s time to Act
“Start by doing what’s necessary; then do what’s possible; and suddenly you are doing the impossible.” – St. Francis of Assisi In the 12th century, St. Francis wasn’t talking about digital systems, ...
AI Attack Automation Is Here. And It’s Coming for Your Credentials.
Anthropic’s recent report on “disrupting AI espionage” paints a clear picture of the next frontier in cybersecurity: attack automation. Attackers are now using large language models (LLMs) like Claude and connecting them ...
Defakto Security Named a 2025 Gartner® Cool Vendor™ in Identity-First Security
PALO ALTO, Calif. – November 13, 2025 —Defakto Security, the Non-Human Identity (NHI) security company formerly known as SPIRL, today announced it has been recognized as a Cool Vendor in Identity-First Security ...
AI, SPIFFE, and the Rise of Non-Human Identity: Takeaways from Workload Identity Day 0
At this year’s Workload Identity Day Zero at KubeCon, I had the opportunity to present on identity standards, share insights into the lessons Defakto learnt from large scale non-human identity deployments and ...
From Reaction to Resilience: Why Breaches Keep Repeating Themselves
Every week, a new breach headline reminds us of the same painful truth: attackers aren’t getting more creative, we’re just leaving the same doors wide open.The names change, but the pattern is ...
Defakto Secures $30.75 M Series B to Set a New Standard in Non-Human Identity Security
Led by XYZ Ventures, NHI platform positioned to secure every automated interaction across workloads, pipelines, AI agents, and multi-cloud environments PALO ALTO, CA – October 21, 2025 – Defakto, the Non-Human Identity ...
