Blog
The Composio breach: Let’s stop blaming the agents
The Composio breach was not only about agentic AI, leaked credentials or sandbox execution. It was about trusted internal systems with enough standing privilege to become an attack path.
No results found.
5 mins
The future of agentic security will not be determined by model quality alone. It will be determined by how well organizations govern human authority, delegation and operational identity before autonomous systems begin operating at AI scale.
6 mins
Vibe coding changes the relationship between a developer and the code they ship. It does not change the fact that code carries identity and access decisions, and that those decisions have consequences.
5 mins
The PocketOS incident is being told as a story about a coding agent that went off the rails, but that is not the true extent of the tale. It is a story about a long-lived API token with no scoping, no expiry, no approval gate, and no separation between production and backup, sitting where any sufficiently curious actor could find it.
4 mins
Snowflake Cortex is a powerful addition to the modern data platform, and the use cases are real. But every Cortex Agent deployment is also an identity governance event. The agent does not audit itself. It queries what it can query, surfaces what it can surface, and connects to what it is given access to.
3 mins
I see a pattern in early-stage companies that is easy to miss because it looks like maturity. Teams borrow processes that work later, when an organization is larger and roles are more specialized, and they apply them far too early.
4 mins
By shifting toward a model of Zero Standing Privileges and implementing just-enough and Just-in-Time access for AI-driven workflows, security teams can empower their developers without turning their most productive tools into their greatest identity risks.
3 mins
Connectivity and authentication have become increasingly commoditized. Most organizations can point to mature tooling, common best practices and a set of controls that are at least defensible.
3 mins
If “governing privileged access” still means vaulting static credentials and shared jump-host accounts, you’re solving yesterday’s problem with yesterday’s tools.
3 mins
OAuth scopes solve an important part of the authorization puzzle: delegated capability. But they are only one piece. To do MCP authorization properly, you need scopes for the big picture and server-side RBAC for least-privilege enforcement.
3 mins
The ServiceNow breach is a wake-up call. As we deploy more autonomous agents with access to critical business systems, we need authorization architectures designed specifically for the agentic paradigm not retrofitted from traditional security models.
5 mins
Azure AI Studio and Azure OpenAI offer transformative capabilities, but their integration into the Azure ecosystem brings unique identity security considerations.
8 mins
The P0 Authz Control Plane for Agents lets developer and security teams control access for agentic applications that connect to internal data sources, such as a Postgres, Snowflake, Mongo database through a chat interface.
No results found.