Blog

Claude didn’t go rogue. Permissions did.
The PocketOS incident is being told as a story about a coding agent that went off the rails, but that is not the true extent of the tale. It is a story about a long-lived API token with no scoping, no expiry, no approval gate, and no separation between production and backup, sitting where any sufficiently curious actor could find it.
No results found.

4 mins
A real-world guide for setting up federated identity using OpenID Conn...

3 mins
Transitive access via service accounts is a common security vulnerabil...

3 mins
Google announced that as of January 15, 2024, Policy Intelligence will...

3 mins
This blog post provides detailed instructions on investigating service...

2 mins
Afresh faced security and operational challenges with their IAM set up...

4 mins
P0's Kubernetes integration grants temporary access to sensitive resou...

4 mins
Granting temporary access in Google Cloud with conditional IAM improve...

4 mins
This blog post explores the concept of granting temporary access to an...

3 mins
P0 helps cloud security engineers control entitlements for their devel...

4 mins
P0 automates least-privilege access for customers by integrating with ...

4 mins
P0's integration with AWS allow security engineers to implement least ...

4 mins
P0's integration with Google Cloud projects allow security engineers t...
No results found.