A practical security framework for senior engineers who already have agentic AI pipelines running in production and need to systematically evaluate their attack surface against prompt injection, tool misuse, and context poisoning.
Three CVEs in LangChain and LangGraph expose filesystem data, environment secrets, and conversation history across frameworks downloaded 84 million times last week. Patches are available. Here's what to do.
RSAC 2026 made one thing clear: the security industry has spent decades solving identity for humans. It is not ready for agents that act on their behalf.
When an AI agent takes a high-stakes action, can you prove a real human said yes? Hardware-attested identity flows may be the first credible answer -- but they come with real tradeoffs.
RSAC 2026 closed with every major cybersecurity vendor announcing agentic AI for the SOC. Here is what shipped, what is still on a roadmap, and what security teams need to evaluate now.
At RSAC 2026, every major security vendor shipped an AI product on the same day. That's not a coincidence. It's the security industry restructuring itself around a new reality: the things being protected are no longer humans, but autonomous agents.
Novee's new AI agent autonomously pen tests LLM-powered apps by chaining multi-step attacks. It's in beta with $51.5M in funding and real vulnerability research behind it, but no pricing yet.
CVE-2026-33017 gives attackers unauthenticated remote code execution on Langflow AI platforms with a single HTTP request. Exploitation began 20 hours after disclosure, no proof-of-concept needed.