agentic-ai
Safeguard articles tagged "agentic-ai" — guides, analysis, and best practices for software supply chain and application security.
39 articles
Claude Code and AI Coding Agent Security Basics
Anthropic Claude Code security rests on permission gating, sandboxed execution, and human approval for risky actions — the same fundamentals any AI coding agent needs before it's allowed to run commands or edit code unattended.
RSAC 2026's Five Most Dangerous Attack Techniques: Every One Now Runs on AI
For the first time in the history of the SANS keynote, all five of the most dangerous new attack techniques carry an AI dimension — from AI-generated zero-days to your vendor's vendor's vendor. Here's the honest breakdown, plus what defenders should actually do.
RSAC 2026: Agentic AI, Shadow Tools, and the Quiet Return to the Endpoint
Agentic AI dominated RSA Conference 2026, but the harder story was shadow AI agents running unseen inside enterprises and a renewed scramble to secure the endpoint they live on.
Agentic AI Security Took Over RSAC 2026, Even as 'The Power of Community' Was the Theme
RSAC 2026 sold itself on community for its 35th year, but the real story was an agentic-AI reckoning: autonomous agents that act, get phished, and now beat most humans at capture-the-flag. Here is what actually mattered.
Direct vs Indirect Prompt Injection
Direct and indirect prompt injection are different attack vectors with different blast radii. Real 2025 CVEs like EchoLeak show why the distinction matters.
State of Agentic AI Adoption Report Overview
Safeguard's State of Agentic AI Adoption Report finds 71% of enterprises now run agents with production access, outpacing identity, SBOM, and reachability controls.
Security implications of AI browser agents that click, br...
AI browser agents click, browse, and pay with your credentials -- and prompt injection attacks like EchoLeak and CometJacking prove they can be hijacked to do it.
Zero trust architecture patterns adapted for AI agent wor...
How zero trust AI agents, agent network segmentation, and continuous verification close the gaps that let one poisoned tool call turn an autonomous agent into a supply chain attack.
How tool poisoning attacks compromise MCP tool descriptions
A single poisoned tool description can turn a trusted MCP server into a silent data-exfiltration channel. Here's how these attacks work — and how to stop them.
Rogue AI Agents: When Autonomous Systems Act Outside Inte...
Autonomous AI agents are gaining real access to production systems — and real incidents, from deleted databases to fabricated refunds, show what happens when they act outside intended boundaries.
Agentic Unexpected Code Execution Vulnerabilities
How AI agents with code-execution tools get hijacked by prompt injection—from the Vanna.ai RCE (CVE-2024-5565) to LangChain and MCP—and what to do about it.
Agent Tool Misuse and Exploitation
Attackers don't need to hack AI agents — they just redirect their own tools. Here's how tool misuse works, real 2025 incidents, and how to stop it.