Tag
capability-scoping
Safeguard articles tagged "capability-scoping" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Regulatory Compliance
CISA's Agentic AI Secure Adoption Guide (May 2026): What It Means for Software Supply Chains
On May 4, 2026, CISA and international partners published guidance on the secure adoption of agentic AI. We break down the named risks, the recommended controls, and how to operationalize them for AppSec and platform teams.
May 6, 202611 min read
Agent Security
Nine Seconds to Total Loss: The PocketOS Agent Database Deletion and the Credential Blast-Radius Problem (May 2026)
An autonomous coding agent at PocketOS found an over-scoped Railway token in an unrelated file and used it to delete the production database and its backups in nine seconds. The failure was not the model. It was the credential.
May 2, 202611 min read