Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI Workload Baseline and Drift Detection: Defining "Normal" Agent Behavior

Security teams deploying AI agents into Kubernetes know they need behavioral baselines. The concept is straightforward: define what “normal” looks like for each agent, then detect when behavior drifts in ways that suggest compromise. The problem is that AI agents are designed to change. A model update alters inference latency. A prompt revision shifts tool-calling sequences. A new MCP integration adds API destinations nobody flagged during the last security review.

How to Triage an AI Agent Execution Graph: A Three-Tier Decision Framework for Security Teams

A platform security engineer gets an alert at 2:14 a.m. One of the LangChain agents running in their production Kubernetes cluster has produced an execution graph with eleven nodes, seven tool calls, and an egress edge to a domain that is not in the agent’s approved integration list. The chain is fully rendered in their console. Every signal is there.

The CISO's AI Agent Production Approval Checklist: 7 Gates to Clear Before Go-Live

Your engineering lead is in your office Thursday morning. They want to push an AI agent to production next Tuesday. It’s a LangChain-based workflow agent, connected through MCP to three internal tools and one external API, with access to a customer database. The framework posters are on the wall. Your team has spent two quarters standing up runtime observability. And sitting in that chair, you still don’t know whether to say yes.

A Critical Look at OpenClaw and NemoClaw

Surprise, surprise, agentic AI is advancing very quickly, and security isn’t quite keeping up. While most attention in recent times has focused on improving model capability, we’ve often been left wondering how to actually make these systems safe enough to trust with real-world tasks and limited interaction. This challenge has become particularly evident with the rise of platforms like OpenClaw, where autonomous agents can execute multi-step actions with minimal human oversight.

Why You Can't Defend Against Prompt Injection

Prompt injection works because language models struggle to tell the difference between trusted instructions and untrusted user content. Unlike SQL injection or cross site scripting, there is no clean deterministic defence, which leaves code, libraries and AI workflows open to manipulation at multiple points.

AI in the SOC with Joshua Neil

Join us for this week's Defender Fridays as we explore AI in the SOC with Josh Neil, Co-founder of Alpha Level. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

Evil Token: AI-Enabled Device Code Phishing Campaign

On April 6, 2026, Microsoft Defender Security Research published an advisory detailing a large-scale phishing campaign that leverages the OAuth Device Code Authentication flow to compromise Microsoft 365 accounts across organizations globally. This campaign represents a significant evolution from manual social engineering to fully automated, AI-driven attack infrastructure.

Episode 12 - The Agentic SOC: Upleveling Analysts with AI Knowledge Multipliers

Richard Bejtlich sits down with Stan Kiefer, Corelight’s Senior Manager for Data Science, to discuss how AI serves as a vital "abstraction layer" and "knowledge multiplier" for security analysts. Stan explains that while AI can synthesize complex information, it remains untrustworthy without high-fidelity network data at its center to provide verifiable evidence. The episode explores the shift toward an "agentic ecosystem" and a tiered architecture where a central orchestrator manages specialized sub-agents to accelerate detection and investigation.