Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI agents are about to cross a threshold. For infrastructure and security leaders, agentic AI is no longer an innovation topic but a production readiness problem. What started as sandboxed applications and tech demos at trade shows (bet you’ve seen a few of those) has morphed into long-running autonomous actors operating directly in production cloud and on-prem infrastructure. They read data, write code, deploy services, access databases, and make decisions continuously across environments.

Engineering teams lose hours of their work week to access bottlenecks. Shared credentials, manual checkouts, and ticket-based privileged access management (PAM) tools are poorly equipped to keep up with the speed and complexity of today’s distributed engineering environments. These bottlenecks stand in the way of critical engineering work. This can ultimately introduce real security risks (but more on that later).

Static credential practices — where certificates, keys, and tokens persist for months or years and are manually rotated — create systemic risk in DevOps pipelines. Rotating these secrets is time-consuming and costly. In fact, organizations may spend dozens of hours and involve multiple teams to rotate a single credential. Manual rotation quickly becomes impractical across thousands of service accounts. In this post, you will learn.

2025 was a turning point for identity security. Many professionals realized that traditional human and machine-focused identity solutions just don’t work for AI. AI is non-deterministic like a human, yet it’s still software. This creates an entirely new identity category. Traditional IAM tools would treat AI identities as yet another separate type, creating new silos.

Learn how to secure AI and MCP infrastructure without writing authorization code, rewriting MCP servers, or limiting agent work with Teleport’s zero-code MCP integration. AI agents are becoming powerful participants in engineering workflows. But without meaningful authorization boundaries, they can quickly become an existential security risk. AI agents do not behave like traditional applications. Instead, they generate actions and chain together tools in unpredictable ways.

AI agents connect to APIs, execute code, move data, and make decisions with real permissions in live production environments — introducing a new class of security risks. To help organizations stay ahead, the OWASP GenAI Security Project released the OWASP Top 10 for Agentic Applications 2026. In this post, we’ll provide a summary of each agentic AI risk category defined by OWASP, along with actionable next steps to begin securing your agentic AI projects in 2026 and beyond.

A CI/CD pipeline deploying to production. A nightly database backup job. An AI agent performing maintenance tasks. New opportunities for engineering automation emerge every day. However, many of these workflows depend on stored secrets like hardcoded credentials, API keys, and long-lived tokens for privileged access.

We are reducing the number of supported major versions of Teleport from three to two. We are extending the support for each major version to 24 months. New major versions will come out once per year in August. The most recent major version of Teleport, referred to as the Current Version, is the only major version of Teleport that will receive new features. The previous major version, referred to as the Stable Version, will only receive bug fixes and security patches.

In Teleport 18, we’ve added official support to import Amazon EKS Audit Logs into Teleport Identity Security. This capability allows teams to have visibility into actions performed on Amazon EKS clusters when those actions were not executed via Teleport. Amazon EKS Audit Logs in Teleport Identity Security will be generally available in Teleport 18.3, coming November 2025. Your browser does not support the video tag.