Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The question enterprises are asking is no longer whether to deploy AI agents. It is how to do it without creating security risk they cannot control. In December 2025, Amazon’s own AI coding tool Kiro triggered a 13-hour AWS outage after autonomously deciding to delete and recreate a production environment.

Permission creep rarely looks dangerous at first. It starts as a temporary fix, such as granting an admin role to unblock a deployment. Over time, those temporary decisions become permanent standing permissions. The result is an AWS estate littered with high-privilege roles that sit idle for months, expanding your attack surface without anyone actively noticing. It takes organizations an average of 277 days to identify and contain a breach.

For many organizations, Grafana is a central operational system. Engineers use it to investigate issues, analyze logs, review infrastructure metrics, and query production-connected databases. But while dashboards are visible, the real sensitivity lies in the underlying data sources Grafana connects to. These data sources often include systems such as logs stored in Elasticsearch or OpenSearch, SQL databases like PostgreSQL or MySQL, and Amazon CloudWatch metrics.

Earlier this year, AWS experienced a 13-hour outage that was reportedly linked to one of its own internal AI coding tools. Apparently, their Kiro agentic coding tool thought that there was an issue with the code in the environment, and that the best way to fix it was to simply burn it to the ground.

In 2026, threat intelligence isn’t just about tracking malware families or IP reputation. It’s about catching the earliest signals of identity abuse: stolen credentials, suspicious logins, token misuse, and privilege escalation attempts that move fast through cloud and SaaS environments. Credential abuse remains a key initial access vector, accounting for 70% of breaches. In response, modern threat intelligence tools are prioritizing identity signals.

This week, we released our 2026 State of Agentic AI Risk Report, a global survey of 250 senior cybersecurity leaders examining how enterprises are approaching agentic AI as it moves closer to production. The findings point to a clear reality. While AI agents are advancing quickly, security leaders are deliberately slowing adoption. In fact, 98% of respondents say security and data concerns have already slowed deployments, added scrutiny, or reduced the scope of agentic AI initiatives.

A handful of services quietly redeploy. No one directly manages the traditional network perimeter. But somewhere along the way, an API key ends up in the wrong place. The reality of modern cloud security is that new identities are created fast, and permissions are granted broadly to keep things moving. Over time, these permissions collect unused rights and drift away from least privilege.

Today, we’re excited to announce that Apono Assistant is now available in Slack. Apono Assistant is Apono’s AI-powered access assistant, built to help engineers request the right Just-in-Time access using natural language — especially in the moments where access forms fall short and users aren’t sure what to request. Now, that same AI experience is available directly in Slack, so engineers can get the access they need without leaving the tools they already rely on every day.

Report finds growing tension between AI acceleration goals and security readiness as autonomous systems move toward production NEW YORK — February 2026 — Apono, the cloud-native Privilege Access Management platform securing human and agent identities, today released The 2026 State of Agentic AI Cyber Risk Report, a global study examining how enterprises are approaching agentic AI adoption amid rising security concerns.

Picture this: it’s 2am, your pager goes off, and you’re staring at a production database that’s on fire. You know exactly what’s wrong. You know exactly how to fix it. But you can’t touch anything because you’re waiting on someone to approve your access request. Meanwhile, your customers are down, your SLAs are bleeding out, and you’re refreshing Slack, and every minute you spend waiting is another minute of damage you could’ve prevented.