Sort by:
Tracing Access from Human Intent to Tool Execution: Why Every AI Agent Tool Call Needs a Complete Delegation Chain Record
ConceptualMay 29, 2026

Tracing Access from Human Intent to Tool Execution: Why Every AI Agent Tool Call Needs a Complete Delegation Chain Record

Every AI agent tool call is the end of a chain — from human intent through agent reasoning to execution. Without a record of how authority traveled that chain, authorized and unauthorized look identical after the fact.

SK
Sundar KrishFounder and CEO
Observability for AI Agents Starts Inside the Enforcement Layer, Not Outside It
ConceptualMay 28, 2026

Observability for AI Agents Starts Inside the Enforcement Layer, Not Outside It

Standard monitoring tools capture what your agents did — not whether they were allowed to do it. Here's why security observability for AI agents must start inside the enforcement layer.

SK
Sundar KrishFounder and CEO
I Told the Orchestrator 'Do Not Modify.' 7 of 12 Sub-agents Never Heard It.
TechnicalMay 26, 2026

I Told the Orchestrator 'Do Not Modify.' 7 of 12 Sub-agents Never Heard It.

What 36 controlled runs of Claude Code's Agent primitive reveal about delegation: the user's no-modify constraint disappears at the sub-agent boundary 7 times in 12, and the sub-agent that doesn't hear it inherits 41 GitHub tools plus Bash, Edit, and Write.

SK
Sundar KrishFounder and CEO
MCP's Missing Authorization Layer: Why Tool Discovery and Access Control Are Not the Same Thing
ConceptualMay 13, 2026

MCP's Missing Authorization Layer: Why Tool Discovery and Access Control Are Not the Same Thing

MCP handles tool discovery — not what happens when an agent calls one. The authorization gap that OAuth doesn't close requires enforcement at execution time.

SK
Sundar KrishFounder and CEO
AI Agents Are Not Your Average Identity: Here's Why They Need Their Own System
ConceptualMay 7, 2026

AI Agents Are Not Your Average Identity: Here's Why They Need Their Own System

AI agents are not service accounts or bots. They're a third identity category: non-deterministic, autonomous, and built to chain tools at machine speed. Here's what that means for IAM.

SK
Sundar KrishFounder and CEO
Why AI Agent Access Control Must Happen at Execution Time, Not at Configuration Time
ConceptualMay 1, 2026

Why AI Agent Access Control Must Happen at Execution Time, Not at Configuration Time

Static permissions assigned to AI agents at configuration time leave gaps at every tool call. This article explains why runtime access control with scoped, ephemeral credentials is essential for AI agents.

SK
Sundar KrishFounder and CEO
I Gave My LangChain Agent Three Tools. All Three Had Access to Every Secret in the Process.
TechnicalApril 30, 2026

I Gave My LangChain Agent Three Tools. All Three Had Access to Every Secret in the Process.

A real LangChain setup showed how Slack, SQL, and web search tools can all access the same shared secrets when there is no runtime isolation.

SK
Sundar KrishFounder and CEO
How a Tool Description Poisoning Attack Sent My Agent Out of Scope
TechnicalApril 29, 2026

How a Tool Description Poisoning Attack Sent My Agent Out of Scope

How one poisoned tool description pushed an agent out of scope and into AWS

SK
Sundar KrishFounder and CEO
Why Traditional IAM Fails When an AI Agent Calls a Tool
ConceptualApril 20, 2026

Why Traditional IAM Fails When an AI Agent Calls a Tool

AI agents violate every assumption traditional IAM was built on. This article examines four specific failures at the tool-call layer — and what runtime enforcement needs to look like when agents act at machine speed.

SK
Sundar KrishFounder and CEO
GitHub MCP Gave My Agent 41 Tools. A 3-Word Prompt Made It Use the Wrong Ones.
TechnicalApril 15, 2026

GitHub MCP Gave My Agent 41 Tools. A 3-Word Prompt Made It Use the Wrong Ones.

How vague prompts turn read-only tasks into write attempts — and why static token scoping isn't enough to stop it.

SK
Sundar KrishFounder and CEO
My Agent Finished Its Job, Then Started another one out-of-scope
TechnicalApril 9, 2026

My Agent Finished Its Job, Then Started another one out-of-scope

How a simple monitoring task drifted into AWS infrastructure

SK
Sundar KrishFounder and CEO