Blog

Radware launched the industry’s first agentic security posture management solution on February 3, 2026, weeks after discovering the ZombieAgent zero-click vulnerability. The product monitors AI agents at runtime using behavioral analysis, maps multi-agent risk paths, and integrates with Microsoft Copilot, AWS Bedrock, and custom-built agents. This post breaks down the four pillars, what the product actually does, and where it fits in the emerging AI agent security market.

BodySnatcher (CVE-2025-12420, CVSS 9.3) chained a hardcoded platform secret with email-based auto-linking to let attackers impersonate any ServiceNow user, including admins, and issue natural language commands to AI agents. With 85% of Fortune 500 companies running ServiceNow, this was the most severe agentic AI vulnerability disclosed to date. Here is exactly how the attack chain worked and what it means for securing AI agents in enterprise SaaS.

The International AI Safety Report 2026 documented that AI agent capabilities are outpacing safety frameworks. In response, DFKI CEO Antonio Krüger called for a dedicated German AI Safety Institute to advise the federal government. Germany and Italy are the only major AI nations without one. This post covers what a German AI Safety Institute would do, why the DLR research institute is not enough, and how it connects to KI-MIG and BSI efforts.

AI was supposed to make recruiting faster and cheaper. Robert Half’s March 2026 survey of 2,000 hiring managers shows the opposite: 67% say AI-generated applications have slowed hiring, 84% report heavier workloads, and average cost-per-hire has climbed to $4,800. This post quantifies the real cost of the AI recruiting arms race for both employers and candidates, and identifies the three changes that actually reduce spending.

Thirty-eight researchers from Harvard, MIT, Stanford, CMU, and Northeastern gave six AI agents real email accounts, shell execution, Discord access, and 20GB of file storage. Over two weeks, the agents leaked secrets, destroyed their own email servers, obeyed imposters, and propagated unsafe behavior to each other. None of it required adversarial prompting. These failures emerged from normal operation.

The next breach at your company probably won’t come from a phished employee or a stolen laptop. It will come from an AI agent you deployed yourself. That is the core warning from Palo Alto Networks Chief Security Intelligence Officer Wendi Whitmore, who named AI agents the single biggest insider threat of 2026. Not a theoretical risk. Not a future concern. The threat vector that CISOs should be losing sleep over right now. ...

Snyk open-sourced agent-scan, a CLI tool that auto-discovers agent configurations and scans MCP servers and agent skills for 15+ risk categories including tool poisoning, prompt injection, and credential theft. Backed by the Invariant Labs acquisition and the ToxicSkills report that found security flaws in 36.8% of skills, agent-scan is the first dedicated security scanner for AI agent supply chains.

Anthropic launched Claude Computer Use on March 24, 2026. You text Claude a task from your iPhone, and it completes the work on your Mac by controlling the screen, mouse, and keyboard. Here is how the three-tier priority system works, what Dispatch adds, and why security researchers are already raising flags.

The EDPB launched its 2026 Coordinated Enforcement Framework targeting transparency obligations under GDPR Articles 12-14. 25 DPAs across Europe are actively contacting controllers to assess how they inform users about personal data processing. For companies running AI agents, this creates an immediate compliance gap: most agent systems process data in ways that no existing privacy notice describes. This post covers what the enforcement action targets, where AI agent operators are most exposed, and the specific fixes needed to survive a transparency audit.

HPE’s finance team spent every week building a 100-slide PowerPoint for a 90-minute Monday review. CFO Marie Myers and Deloitte built Alfred, an agentic AI running on HPE Private Cloud AI, that cut reporting cycle time 40%, slashed processing costs 25%, and removed 90% of manual prep. Here is what actually happened, how they built it, and what other CFOs can learn.