Security Domains Digest

AI agents finding zero-days; supply-chain worms/shadow AI. New: Aegis MCP sidecar (ZT cryptographic token scoping, rogue swarm tests); IR-OS AI-native CIRM platform (MCP/Claude integration, 15-min plan gen); Versa ZT MCP, Auth0 4-pillar, 1Password Codex MCP injection, SPIFFE agent ID. Academic proposals for AI-driven ZT governance frameworks for autonomous systems emerging. Also: AI agent lifecycle crisis (orphaned agents, proactive lifecycle engineering); microsegmentation for AI lateral movement (NIST 800-160 cyber resilience). Latest: Zscaler acquires Symmetry Systems for access graph-based agent identity and real-time policy enforcement; Quantum-Resistant Cryptography for AI blueprint addresses MCP quantum threats. New: ARMO article highlights enforcement gap and Enforceability Ladder for runtime verification. New: Researchers argue for shift from model-level to system-level security with ADR framework; self-running agents creating biggest security crisis of 2026 (orphaned agents, credential abuse, lateral movement). New: Practical guide on securing AI agents for operations covers risk areas (wrong action at scale, approval bypass, fraud acceleration) and implementation path (map workflow, rank by risk, human review for exceptions). New: Proofpoint extends DLP/insider risk controls into Claude via Compliance API — concrete enforcement signal. New: AI agents need identity controls article reinforces OAuth/OIDC/MCP path for agent identity, governance gap, continuous verification. New: Identity security interview (Eric Woodruff) highlights non-human identity undervaluation, phishing-resistant adoption stalled by fear of user pushback. New: Tor co-inventor David Goldschlag interview on NHI neglect — vibe coders worsening the problem, three agent types (stateless, stateful, autonomous), blended identity and ephemeral credentials as solution. New: Article reinforcing zero trust for agentic AI with behavioral identity and AI gateways; new architectural patterns for zero-trust AI agents (confused deputy, sandboxing, RAG ACLs, HITL, dual-LLM defense, and observability). New: Ping Identity redefines identity control plane for agentic enterprise — headless interfaces (CLI/MCP), lifecycle governance, secretless desktop agent access — concrete product signal for NHI/agent identity. New: ClawPatrol open-source agent firewall from Deno — credential injection prevention, action control, observability, human-in-the-loop, LLM-as-judge — concrete implementation of enforceability concept. New: Xage expands Zero Trust for AI platform with Agent Sentry and Resource Gateway — jailbreak-proof enforcement at network/OS level, shadow AI detection, behavioral baselining. New: Darktrace 2026 survey: 92% concern over AI agents, only 37% have formal AI policy — reinforces agent identity and governance gap. New: Resolve AI launches always-on agents for incident response, evidence-first, policy-bound execution — concrete signal for agentic IR.