Zero Trust

Executive summary Enterprises are racing to adopt AI coding agents like Claude Code to accelerate development, improve code quality, and automate maintenance tasks. But running these agents directly on developer laptops or shared workstations quietly reshapes your threat model. You are no longer hardening a human with tools; you are giving a semi-autonomous process broad, continuous access to endpoints, credentials, and networks at machine speed. On a typical enterprise laptop, an AI coding agent can execute shell commands, install packages, run arbitrary code, talk to your host Docker daemon, touch production-like data, and probe every file and credential within reach. Even if the model is benign and your vendor is trustworthy, this is still an avoidable expansion of attack surface. Misconfiguration, prompt injection, compromised dependencies, or simple agent mistakes can all turn that power into damage. ...

Introduction AI agent skills promised to revolutionize productivity—plug-and-play instructions that let your agents book meetings, query databases, or access 1Password vaults. These modular capabilities, distributed through marketplaces like ClawHub and OpenClaw, offer the same convenience that npm and PyPI brought to software development. Organizations rushed to adopt these skills, integrating them into workflows with minimal vetting, trusting the marketplace ecosystem to ensure quality and security. But research reveals a darker reality: 36% of skills in these marketplaces contain vulnerabilities, and hundreds harbor active malicious payloads. Unlike traditional software supply chain attacks that target static packages, agent skills operate dynamically at runtime, executing natural language instructions that evade conventional security tools. This new attack vector combines the weaponization potential of software supply chain compromises with the unique exploitability of AI systems, creating a threat landscape that defenders are only beginning to understand. ...

Building Workforce Security Guardrails Without Slowing Engineers When workforce security depends on humans saying yes or no to every access request, it doesn’t scale — it collapses. Approval queues balloon, context gets lost, and engineers either wait or work around controls. The result is the same: more risk, not less. This post is a practical, architecture-focused look at how to design guardrails instead of gates — so security becomes part of the system, not a bottleneck. ...

In February 2024, the U.S. healthcare system was rocked by a cyberattack of unprecedented scale. Change Healthcare, a subsidiary of UnitedHealth Group that processes nearly 40% of all U.S. medical claims, was brought to its knees by ransomware. The fallout was catastrophic, disrupting prescriptions, billing, and patient care nationwide. The root cause wasn’t a sophisticated zero-day exploit, but a shocking failure of basic security hygiene: a critical remote-access system lacked multi-factor authentication (MFA). ...

The traditional castle-and-moat approach to network security is failing. For decades, organizations relied on a strong perimeter to keep attackers out, but in an era of cloud computing, remote work, and sophisticated threats, this model is no longer sufficient. Once an attacker breaches the perimeter, they often have free rein to move laterally and access sensitive data. This is where the Zero Trust model comes in—a security framework built on the principle of “never trust, always verify.” ...