Cloud Security Office Hours Banner

Friday, June 5, 2026 - Meeting Recap

AI's impact on cybersecurity, Microsoft Red Sun zero-day, HSBC password controversy

- Anthropic's agentic-security paper and the Ironworm eBPF rootkit

Quick recap. The group worked through Anthropic's white paper on securing AI agents and applying zero-trust principles to non-deterministic agents, debating whether it offered practical guidance or mostly framing. Tyler summarized the paper's tiered identity and access-control model while others argued it lacked concrete implementation detail. The session also covered Google's threat-intelligence layoffs, the shaky financial footing of AI companies, and a new supply-chain threat: the Ironworm eBPF rootkit.

2026-06AISupply ChainGovernanceIndustry News
Show 3 discussion topics

Zero trust for AI agents

Tyler presented Anthropic's white paper on agentic security, which frames non-determinism as a core risk and proposes tiered identity and access-control frameworks for agents. The group debated its practicality: Stryker and Matt felt it read more like positioning than prescriptive guidance, lacking concrete implementation detail and cryptographic controls, and questioned whether autonomous agents can be made reliably secure at organizational scale at all.

AI provider responsibility and market dynamics

Discussion widened to who owns agent security - the model provider or the infrastructure provider - and to the state of enterprise AI adoption. Participants were skeptical of AI-company financials, drawing comparisons to prior bubbles and questioning IPO and debt sustainability, with Jay predicting a possible market correction within 18 months. Google's layoffs affecting its threat-intelligence team came up as a worrying signal.

Ironworm: eBPF rootkit and supply-chain evolution

Matt flagged the Ironworm eBPF rootkit as an evolution in attacker tradecraft: it uses backdated commits and AI tooling to mask malicious activity, moving well beyond simple credential theft. The group tied this to the broader difficulty of trusting open-source dependencies and build provenance.

↑ All meeting recaps