Blog

Insights from the frontier of agentic security.

Explore the latest thinking on autonomous AI agents, threat detection, and building security systems that protect at machine speed.

Authorization Bypass in Spring Security 7: XML <intercept-url> Drops servlet-path When Building Path Matchers

Authorization Bypass in Spring Security 7: XML <intercept-url> Drops servlet-path When Building Path Matchers

Read more
Why Current Evidence Matters in Incident Response

Why Current Evidence Matters in Incident Response

Read more
When the Security Tool Becomes the Attack Path

When the Security Tool Becomes the Attack Path

Read more
When a Git helper inside automation becomes a remote-execution path

When a Git helper inside automation becomes a remote-execution path

Read more
One Security OS, Now Plugged Into EDR and MDM: Cantina Partners with CrowdStrike and Swif.

One Security OS, Now Plugged Into EDR and MDM: Cantina Partners with CrowdStrike and Swif.

Read more
Healthtech AI Security: What to Control Before You Ship

Healthtech AI Security: What to Control Before You Ship

Read more
Your Security Stack Doubled. Coverage Stayed Flat.

Your Security Stack Doubled. Coverage Stayed Flat.

Read more
Your Annual SOC 2 Audit Proves Nothing About Your Security Today

Your Annual SOC 2 Audit Proves Nothing About Your Security Today

Read more
13 Years of RCE in Apache ActiveMQ: What CVE-2026-34197 Reveals About Your Blind Spots

13 Years of RCE in Apache ActiveMQ: What CVE-2026-34197 Reveals About Your Blind Spots

Read more
Can Your Security Platform Show Who the Agent Was Acting On Behalf Of?

Can Your Security Platform Show Who the Agent Was Acting On Behalf Of?

Read more
Bitwarden’s npm Incident Was a Publish-Path Compromise

Bitwarden’s npm Incident Was a Publish-Path Compromise

Read more
When Checkpoints Turn Into Code Execution: How Apex Would Unwind LangGraph's Deserialization Trap

When Checkpoints Turn Into Code Execution: How Apex Would Unwind LangGraph's Deserialization Trap

Read more
Healthtech Integration Risk: Where PHI Exposure Becomes Operational Risk

Healthtech Integration Risk: Where PHI Exposure Becomes Operational Risk

Read more
How Production Context Changes Which Security Alerts Matter First

How Production Context Changes Which Security Alerts Matter First

Read more
How Auto-Approve Changes the Control Boundary for Coding Agents

How Auto-Approve Changes the Control Boundary for Coding Agents

Read more
Cantina Threat Advisory: How Anthropic’s MCP stdio Model Turns Configuration into Code Execution

Cantina Threat Advisory: How Anthropic’s MCP stdio Model Turns Configuration into Code Execution

Read more
How to Catch Secret Leaks in AI Coding Workflows Before Commit

How to Catch Secret Leaks in AI Coding Workflows Before Commit

Read more
Vercel’s April 2026 Incident Was an OAuth-to-Control-Plane Breach

Vercel’s April 2026 Incident Was an OAuth-to-Control-Plane Breach

Read more
Healthtech Security in 2026: Continuity Is the New Standard

Healthtech Security in 2026: Continuity Is the New Standard

Read more
Cantina Case Study: Apex Finds 44-Year-Old Bugs in OpenSSH

Cantina Case Study: Apex Finds 44-Year-Old Bugs in OpenSSH

Read more
How to Prevent Vibe Coding Vulnerabilities in Software Development

How to Prevent Vibe Coding Vulnerabilities in Software Development

Read more
AI Agent Governance Readiness Guide

AI Agent Governance Readiness Guide

Read more
AI Act Transparency Starts August 2, 2026: What AI-Powered SaaS Teams Need to Change Now

AI Act Transparency Starts August 2, 2026: What AI-Powered SaaS Teams Need to Change Now

Read more
MCP Security Checklist: How to Govern Tool Access Before Your AI Agents Do Something Expensive

MCP Security Checklist: How to Govern Tool Access Before Your AI Agents Do Something Expensive

Read more
How One Compromised GitHub Action Leaked Thousands of Cloud Secrets

How One Compromised GitHub Action Leaked Thousands of Cloud Secrets

Read more
Cantina: Unified Security and Compliance for AI-Powered SaaS

Cantina: Unified Security and Compliance for AI-Powered SaaS

Read more
Cantina Case Study: SpEL Injection in Spring AI Explained

Cantina Case Study: SpEL Injection in Spring AI Explained

Read more
The Hidden Tax of Tool Sprawl: Why Your 50-Tool Security Stack is Failing You

The Hidden Tax of Tool Sprawl: Why Your 50-Tool Security Stack is Failing You

Read more
Cantina Case Study: Catching a 15-Year-Old Dependency Bug Before Attackers Did

Cantina Case Study: Catching a 15-Year-Old Dependency Bug Before Attackers Did

Read more
Axios NPM Supply Chain Attack: What Happened

Axios NPM Supply Chain Attack: What Happened

Read more
Defending Against FortiClient EMS Pre-Auth SQLi with Agentic Security

Defending Against FortiClient EMS Pre-Auth SQLi with Agentic Security

Read more
Cantina Case Study: How Apex found a high-severity bug in Spring AI

Cantina Case Study: How Apex found a high-severity bug in Spring AI

Read more
Cantina Case Study: How Apex Found a Critical RCE Bug in Spring AI

Cantina Case Study: How Apex Found a Critical RCE Bug in Spring AI

Read more
Cantina Case Study: How Apex Found a Silent Privilege Escalation in Anthropic's Claude Code

Cantina Case Study: How Apex Found a Silent Privilege Escalation in Anthropic's Claude Code

Read more
LiteLLM Turned a Package Install Into an Intrusion Path

LiteLLM Turned a Package Install Into an Intrusion Path

Read more
AI security: Best solutions for cyber teams 2026 guide

AI security: Best solutions for cyber teams 2026 guide

Read more
The SOC Analyst Role Is Broken. Here’s How Agentic AI Fixes It.

The SOC Analyst Role Is Broken. Here’s How Agentic AI Fixes It.

Read more
Securing AI Agents: 5 Rules to Stop Autonomous Takeovers

Securing AI Agents: 5 Rules to Stop Autonomous Takeovers

Read more