"Agents started calling tools nobody remembered wiring up" This is very familiar to me. I have seen this problem before. Because AI is often a network of microservices and follow service mesh patterns, there is an…
I started coding in the late 70's (not 1908). I suppose I will take the "older folk" label as a compliment :-) I coded with Fortran and "wrote" software on punch cards that had to be compiled by a machine that read the…
We tackled a similar problem for K8s workloads—verifying automated service identity trust without static credentials. A few thoughts on your approach: *Persistent identity + rotation:* The tension between "persistent"…
Good question. To clarify: the app still has its own internal auth logic — we're not bypassing that. The encrypted lane handles connection isolation (who can reach the app), while the app still handles identity (who the…
We have a real setup that treats this challenge as a network isolation problem instead of an auth problem. Have you considered that approach? Meaning: instead of trying to authenticate to the preview app, make the…
I think it matters how you define 'end-to-end'. Where are the endpoints? In a SaaS platform, WhatsApp could claim your device and its ingress server are the endpoints. With that definition, they can use TLS and claim…
I am in Camp A. I verify AI-generated content closely. I am usually using AI to improve content that I have provided. Because I am knowledgeable about the information and topic, I can quickly recognize when AI is wrong…
I think fail-secure is the right strategy for agentic AI, especially if the actions taken are irreversible or control something significant. The generative AI systems make a lot of errors. There is so much risk when…
"Agents started calling tools nobody remembered wiring up" This is very familiar to me. I have seen this problem before. Because AI is often a network of microservices and follow service mesh patterns, there is an…
I started coding in the late 70's (not 1908). I suppose I will take the "older folk" label as a compliment :-) I coded with Fortran and "wrote" software on punch cards that had to be compiled by a machine that read the…
We tackled a similar problem for K8s workloads—verifying automated service identity trust without static credentials. A few thoughts on your approach: *Persistent identity + rotation:* The tension between "persistent"…
Good question. To clarify: the app still has its own internal auth logic — we're not bypassing that. The encrypted lane handles connection isolation (who can reach the app), while the app still handles identity (who the…
We have a real setup that treats this challenge as a network isolation problem instead of an auth problem. Have you considered that approach? Meaning: instead of trying to authenticate to the preview app, make the…
I think it matters how you define 'end-to-end'. Where are the endpoints? In a SaaS platform, WhatsApp could claim your device and its ingress server are the endpoints. With that definition, they can use TLS and claim…
I am in Camp A. I verify AI-generated content closely. I am usually using AI to improve content that I have provided. Because I am knowledgeable about the information and topic, I can quickly recognize when AI is wrong…
I think fail-secure is the right strategy for agentic AI, especially if the actions taken are irreversible or control something significant. The generative AI systems make a lot of errors. There is so much risk when…