Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There’s never a good time to lose a production database, but losing one to your own AI coding agent on a Friday afternoon has to rank near the bottom of the list. That’s the backdrop to the PocketOS incident, and it’s the clearest case yet for why AI agent security and intent-based access control belong at the top of every cloud security roadmap this year.

As more organizations move past experimentation and start planning real AI agent deployments, the same set of concerns keeps surfacing in our conversations with security teams. Whether the worry is a shadow agent that shows up uninvited or a sanctioned agent going rogue, the questions tend to cluster around control: These are the right questions to be asking, and they share a common answer that’s more concrete than most people expect. AI agents are only as dangerous as the privileges they can reach.

Security teams are losing the battle to secure non-human identities (NHIs) for one simple reason: machine identities are now created inside the systems that ship software. They appear in CI/CD pipelines, Kubernetes workloads, SaaS integrations, and AI-driven workflows faster than central IAM teams can inventory or review them.

Governance is breaking. Not because companies care less about risk, but because modern infrastructure moves faster than the controls designed to govern it. In 2026, governance has to keep up with cloud-native architectures, AI adoption, API sprawl, and the explosion of machine identities across production environments.

Many engineering teams treat zero trust as a simple MFA checkbox. They invest in advanced identity providers but still leave environments exposed, with permanent admin roles and manual ticket queues that frustrate developers. Most teams have adopted the language of zero trust without changing how access actually works. They verify identity at login, then leave broad permissions in place long after the task is done.

There’s never a good time to disclose a breach, but days before your IPO has to rank near the bottom of the list. That was the backdrop to the Vercel breach. On Sunday the 19th, the company confirmed that attackers had walked into parts of its internal environment and walked back out with customer API keys. Early reporting focused on the flashy parts: an attacker claiming ties to ShinyHunters, a $2 million BreachForums demand, crypto teams rotating credentials with the IPO roadshow in full swing.

Hims & Hers, one of the biggest telehealth platforms in the U.S., just disclosed that millions of customer records were exposed. Not because of some sophisticated exploit, but because a single compromised login had standing access to a connected platform. One identity was all it took. This breach is worth paying attention to not because it’s unusual, but because it’s so ordinary.

Today, we’re introducing Approval Escalation, a new capability in Apono that automatically moves access requests forward when the original approver doesn’t respond in time. Because no one should be stuck waiting seven hours just to do their job.

Today, we’re introducing Justification Coach, a new AI-powered capability that helps users write better access request justifications in real time, so admins get the context they need for audits and investigations without having to chase people down after the fact.

An intern gets admin access to production for a temporary task, but nobody remembers to revoke it. Imagine that intern works at machine speed, never sleeps, and can chain dozens of actions before you’ve read the Slack ping—and has no instinct for when they’re about to do something irreversible.

For many enterprise security teams, audit season feels less like validation and more like reconstruction. Not because they lack logs, and not because their teams are careless, but because their privilege model was never designed to produce a clean, unified story. In Microsoft Entra ID environments, Privileged Identity Management (PIM), works well as long as your world is entirely Microsoft. But no enterprise operates in a single-vendor bubble.

Microsoft Entra ID Privileged Identity Management is designed to bring structure to privileged access inside Microsoft environments. It allows organizations to make roles eligible, require activation, and enforce approval workflows. Within Azure, it performs that role predictably. The challenge begins when engineering workflows extend beyond Azure. Modern infrastructure rarely lives in a single ecosystem.