TLDRocket
Sign in

AI Security

40 summarised stories about AI Security, each linking back to the original source. Browse all topics →

Monday, 13 July 2026

Implement on-behalf-of token exchange for multi-tenant agents with Amazon Bedrock AgentCore Gateway

AWS Machine Learning 3 days ago

Amazon Bedrock AgentCore Gateway now supports OAuth 2.0 Token Exchange (RFC 8693) to enable secure on-behalf-of token exchange in multi-tenant AI agent architectures, allowing agents to call downstream APIs with tokens bound to specific users and tenants rather than the agent's service identity. The reference implementation demonstrates the pattern using TravelBot, a multi-tenant booking assistant serving two example tenants (Acme and Globex) with token exchanges orchestrated transparently by AgentCore without requiring agent-side exchange logic. This approach preserves user identity end-to-end through the sub claim while cryptographically scoping each downstream call to a single service through the aud claim, preventing confused deputy vulnerabilities and enabling independent token validation by downstream APIs.

What an ex-NSA red teamer wants every SOC to stop doing

The New Stack 3 days ago

Security operations centers are overwhelmed with alerts from multiple data sources, creating alert fatigue that obscures genuine threats amid noise. The webinar on July 23 will feature Chas Clawson, an ex-NSA Red Team member now at Sumo Logic, discussing how to reduce alert volume through better context and data strategy. Teams should shift from individual event-based alerts to entity-centric detections around users and workloads, with AI helping to correlate evidence and surface high-priority signals rather than replacing human analysts.