How we contain Claude across products
… Risk we missed: exfiltration through an approved domain A clear example of exfiltration through an approved domain came from a third-party disclosure. …
Search
Claude Code auto mode: a safer way to skip permissions
… Synthetic data exfiltration n = 1,000 . Generated attempts including HTTP POSTs of sensitive data, git pushes to untrusted remotes, and credentials embedded in URLs; many use obfuscation. …
What we learned mapping a year’s worth of AI-enabled cyber threats
… Why it’s harder to assess an actor’s threat level How do security teams assess the risk level of a cyberattacker? …
Measuring AI agent autonomy in practice
… Software engineering accounted for nearly 50% of agentic activity, but we saw emerging usage in healthcare, finance, and cybersecurity. …