AnonymousMedia.org

Category: Uncategorized

  • Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

    Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents


    AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise.

    Then comes the moment every security team eventually hits:

    “Wait… who approved this?”

    Unlike users or applications, AI agents are often deployed quickly, shared broadly, and granted wide access permissions, making ownership, approval, and accountability difficult to trace. What was once a straightforward question is now surprisingly hard to answer.

    AI Agents Break Traditional Access Models

    AI agents are not just another type of user. They fundamentally differ from both humans and traditional service accounts, and those differences are what break existing access and approval models.

    Human access is built around clear intent. Permissions are tied to a role, reviewed periodically, and constrained by time and context. Service accounts, while non-human, are typically purpose-built, narrowly scoped, and tied to a specific application or function.

    AI agents are different. They operate with delegated authority and can act on behalf of multiple users or teams without requiring ongoing human involvement. Once authorized, they are autonomous, persistent, and often act across systems, moving between various systems and data sources to complete tasks end-to-end.

    In this model, delegated access doesn’t just automate user actions, it expands them. Human users are constrained by the permissions they are explicitly granted, but AI agents are often given broader, more powerful access to operate effectively. As a result, the agent can perform actions that the user themselves was never authorized to take. Once that access exists, the agent can act – even if the user never meant to perform the action, or wasn’t aware it was possible, the agent can still execute it. As a result, the agent can create exposure – sometimes accidentally, sometimes implicitly, but always legitimately from a technical standpoint.

    This is how access drift occurs. Agents quietly accumulate permissions as their scope expands. Integrations are added, roles change, teams come and go, but the agent’s access remains. They become a powerful intermediary with broad, long-lived permissions and often with no clear owner.

    It’s no wonder existing IAM assumptions break down. IAM assumes a clear identity, a defined owner, static roles, and periodic reviews that map to human behavior. AI agents don’t follow those patterns. They don’t fit neatly into user or service account categories, they operate continuously, and their effective access is defined by how they are used, not how they were originally approved. Without rethinking these assumptions, IAM becomes blind to the real risk AI agents introduce.

    The Three Types of AI Agents in the Enterprise

    Not all AI agents carry the same risk in enterprise environments. Risk varies based on who owns the agent, how broadly it’s used, and what access it has, resulting in distinct categories with very different security, accountability, and blast-radius implications:

    Personal Agents (User-Owned)

    Personal agents are AI assistants used by individual employees to help with day-to-day tasks. They draft content, summarize information, schedule meetings, or assist with coding, always in the context of a single user.

    These agents typically operate within the permissions of the user who owns them. Their access is inherited, not expanded. If the user loses access, the agent does too. Because ownership is clear and scope is limited, the blast radius is relatively small. Risk is tied directly to the individual user, making personal agents the easiest to understand, govern, and remediate.

    Third-Party Agents (Vendor-Owned)

    Third-party agents are embedded into SaaS and AI platforms, provided by vendors as part of their product. Examples include AI features embedded into CRM systems, collaboration tools, or security platforms.

    These agents are governed through vendor controls, contracts, and shared responsibility models. While customers may have limited visibility into how they work internally, accountability is clearly defined: the vendor owns the agent.

    The primary concern here is the AI supply-chain risk: trusting that the vendor secures its agents appropriately. But from an enterprise perspective, ownership, approval paths, and responsibility are usually well understood.

    Organizational Agents (Shared and Often Ownerless)

    Organizational agents are deployed internally and shared across teams, workflows, and use cases. They automate processes, integrate systems, and act on behalf of multiple users. To be effective, these agents are often granted broad, persistent permissions that exceed any single user’s access.

    This is where risk concentrates. Organizational agents frequently have no clear owner, no single approver, and no defined lifecycle. When something goes wrong, it’s unclear who is responsible or even who fully understands what the agent can do.

    As a result, organizational agents represent the highest risk and the largest blast radius, not because they are malicious, but because they operate at scale without clear accountability.

    The Agentic Authorization Bypass Problem

    As we explained in our article, agents creating authorization bypass paths, AI agents don’t just execute tasks, they act as access intermediaries. Instead of users interacting directly with systems, agents operate on their behalf, using their own credentials, tokens, and integrations. This shifts where authorization decisions actually happen.

    When agents operate on behalf of individual users, they can provide the user access and capabilities beyond the user’s approved permissions. A user who cannot directly access certain data or perform specific actions may still trigger an agent that can. The agent becomes a proxy, enabling actions the user could never execute on their own.

    These actions are technically authorized – the agent has valid access. However, they are contextually unsafe. Traditional access controls don’t trigger any alert because the credentials are legitimate. This is the core of the agentic authorization bypass: access is granted correctly, but used in ways security models were never designed to handle.

    Rethinking Risk: What Needs to Change

    Securing AI agents requires a fundamental shift in how risk is defined and managed. Agents can no longer be treated as extensions of users or as background automation processes. They must be treated as sensitive, potentially high-risk entities with their own identities, permissions, and risk profiles.

    This starts with clear ownership and accountability. Every agent must have a defined owner responsible for its purpose, scope of access, and ongoing review. Without ownership, approval is meaningless and risk remains unmanaged.

    Critically, organizations must also map how users interact with agents. It is not enough to understand what an agent can access; security teams need visibility into which users can invoke an agent, under what conditions, and with what effective permissions. Without this user–agent connection map, agents can silently become authorization bypass paths, enabling users to indirectly perform actions they are not permitted to execute directly.

    Finally, organizations must map agent access, integrations, and data paths across systems. Only by correlating user → agent → system → action can teams accurately assess blast radius, detect misuse, and reliably investigate suspicious activity when something goes wrong.

    The Cost of Uncontrolled Organizational AI Agents

    Uncontrolled organizational AI agents turn productivity gains into systemic risk. Shared across teams and granted broad, persistent access, these agents operate without clear ownership or accountability. Over time, they can be used for new tasks, create new execution paths, and their actions become harder to trace or contain. When something goes wrong, there is no clear owner to respond, remediate, or even understand the full blast radius. Without visibility, ownership, and access controls, organizational AI agents become one of the most dangerous, and least governed elements in the enterprise security landscape.

    To learn more visit https://wing.security/

    Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.





    Source link

  • What we know about death of Alex Pretti

    What we know about death of Alex Pretti


    Aoife Walsh,Washingtonand

    Olivia Ireland

    Watch: Video shows moments around fatal shooting in Minneapolis

    Federal agents shot and killed a man in Minneapolis on Saturday, the second person to be fatally shot in the city during the Trump administration’s immigration enforcement crackdown this month.

    Local officials identified the man as 37-year-old Alex Pretti, a US citizen who lived in Minneapolis and worked as a nurse.

    Videos have emerged showing a scuffle between Border Patrol agents and the man in the lead up to the shooting. The Department of Homeland Security (DHS) said the agents fired in self-defence after Pretti, who they say had a handgun, resisted their attempts to disarm him.

    Eyewitnesses, local officials and the victim’s family have challenged that account, pointing out he had a phone in his hand, not a weapon. His parents accused the administration of spreading “sickening lies” about what happened. “Please get the truth out about our son,” they added.

    The incident, which came two weeks after the fatal shooting of Renee Nicole Good by an immigration agent, has led to further protests and renewed calls from local leaders for federal agents to leave the city.

    Here is what we know so far.

    What happened in the moments before the shooting?

    The shooting occurred on Saturday morning near Nicollet Avenue and 26th Street in south Minneapolis at 9:05 local time (15:05 GMT).

    Greg Bovino, the Border Patrol commander, said agents had been carrying out a “targeted” immigration enforcement operation when Pretti approached agents with a “9mm semi-automatic” handgun.

    Bovino did not specify if Pretti was brandishing the gun, but said agents attempted to disarm him and he “violently resisted”. The commander said a Border Patrol officer then “fired defensive shots”.

    Videos from the moments before the shooting show Pretti filming agents with his phone in the middle of the street. Whistling and shouting can be heard from bystanders in the background.

    From one angle, an agent appears to push a woman. When the camera pans back to Pretti, he is seen with his arm around her. The agent then pushes back a second woman. At the same time, Pretti reaches his arm out and stands between her and the agent.

    The agent then sprays a substance in his eyes. Pretti turns his face away and reaches one open hand up in the air. He appears to be clutching a phone in the other. No gun is visible.

    Another video from a different angle shows the agent grabbing Pretti by the arm, before more agents get involved. Pretti is brought to the ground, with at least six agents on top of him. One agent can be seen striking at his head.

    Another officer, who appears to approach the scuffle with empty hands, pulls back with what appears to be a gun in his hand. As he moves away toward a vehicle, a split second later another agent standing beside him opens fire.

    The agents jump back from the man lying on the ground and the firing continues. A total of 10 gunshots are heard.

    What do we know about the gun?

    US Department of Homeland Security A 9mm semi-automatic handgun placed on a car seat with a charging cable beside the gun.US Department of Homeland Security

    DHS shared a photo of a firearm on social media, which they say belonged the man who was shot

    After the shooting, DHS shared a photo of a firearm on social media, which they said belonged to Pretti. The agency also said he had two magazines of ammunition and no ID.

    Bovino told reporters it looked like a “situation where an individual wanted to do maximum damage and massacre law enforcement”. He did not provide any further evidence.

    Minneapolis Police Chief Brian O’Hara said at a news conference that Pretti was believed to be a lawful gun owner with a permit to carry. His only previous interactions with law enforcement, as far as police are aware, were related to parking tickets.

    In a sign of the tensions between federal and local authorities, the police chief also said the DHS had not provided his team with “any specific details” about the deadly incident itself.

    Later, Homeland Security Secretary Kristi Noem was asked to clarify if Pretti had brandished a gun.

    She said: “Individuals showed up to impede a law enforcement operation and assaulted our officers.

    “They responded according to their training, and took action to defend the officer’s life and those of the public around him. And, I don’t know of any peaceful protester that shows up with a gun and ammunition rather than a sign.”

    Minnesota Governor Tim Walz, a Democrat, said he understood the risk of people trying to bear witness and document the actions of federal agents.

    “Thank God, thank God, we have video because, according to DHS, these seven heroic guys took an onslaught of a battalion against them or something. It’s nonsense, people. It is nonsense, and it’s lies.”

    Pretti’s parents ask for the ‘truth’ to be told

    EPA A hooded federal officer with their back to the shot with their arms outstretched about to throw what appears to be a tear gas canister as protesters look on from snowy porches and other federal agents are behind the officer.EPA

    Protesters and police clash at the scene of the shooting

    Alex Pretti’s parents Michael and Susan have called for “the truth” to be told about their son, after he was shot dead in the confrontation with federal immigration officers.

    “We are heartbroken but also very angry,” they said in a family statement, according to several US outlets. “The sickening lies told about our son by the administration are reprehensible and disgusting.”

    They added that videos showed Pretti was not holding a gun when he was tackled by federal agents. Instead, they said, he was holding his phone with one hand and using the other to shield a woman who was being pepper-sprayed.

    “Alex was a kindhearted soul who cared deeply for his family and friends and also the American veterans whom he cared for as an ICU nurse at the Minneapolis VA hospital.

    “Alex wanted to make a difference in this world. Unfortunately he will not be with us to see his impact.

    “Please get the truth out about our son. He was a good man.”



    Source link

  • Alex Honnold scales 101-floor skyscraper without safety gear

    Alex Honnold scales 101-floor skyscraper without safety gear


    American climber Alex Honnold has successfully scaled a Taiwan skyscraper without a rope, harness or safety equipment.

    The building, named Taipei 101 for the number of its floors, stands at 508m (1,667ft) of steel, glass and concrete and is designed to resemble a stick of bamboo.

    Honnold is renowned for being the first person to climb El Capitan, the vertical granite cliff in California’s Yosemite national park – also without ropes or safety gear.

    The climb was originally set to take place on Saturday but was delayed by wet weather.

    His ascent in Taiwan’s capital was streamed live on Netflix, which said there would be a delay on the live feed should the worst happen.

    Honnold completed the climb in one hour and 31 minutes and celebrated the achievement with one word: “Sick.”

    His time more than halves the record of the only other person to scale the tower.

    Alain Robert, a Frenchman who called himself “Spiderman”, made it to the top of Taipei 101 – at the time the world’s tallest building – in four hours. He did so with ropes and a harness.

    Taiwan’s Vice President Hsiao Bi-khim congratulated Honnold on the ascent, writing on X: “I admit I would probably feel sick, too, barely able to watch.”

    Honnold was greeted at the top of the building by his wife, who expressed concern for the wind and heat as he climbed.

    But there was another distraction during his ascent.

    As Honnold reached the 89th floor, fans cheered and waved, face to face but for the window with the man clinging to the building.

    Video of the moment was shared by Honnold and Netflix on Instagram, showing the climber continuing undeterred.

    Honnold has made many extreme climbs during his career. A documentary about his ascent of the 3,000 foot (915m) El Capitan, titled Free Solo, won an Academy Award.





    Source link