control failure

5 posts

The agent is the breach

A board-level assessment of the Microsoft Copilot Cowork file exfiltration: control failure, exposure model, and the conditions that must hold for in-tenant agents.

May 26, 2026

Article

Your AI sessions are outside your control perimeter.

A board-level risk statement on the Claude AI file exfiltration demonstration: control failure, exposure, and what must be true going forward.

May 26, 2026

Article

CISA is holding the leak with its hands

CISA is in containment mode after a data leak. What containment actually means, what failed, and why the assurance claim is now suspended.

May 23, 2026

Article

CISA pushed passwords to a public repo

A top cyberdefense agency published credentials in a public GitHub repository. A control analysis of what failed and what must now be true.

May 20, 2026

Article

NVD stopped, your scanner didn't notice

NVD enrichment is no longer keeping pace with CVE volume. What that breaks inside vulnerability management programs, and what operators must now own.

May 14, 2026