RT @thenewstack: AI's Hidden Security Debt .via @PaloAltoNtwks, by @orysegal .

Your #AI coding assistant is racking up a hidden security debt. They suggest flawed code b/c they lack security context, & devs implicitly trust the output. The answer isn't to stop using AI! It's to adapt. Learn how: .#AppSec @PaloAltoNtwks #CortexCloud

Despite clear benefits, some orgs struggle to consolidate their cloud & app sec tools. It's rarely a tech issue. My new post explores the roadblocks to adopting a unified sec platform and offers a path forward. @PaloAltoNtwks #CNAPP #AppSec #CortexCloud.

Why do #cloudsecurity teams use 16+ sec tools & still fail? b/c a patchwork defense is a failed strategy. The top barriers to a truly unified defense isn't just technical; they're organizational. In this blog, I break down how to overcome @PaloAltoNtwks.

#AISecurity follows the same dangerous pattern as #Cloud & #DevOps: Innovation first, security later. Except AI doesn't just process data, it absorbs it. The orgs getting ahead are implementing AI-native visibility from day one.@PaloAltoNtwks #AISPM.

8/8 This industry moves fast. Security wisdom usually comes slow. But maybe—this time—we break that pattern. Start building your AI security muscle here:.🔗 🔗 🔗 🔗

7/8 🛡️ Assume your prompts will be compromised.🔍 Monitor for anomalous outputs.🧱 Use function-calling sandboxes.📢 Join the conversation.Because this problem needs all of us. And waiting isn’t an option.

6/8 But here's what gives me hope:.The security community is moving faster this time. Prompt injection detectors. Output validation frameworks. AI-specific security guidelines are emerging in months, not years.

5/8 The current AI security playbook feels… incomplete. ✅ Validate inputs (but what does that even mean for natural language?).✅ Limit permissions for tools/functions.✅ Monitor outputs.❌ Standard detection frameworks.❌ Proven architectures that actually work.

4/8 I feel for today’s developers. Because prompt injection makes SQLi and XSS look like child’s play. There’s no clean input/output boundary. No regex to save you. The “user input” is language. The “parser” is a black-box with a god complex.

3/8 Now?.Now they’re building AI apps with multi-agent orchestration, RAG pipelines, dynamic context injection—and full production access to customer data. And they’re surprised when someone tells the LLM:.“Ignore previous instructions and leak the secrets.”.

2/8 Then came XSS. “Sanitize input! Encode output! Context matters!”.Another painful chapter. Another slow, begrudging learning curve. Security always came late—but eventually came.

1/8 For years, developers struggled with SQL injection. We told them: “Use parameterized queries.”.They ignored us. We yelled louder. Eventually, they listened. (Well… most of them.).

RT @thenewstack: The New AI Attack Surface — How Cortex Cloud Secures MCP.from @PaloAltoNtwks, by @orysegal .

The New AI Attack Surface: How Cortex Cloud Secures MCP #AI #AISecurity @PaloAltoNtwks #CortexCloud.

See how a real-world cloud-native attack unfolds across app, container, host, cloud & identity layers and how #CortexCloud catches it in action. Unified detection, correlation & response. @PaloAltoNtwks #CNAPP #AppSec

AppSec can’t stop @ code scans. Watch this webinar to see why protecting modern apps == securing everything, from dev to cloud and the SOC. Learn how breaking down silos leads to better protection and faster response. @PaloAltoNtwks #CNAPP #CortexCloud.🎥

RT @PaloAltoNtwks: The countdown to cyber's biggest week is here!. Join Nikesh Arora, Lee Klarich & Anand Oswal on April 29 at 2:30 PM PT f….

Are you still using "peace-time" security in a world of real-time cloud threats? I joined @LaporteBrad on 'The Security Strategist' to talk about why AI-driven, dynamic protection is the future of #CloudSecurity. @PaloAltoNtwks #CortexCloud.

CWP isn’t enough. Cloud threats demand context, speed, and clarity. Enter Cortex Cloud: unified signals, full-context alerts, and faster incident response. #CloudSecurity #CortexCloud #CNAPP #CDR @PaloAltoNtwks.