Skip to main content

Sysdig Adds Runtime to Secure AI Coding Agents

Sysdig this week at the RSA Conference (RSAC) revealed it has created a runtime that makes it possible to securely deploy artificial intelligence (AI) coding tools.

Jonas Rosland, director of the open source program for Sysdig, said the runtime makes it possible to monitor the activity of AI coding agents in real time, including potential credential risks. It also enables investigation of incidents involving AI agent activity, he added.

Additionally, AI agents can be prevented from opening sensitive files or bypassing credential controls. Risky command-line arguments that weaken safeguards, such as allowing unrestricted file writes, are also prevented.

Dangerous activity with developer environments, including reverse shells, binary tampering, and persistence mechanisms, can also be prevented.

As AI coding tools are made available to both professional and citizen-developers alike, the likelihood of a cybersecurity incident involving these tools continues to rise. DevSecOps teams need to enable application developers to safely add plug-ins and skills to these tools. The challenge is that skills can also include a malicious prompt that could potentially instruct an AI agent to, for example, delete a database running in a production environment, noted Rosland.

The only way to prevent those types of attacks is to be able to observe what an AI agent is doing at a granular level, he added. Otherwise, the speed at which AI agents are able to access directories, files and external resources will overwhelm and bypass existing safeguards, said Rosland.

Each application development team will need to determine to what degree to invest in AI coding tools, but a recent Futurum Group survey finds a full 60% of respondents reporting their organization is now actively using AI to build and deploy software.

Mitch Ashley, vice president and practice lead for software lifecycle engineering for the Futurum Group, said AI coding agents operating in development environments have created a runtime threat surface that governance policy alone cannot contain. Sysdig’s agent runtime signals that controlling AI coding tool behavior requires execution-layer enforcement to provide real-time visibility into agent activity, he added.

For DevSecOps teams extending AI tools to citizen developers, the risk is concrete, noted Ashley. Malicious skills can instruct agents to access unauthorized credentials, tamper with binaries, or delete production data. Runtime enforcement is the control layer that determines what agents can actually execute, said Ashley.

No one knows for sure how proactive DevSecOps teams will be when it comes to securing AI coding tools. It may require a few more major incidents until the full scope of the threat is fully appreciated. In the meantime, DevSecOps teams should remind application developers who experiment with emerging technologies of the potential risks. The more isolated the application development environment being used to write code using AI agents the better. After all, the danger only really manifests when AI agents start accessing every data source available so the most important thing may be to create a sandbox where they are contained to the fullest extent possible.



from DevOps.com https://ift.tt/ohi6RIk
Labels:

Comments

Post a Comment

Popular posts from this blog

Why the Software Development Tools you Choose Directly Affect Your CI/CD Reliability 

Most conversations about CI/CD reliability start in the wrong place. Teams debug flaky pipelines, investigate intermittent failures, tune alerting thresholds and optimize build times. All of that work is legitimate. However, the decisions that most directly determine whether a CI/CD pipeline is reliable or not were made months or years earlier, during tool selection. By the time teams are debugging pipeline reliability, they are usually dealing with the downstream consequences of upstream decisions that seemed reasonable at the time.   The software development tools a team chooses shape their CI/CD pipeline in ways that are not always visible during evaluation. Understanding those connections is the most practical starting point for teams that want reliable pipelines rather than better pipeline firefighting.   The Integration Surface Problem   Every tool in a software development stack creates an integration surface. Integration surface is the set of connections a tool has with oth...
Post a Comment
Read more

Co-Developing an AI Native Observability Platform  

As AI capabilities continue to evolve, AI is becoming central to managing the growing complexity of distributed, hybrid enterprise environments, enabling more effective analysis, correlation, and automation across interconnected systems.   Traditional infrastructure and specifically network monitoring approaches, often built around siloed tools and static thresholds, struggle to keep pace with the scale, velocity, and interdependencies of modern systems. Further blurring the boundaries between network, application, and infrastructure domains makes it harder to isolate root causes and maintain operational resilience. In this context, AIOps platforms have emerged as one response to the growing need for integrated observability, automation, and data-driven decision-making.   At AI Field Day, Selector AI presented an AIOps platform, which can be considered a foundation for co-creating more adaptive and data-driven network operations. Rather than positioning it purely as a product choice,...
Post a Comment
Read more

Postman Adds AI Agent to Automate API Development and Governance

Postman added an artificial intelligence (AI) agent to its portfolio of tools and platforms for building and governing application programming interfaces (APIs) that can autonomously perform tasks ranging from development and documentation to exploration and setting up integrations with continuous integration/continuous deployment (CI/CD) environments. Company CEO Abhinav Asthana said the Autonomous API Engineer significantly reduces the total cost of building and maintaining APIs by automating time-consuming tasks that have historically created bottlenecks in software engineering workflows. In fact, the AI agent developed by Postman will make it significantly simpler to integrate API development and testing within those workflows, said Asthana. Designed to be triggered from a pull request, Slack, Postman command line interface (CLI) or the Postman app, the Autonomous API Engineer spins up a secure, sandboxed environment. It then executes tasks and returns verified artifacts, includ...
Post a Comment
Read more