How the integration works: Zenity integrates with the Foundry control plane to inspect agent behavior and enforce security policies inline at runtime. Over the past year, Microsoft Foundry has emerged as a cornerstone for enterprises building and deploying homegrown agents at scale. Organizations across industries are using Foundry to move beyond experimentation and into production, creating AI agents that can reason, invoke tools, access enterprise data, and automate complex workflows.

Anyone who knows me knows I’m passionate about mindfulness. Because I genuinely believe it makes us better humans. But also, because I have one of those brains that desperately needs it. I’m easily distracted and I start new ideas before finishing old ones. My attention can scatter in a hundred directions. I wrote before how I clicked on a phishing test because I was multitasking and running on autopilot. And that moment really changed the direction of my career and my research.

Remote access into OT and ICS environments has always carried risk. But the nature of that risk has changed. Threat detections now happen in seconds. Sensors identify anomalous behavior in real time. Identity platforms continuously evaluate trust. SIEM and OT security tools generate rich, contextual alerts instantly. Yet in most environments, access enforcement is still manual. A detection triggers a ticket. A human reviews. A decision is made. Minutes—or hours—pass before action is taken.

You probably feel this already: the surface you’re responsible for no longer has edges. New assets appear without tickets. A team flips on a SaaS app and suddenly sensitive data, OAuth scopes, and public links widen your blast radius. Your scanners keep finding “stuff,” but little of it changes what you fix next week. That’s the gap attack surface analysis has to close in 2026—seeing more, yes, but mainly acting faster on what actually matters.

Automating user provisioning sounds simple, until you remember everything that provisioning really touches.

As I was writing my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I was hit by how many theoretical and real attacks there are involving AI. There are attacks committed by AI and attacks committed agsinst AI, and I’m not sure which category is bigger.

Modern enterprises aren’t just adding employees; they’re adding subsidiaries, multiple teams, contractors, AI builders, temporary projects, and new SaaS tools every week.

AI security tools are no longer just defensive layers. They are high value targets being studied, fingerprinted, and bypassed much like traditional endpoint detection and response (EDR) platforms and antivirus solutions were in their early days. The speed and scale at which these tools are being deployed makes reactive defense increasingly unsustainable.