0

Cisco Live 2026 – Requiem For A Corner

Cisco Live US 2026 was an interesting ride this year. There was a lot of talk about AI. There was a big discussion about security and how we are protecting our software from the AI models on the horizon that are ready to uncover every bug ever conceived. And there was even more discussion about whether Cisco was ahead of the game or behind the curve on their support for everything from eBPF to the latest Mythos reports. I say there was a lot of discussion, but I’m not sure where exactly it was happening.

Social Desert

One of the biggest things I heard from my friends at the event was how light everything felt. Fewer people was a common theme. The reported number was around 22,000 but it felt closer to 20,000 to me. The World of Solutions felt very spread out this year, with most of the back side being Cisco booth space.

The other thing was the Social Hub. It had shrunk from last year. At least the couches were facing each other this year. And there were some cool stickers and some interesting puzzles to work on. But there were far too few tables for people Continue reading

0

Worth Reading 061026

When business volume and market capitalization cross a critical threshold, vertically integrating infrastructure ceases to be merely a cost-cutting financial tactic; it becomes an existential imperative for computational resilience and commercial survival.

 

It looks like industry mergers and acquisition activity is in high gear lately.

 

Building multi-agent systems right now feels painfully identical to the early, chaotic days of the micro services gold rush.

 

The standard is called DNS-AID (Domain Name System for AI Discovery). Its premise is that the internet already solved the problem of finding things at scale forty years ago with DNS — and that the same infrastructure should handle AI agents.

 

Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad.

0

Five Principles of an Accountable AI Agent Network: How to Evaluate Any Governance Platform

The first post in this series argued that AI agent governance hasn’t kept pace with deployment. The second laid out the five pillars of accountability, and what is required. The third walked through why network policies, API gateways, MCP/A2A protocols, DIY security patterns, and Role-based Access Control (RBAC) each leave critical accountability gaps.

So what does good look like?

The five pillars define what AI agent accountability requires. The principles below define how a governance platform should deliver it. These are the architectural principles your team should evaluate any AI agent governance solution against, whether you build it, buy it, or assemble it from open-source components.

If a vendor pitches you a governance platform that fails any of these five, walk away.

What are the five principles of an accountable AI agent network?

Kubernetes Network Policies are essential for securing any cluster. They restrict which pods can communicate with which other pods at the network level, and they should absolutely be part of your security posture.

1. Default-deny: No agent communicates unless a policy explicitly permits it.
2. Attribute-based policy: Policies reference agent attributes, not agent names.
3. Zero-trust identity: Every request authenticated, every identity verified.
4. Audit by design: Every interaction produces a Continue reading

0

A field guide to the agents in your cluster

You know every service in your cluster by name. You know which team owns each one, what it talks to, how it scales, where its logs go. The agents are a different story.

That’s not a criticism, it’s an observation, and it’s one we keep running into. Every company we talk to is shipping agents of some kind, from scales of 10s to 1000s. Customer service bots that field tier-one tickets. Internal copilots that draft emails and summarise meetings and write the boring half of every PR. SREs that handle their own incidents at 2am while the team sleeps. What used to be a few experimental builds in a dev cluster is now dozens in some shops and hundreds in the biggest, growing faster than most teams are tracking.

That growth curve is the interesting part. Services tend to come into existence through a fairly heavyweight process. There’s a ticket, a design review, an owner, a runbook. Agents tend to arrive the way side projects do:

• Somebody had an idea on a Tuesday.
• By Friday it was in staging.
• At some point nobody can quite remember when it became part of the actual business.

Who said it could do that?

Continue reading

0

Route public traffic to private applications with Cloudflare

For most of the Internet’s history, public and private infrastructure operated as separate worlds. Public applications lived behind content delivery networks (CDNs) and web application firewalls (WAFs). Private applications lived behind virtual private networks (VPNs), firewalls, and separate operational stacks. We think that distinction is becoming obsolete.

Many of the applications organizations care about are not public websites. They are internal APIs, AI agent backends, MCP servers, operational tools, and services that were never designed to be exposed to the public Internet. Yet these applications still need modern security, performance, and programmability services. Security should be a property of the traffic reaching an application, not an accident of where the application happens to sit.

Until now, applying those services to private applications often required public IPs, firewall exceptions, connector software, or complex networking. As a result, many private applications missed out on capabilities such as WAF, bot management, rate limiting, caching, traffic acceleration, rewrites, and Workers, despite needing the same protections and controls as public-facing applications.

Today, we're launching Application Services for Private Origins in closed beta for eligible Enterprise customers. Customers can now securely route traffic to private origins without exposing those origins to the public Internet. This allows Continue reading

0

D-Wave Riding The Dual-Rail For Its Gate-Model Quantum Ambitions

0

Overcoming the trade-offs in data sovereignty

What does data sovereignty actually mean for your network, which trade-offs are unavoidable? Learn more.

0

Blogging with an LLM assistant

0

AI Chip Shepherds Broadcom And Marvell Have Skinned The Golden Fleece

0

PP113: Patch Gaps, Pretexting, and AI Use for Crimes and Crimefighting: 2026 Verizon DBIR Highlights

The Verizon Data Breach Investigations Report (DBIR) is a postmortem of a year’s worth of cyber incidents and breaches, and a snapshot of how well organizations are responding to actual threats. Drew and JJ share highlights from the 2026 installment, including: For the first time, vulnerability exploits top the list for initial access What a... Read more »

0

HW081: What to Do About the 6GHz Upper Band Split

The upper 6 gigahertz band is fracturing among national lines after a verdict from regulatory bodies in the UK and the EU. While the US enjoys full Wi-Fi access along the entire 1200 megahertz, the EU has decided to reserve most of the upper band for mobile services, and the UK is testing a split... Read more »

0

Installing GitLab Community Edition

I need an on-premises Git server for my labbing so this post will describe how to install GitLab Community Edition (CE). My install is on Ubuntu 24.04 LTS, specifically ubuntu-24.04.4-live-server-amd64, but you can use whatever works for you.

First I upgrade all the packages:

sudo apt update && sudo apt upgrade -y

Then install the dependencies for GitLab CE:

sudo apt install ca-certificates curl openssh-server postfix tzdata perl

In the installation for postfix, select Internet Site and then enter the server’s domain name. This is really only if you need to send e-mails.

Then reboot:

sudo reboot

I configure the hostname of the server:

sudo hostnamectl set-hostname gitlab.lab.local

I’ll update this later when installing a certificate for the server.

Then download the script that will add GitLab’s package repository to the system’s apt sources:

curl https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sudo bash

Next we setup the EXTERNAL_URL environment variable and install version 18.4 (I needed this specific version):

sudo EXTERNAL_URL="http://gitlab.lab.local" apt install -y gitlab-ce=18.4.*

The EXTERNAL_URL variable is read by the GitLab installer and this is the URL that the server will be available via. I’ll update Continue reading

0

Worth Reading: Genie Tarpit

Following a link in Martin Fowler’s Fragments, I stumbled upon Genie Tarpit by Kent Beck – a perfect summary of my experiences with AI coding (code reviews are OK, new code less so). He also provided a good reason for that behavior:

The “plausible deniability” task orientation of the genie leaves it claiming success even though the code doesn’t work at all.

And the proposed solution?

You probably saw this one coming—nobody knows.

Read more …

0

Defend against frontier cyber models: Cloudflare’s architecture as customer zero

A few weeks ago, we wrote about Project Glasswing and what we observed when we pointed cyber frontier models at our own code. Since then, we’ve seen that the part of the post that has resonated most deeply is the argument that the architecture around the vulnerability matters more than the speed of the patch.

In the conversations we've had with CISOs and security teams since, the questions have been consistent: what does our architecture actually look like, what should we monitor for, where do we start, and how can Cloudflare help?

Before getting into the details: the architecture below is built almost entirely from Cloudflare's own products, because Cloudflare security is customer zero for the security products we build. The Cloudflare stack already exists in front of our code, employees, and customer-facing applications. If you're a Cloudflare customer, every layer below is available to you today. If you're not, the principles still apply to whatever stack you've built.

In the previous post, we showed how a cyber frontier model like Mythos changes the attacker’s timeline. It can find vulnerabilities, reason through exploit chains, and generate working proofs faster than earlier models. Continue reading

0

NB578: Cisco Goes All-In on AI Ops with Cloud Control; China Floats Underwater Data Center

Take a Network Break! Our Red Alert covers a critical Android vulnerability that could lead to local privilege escalation to root. On the news front, we dig into Cloud Control, Cisco’s ambitious AI ops platform that spans its networking, security, compute, observability, and collaboration portfolios. We also talk about Cisco Live Protect, which provides pre-patch... Read more »

0

Worth Reading 060826

In a paper published late in 2025, Østergaard and colleagues reported on their examination of almost 40 psychiatric referrals across Denmark that implicated AI chatbots in harmful interactions, including suicidal thoughts, eating disorders, and fostering delusions

 

Since its deployment in 2011, the adoption of RPKI by Internet Service Providers has shown continuous growth, a trend that persists to this day. As this growth continues it is important to measure its effect on BGP stability.

 

AI companies, AI influencers and famous professors have been making extraordinary claims for years about AI.

 

A robotic system that can produce a rubbery pancake is a true technical and logistic achievement, but why all this work to automate the production of mediocrity?

 

The greatest risk we face today isn’t that AI is becoming “too smart”; it’s that we are beginning to treat this technology as an infallible “oracle” rather than a capable, yet fundamentally fallible, “intern.”

0

Turning Cloudflare’s threat indicators into real-time WAF rules

Cloudflare’s Threat Events provides security analysts with a window into the global threat landscape. The platform offers a peek into the immense traffic that Cloudflare processes every day, so you can see in real time which IPs are attacking specific industries or which threat actors are trending globally. However, translating that visibility into active mitigation has often been a manual, reactive process.

Security teams have faced a recurring frustration: knowing that certain IP addresses were associated with specific threat actors (like Tycoon 2FA or RaccoonO365) or had been seen targeting their specific industry in other regions, but they couldn't easily automate the blocking of these high-risk IPs within their own WAF unless they manually configured the rules. 

We are excited to announce a new integration that brings Cloudflare’s vast threat intelligence directly into your WAF engine: you can now write proactive rules using live intelligence data. This means you can add more intelligence context to protect your application against known bad actors — before they even attempt to touch your infrastructure.

By populating specialized fields during the early stages of a request, the WAF can now screen traffic based on:

• Who is attacking by matching specific threat actor Continue reading

0

netlab 26.06: OSPFv3 on FortiOS, MPLS/VPN on SR Linux

netlab release 26.06 adds OSPFv3 support on FortiOS (by @a-v-popov) and MPLS/VPN support on SR Linux. We also ensured the installation scripts work on Ubuntu 26.04 (everything else was OK) and updated the installed Vagrant version to 2.4.9 (we’re not using new Vagrant features; you don’t have to upgrade it in an existing installation).

Other than that, we added a few improvements and squashed a number of bugs.

Upgrading or Starting from Scratch?

• To upgrade your netlab installation, execute pip3 install --upgrade networklab.
• New to netlab? Start with the Getting Started document and the installation guide.
• Need help? Open a discussion or an issue in netlab GitHub repository.

0

Evolusi Teknologi Energy Buffer untuk Efisiensi Kendaraan Masa Depan

Di tengah percepatan inovasi otomotif, teknologi kendaraan terus mengalami perkembangan signifikan untuk mendukung efisiensi energi dan keberlanjutan. Salah satu terobosan yang mulai populer adalah energy buffer berbasis teknologi pintar yang mampu mengelola energi secara optimal dalam kendaraan masa depan. Artikel ini akan membahas evolusi teknologi intelligent energy buffer dan peran vitalnya dalam transformasi kendaraan modern.

Apa Itu Energy Buffer?

Energy buffer adalah sistem penyimpanan energi sementara yang berfungsi untuk menstabilkan dan mengoptimalkan distribusi energi pada kendaraan. Sistem ini membantu dalam menyimpan energi saat kelebihan daya dan melepaskannya kembali saat kebutuhan energi meningkat, sehingga memastikan konsumsi yang lebih efisien dan mengurangi pemborosan energi.

Dalam konteks kendaraan, energy buffer biasanya diintegrasikan dengan baterai utama dan sistem regenerasi energi, seperti pengereman regeneratif pada kendaraan listrik dan hybrid. Fungsi utamanya adalah meningkatkan performa kendaraan sekaligus mengurangi emisi.

Peran Teknologi Kendaraan dalam Meningkatkan Efisiensi Energi

Seiring perkembangan teknologi kendaraan, kebutuhan untuk mengoptimalkan penggunaan energi semakin mendesak. Energi yang efisien tidak hanya mengurangi konsumsi bahan bakar tetapi juga memperpanjang umur kendaraan dan komponen pendukungnya.

Intelligent energy buffer hadir sebagai solusi cerdas dengan fitur-fitur seperti:

• Manajemen Energi Otomatis: Mengatur aliran energi secara real-time sesuai kebutuhan pengemudi dan kondisi jalan.
• Integrasi dengan Sistem Kendaraan Lain: Berfungsi bersama ECU Continue reading

0

Potensi Industri Produk Turunan Singkong untuk Meningkatkan Ekonomi Desa

Singkong merupakan salah satu tanaman pangan yang memiliki peranan penting dalam ketahanan pangan di Indonesia. Selain mudah dibudidayakan, singkong juga tahan terhadap berbagai kondisi lingkungan, sehingga sangat potensial untuk dikembangkan sebagai bahan baku industri pangan. Dalam beberapa tahun terakhir, industri produk olahan singkong mulai menunjukkan perkembangan yang signifikan, memberikan peluang besar untuk meningkatkan nilai tambah dan mendongkrak ekonomi desa.

Mengapa Singkong Menjadi Bahan Baku Unggulan?

Singkong memiliki banyak keunggulan dibandingkan dengan tanaman pangan lainnya:

• Ketersediaan melimpah: Singkong dapat tumbuh hampir di seluruh wilayah Indonesia, termasuk daerah-daerah dengan kondisi tanah kurang subur.
• Mudah diolah: Singkong dapat diolah menjadi berbagai produk olahan yang bernilai jual tinggi.
• Nilai gizi yang baik: Sebagai sumber karbohidrat, singkong juga kaya akan serat dan beberapa jenis mineral.
• Tahan lama: Produk olahan singkong biasanya memiliki masa simpan lebih lama dibandingkan singkong segar.

Karena alasan di atas, singkong sangat potensial untuk diangkat menjadi bahan baku utama dalam industri pangan yang dapat memberikan dampak positif bagi perekonomian lokal.

Ragam Produk Olahan Singkong dalam Industri Pangan

Industri produk turunan singkong telah berkembang cukup luas dengan berbagai inovasi produk olahan yang menarik, antara lain:

• Tepung singkong: Digunakan sebagai bahan baku pengganti tepung terigu, terutama bagi yang alergi Continue reading