Ahl About Identity

In this episode of All About Identity, Ian Ahl breaks down the latest wave of AI-for-cyber news, from the hype and skepticism around Anthropic’s Mythos to OpenAI’s GPT-5.4 Cyber access program and the reality of what users are actually getting today. Along the way, he looks at what these model releases could mean for exploit discovery, defenders, and attackers alike, while keeping the conversation grounded in the fact that credential theft, phishing, and supply chain attacks still drive a huge amount of real-world compromise.Ian also shares hands-on impressions from OpenAI’s Codex Security workflow, reacts live to the Opus 4.7 release, and puts the model through a network forensics challenge to see how well it handles triage, attack reconstruction, and detection ideas. The episode closes with a broader discussion on where these models are actually useful today, and whether it’s time to build better cyber benchmarks to measure what they can really do.

AI agent skill marketplaces are the new software supply chain, and attackers are already exploiting them. In this episode of All About Identity, Ian Ahl walks through real examples of credential-stealing and deceptive skills, explains why static scanning and single-LLM reviews fall short, and introduces SandyClaw, Permiso's dynamic analysis platform for AI agent skills and prompts.Ian breaks down how SandyClaw combines static analysis, runtime detonation, network and file monitoring, and multiple detection engines to determine whether a skill is benign, suspicious, or malicious. He also demos the platform, shows how users can search previously scanned skills or submit their own for analysis, and shares his vision for making SandyClaw the "VirusTotal for skills."Try SandyClaw at sandyclaw.permiso.io.

In this episode, Ian Ahl (Permiso CTO) and Andi Ahmeti (Permiso Threat Researcher) walk through new research on how Microsoft Copilot email summaries can be manipulated by attacker-controlled content inside a message. They show how hidden instructions can influence summary output, inject fake security warnings, and make AI-generated summaries feel more trustworthy than the original email. It’s a sharp look at how productivity features can become attack surfaces, and what defenders should be watching next.

In the latest episode of Ahl About Identity, Ian Ahl revisits OpenClaw and shows how his agent, Rufio, has evolved beyond hunting malicious skills into broader security workflows. He breaks down the Rufio Evolution Report, including 135 YARA rules authored, more than 2,000 skills scanned, and 21 confirmed threats. The episode wraps with a practical purple team exercise where Rufio operates inside an AWS research account, revealing detection gaps and an instruction-following miss that complicated attribution.

Our CTO, Ian Ahl, deployed an AI agent to investigate the OpenClaw ecosystem and it immediately uncovered malicious skills stealing credentials in the wild. We break down how these campaigns work, why skills marketplaces are becoming a new supply chain risk, and what happens when agents hold keys to core business systems. Agents are becoming sysadmins for people, and we are still installing first and asking questions later.

Salesforce says it saw unusual activity from a Gainsight app and revoked access. We don’t have technical details yet. In this episode Ian covers what’s confirmed, what’s speculation, how this differs from SalesLoft, and the immediate hunts you can run while we wait for more signal.

AI security can feel chaotic, but it makes more sense when you look at it through identity. In this episode, Ian Ahl explains why most "AI incidents" today come down to stolen credentials, abused OAuth tokens, and over-privileged accounts. He compares what's useful right now from NIST's AI RMF, Google's Secure AI Framework, and MITRE ATLAS, and points out what's still mostly theory. Ian also shares a practical way to get started: Discover, Protect, Defend. We spend most of the time on discovery, on how to see real AI use across users, builders, and agents by watching runtime activity instead of just scanning configs. Think Slack or Teams events, Okta or Entra logs, and MCP user agents. You'll hear real cases, including the Salesloft/Drift token theft and LM-jacking on AWS Bedrock. If your "AI security" sounds like old CSPM with a new label, this episode will help you reframe the problem and focus on what actually breaks.

Over just a few weeks, the NPM ecosystem was hit by three major security incidents: the Singularity campaign exploiting GitHub Actions for token theft, a phishing attack on a package maintainer, and Shai-Hulud, the first worm-like malware propagation in NPM. In this episode of The Permiso Podcast, our CTO Ian Ahl, breaks down how each event unfolded, the role of stolen credentials, and what these attacks mean for developers and security teams navigating modern supply chain risks.

In our first episode of the Permiso Podcast, Our CTO Ian Ahl unpacks the Salesloft breach. This supply chain attack leveraged OAuth tokens to access Salesforce, Google Workspace, and other integrations.We cover:How attackers moved from GitHub into AWS and SaaS platformsWhy Salesforce data became a key enabler for deeper compromisesThe challenges defenders face with SaaS logging and visibilityPractical detection strategies to identify and stop attacks like thisThis episode goes beyond a simple recap. It’s a playbook for understanding how modern SaaS compromises unfold and what you can do about it.