Spencer Thompson

@adambain Yes, we have spent a lot of time on this. Happy to chat if helpful.

Has anyone seen a company that tells you which agents are running in the enterprise & shows you what they have access to + what they’ve done? I suspect it might be something that looks like: “agent observability + agent control plane + agent posture mgmt?” Does it exist?

Introducing Praxis, an adversarial framework for discovering, controlling, and orchestrating computer-use agents running on endpoints. Announcement → originhq.com/blog/praxis-an… Get Praxis → praxis.originhq.com

Natural language collapses meaning across layers. LLMs don’t just fail at instructions, they misinterpret intent, and they expose that unforgivably when we treat language like a protocol. In a short @originhq blog post, I break down semantic protocol confusion and what it means for agent safety. originhq.com/blog/semantic-…

Yup transformernews.ai/p/claude-code-…

In this simple example, we show that Claude Code can read the iMessage database on the latest version of macOS, even with a leading EDR running on the system, illustrating the impact of an adversary who can remotely control the agent. We do this using Terminator, an internal research tool we built while studying the security implications of computer use agents. In this setup, the terminal application has previously been granted FDA, a subtle misconfiguration that effectively gives the agent access to unexpected context.

We believe that: 1. The potential economic upsides of the productivity boosts that Computer Use Agents offer incentivize us to provide them with more access to our computers to increase the amount of context they can have. 2. They represent a new type of interpreter that dramatically closes the gap between intent and execution, is self-corrective, and yields nondeterministic outputs that create massive amounts of "noise" 3. Their ability to generate and execute new tools on the fly, combined with expanded access, challenges the very foundation of a signature-based model of detection As these systems become increasingly intertwined with how we use computers, we must consider what it means to detect their misuse through out-of-context interactions with the host. If you're interested in collaborating on tooling or joining our team, please contact research@preludesecurity.com

Today I am happy to release a new blog post about Pointer Authentication (PAC) on Windows ARM64! This post takes a look at the Windows implementation of PAC in both user-mode and kernel-mode. I must say, I have REALLY been enjoying Windows on ARM!! preludesecurity.com/blog/windows-a…

This method demonstrates how hardware-level telemetry, coupled with contextual reasoning, can surface malicious activity that signature-based approaches will always miss as malware authors innovate in response. 📃Full write-up → preludesecurity.com/blog/unexpecte…

Following up on our financing announcement from last week - we believe that the conditions are right for a 3rd generation of endpoint security, based on a new technology shift, new architectural requirements, new adversary behavior. In short, we think "it's time". Post below.

Today we're announcing an additional investment into Prelude from Brightmind Partners, @sequoia, @insightpartners , and others. preludesecurity.com/blog/announcin…

Today I am releasing a new blog post on VSM "secure calls" + the SkBridge project to manually issue them!! This blog talks about how VTL 0 requests the services of VTL 1 and outlines common secure call patterns!!! Blog: connormcgarr.github.io/secure-calls-a… SkBridge: github.com/connormcgarr/S…

Today we're announcing Runtime Memory Protection in research preview. This is a user mode _only_ agent designed to catch in-memory attacks, no matter how much creativity or AI the adversary applies. We believe it's the future of endpoint security.

My new blog covering user-mode EDR/AV platform and changes to Windows (including the death of the BSoD!!) blogs.windows.com/windowsexperie…

There is a very limited pool of donors. The process for getting screened to see if you’re a match is a simple oral swab you can do at home. Please consider signing up at bethematch.org/become-a-donor/ There’s nothing more important to me than her. It would mean the world to my family.

Read more about the release here: preludesecurity.com/blog/turn-thre…

4/ It now takes no more than a handful of minutes for a definitive answer to the question "are we vulnerable to X threat?" - including remediations that are instantly applied and validated.

3/ We are introducing a series of capabilities designed to help organizations transform their existing threat intelligence into validated protections in minutes. An organization can upload any CTI and Prelude will automatically build the appropriate detections and tests.

1/ In conversations with customers and prospects over the past year, it's become increasingly obvious that the current detection & response process is too slow. We've seen research papers published showing that GPT4 can automatically exploit vulnerabilities just by "reading"...