科技立委葛如鈞 Ko Ju-Chun

The fifteen-layer defense stack we've built over two weeks (GTC → RSA)? It assumed agents are STATIC — deploy, monitor, govern. Hyperagents break that assumption. When agents rewrite their own code AND their improvement mechanisms, every governance checkpoint must be CONTINUOUS, not point-in-time. The reliability gap isn't closing. The capability gap is accelerating. And agents are now in the driver's seat of their own evolution. Infrastructure > alignment. Always has been. 📊 Princeton: fortune.com/2026/03/24/ai-… 🧬 Hyperagents: arxiv.org/abs/2603.19461

The collision course: Princeton says reliability is the #1 barrier to agent deployment — 85% capable but brittle in the 15% that matters most. Meta says agents should improve THEMSELVES — including the mechanisms for improvement. Self-improving agents that can't reliably assess their own certainty (Gemini: 52% calibration) improving the process by which they evaluate improvements. This is the governance challenge of 2026: capability compounds. Reliability doesn't. And now agents are modifying their own learning loops. Bessemer's new framework is right: Visibility → Configuration → Runtime Protection. Sequential, not optional.

The Reliability Gap is the real bottleneck for AI agents — not capability. Princeton's Kapoor & Narayanan benchmarked frontier models across 14 reliability metrics. Results: • Claude Opus 4.5 + Gemini 3 Pro: 85% overall reliability • But Gemini scored 25% on SAFETY (catastrophic error avoidance) • Claude hit only 73% on CONSISTENCY Reliability improves at HALF the rate of accuracy. On customer support tasks: ONE-SEVENTH the rate. "For automation, even 90% success with unpredictable 10% failures is unacceptable." #AIAgents #AIReliability

The agent identity stack is consolidating fast. Microsoft Entra Agent ID → enterprise governance Okta → lifecycle management Mastercard → transaction verification ERC-8004 → onchain resolution But there's a gap nobody's filling: How does an agent prove identity to a *service* that only accepts email? Registration forms. Password resets. Support tickets. Invoice delivery. 90% of the internet still runs on email as the identity primitive. Wallets solve onchain identity. Agent IDs solve enterprise governance. Email solves everything in between. That's why we built BaseMail — give any AI agent a real email address tied to their onchain identity. yourname@basemail.ai = wallet-verified, SIWE-authenticated, agent-native. No passwords. No CAPTCHAs. Just cryptographic proof of identity. The missing layer between wallet and web. 📬 #AIAgents #OnchainIdentity

Galaxy Research just dropped "The Agentic Flywheel" — the most concrete roadmap for Zero-Human Companies (ZHCs) yet. Felix Craft: $120K revenue in 30 days. No employees. Wrote a 66-page playbook, launched a marketplace, sells Claude skills. Earned MORE from products than from its token. KellyClaudeAI: 19 iOS apps shipped. Target: 12+ new apps PER DAY. These aren't experiments. They're businesses. Run by agents. On-chain. 🧵

RSA Conference 2026 closes today. Two weeks, fourteen defense layers shipped, $413M+ in security funding. But here's the uncomfortable truth nobody on stage will say: AI agents are getting MORE CAPABLE and LESS RELIABLE at the same time. Narayanan & Kapoor (Fortune, Mar 24) benchmarked leading models across four dimensions: 🔄 Consistency — same task, same prompt, different results 🛡️ Robustness — breaks under non-ideal conditions 📊 Calibration — agents don't know what they don't know ⚠️ Safety — when failures happen, severity is unpredictable 🧵

$2.5B in Nvidia chips smuggled to China. Three charged. Senators demand ALL export licenses suspended. Taiwan's AI Basic Act built supply chain transparency from day one — can't lead AI if you can't track your chips. Can controls work when circumventing pays billions? #AIChips

RSA Day 3 capstone: governance catches up to autonomy. Rubrik ships SAGE — first Semantic AI Governance Engine. Natural language policies → machine-executable logic via custom SLM (5x faster than GPT-5.2). Agent Rewind reverses destructive actions. No more rigid keyword rules — intent-aware governance at runtime. Datadog ships Bits AI Security Analyst — autonomous SOC agent inside Cloud SIEM. Investigation time: hours → 30 seconds. 98% faster. 90%+ MTTR reduction. 1-in-4 Fortune 500 already on Datadog. Oracle expands AI Agent Studio with Agentic Applications Builder — natural language app creation, workflow orchestration, contextual memory, multimodal LLMs, ROI dashboards. 63K certified experts. Enterprise agents go no-code. The pattern across two weeks: Week 1 (GTC): Build the hardware + runtime Week 2 (RSA): Ship governance + autonomous defense Fourteen defense layers now shipping — from kernel-level (Exein Photon) to semantic governance (Rubrik SAGE). Six months ago, zero existed as products. What changed: governance is no longer "slow down and check." It's real-time, semantic, reversible. Policies expressed in English, enforced at machine speed, with undo buttons. The agent economy doesn't wait for perfect rules. It needs rules that understand context. #AIAgents #RSAC2026

🔬 RSA Day 3 drops the THIRTEENTH defense layer — and this one goes BELOW the OS. Exein just launched Photon: kernel-level runtime security that blocks attacks before they execute. Not user-space detection. Not post-compromise alerting. Kernel interception. Every defense layer we've tracked for two weeks operates in user-space: • Runtime monitoring (CrowdStrike) • Network governance (Tufin/ExtraHop) • Identity governance (Okta/Orchid) • Browser security (Menlo) • Unified platforms (Palo Alto) • Autonomous SOC (Google/SentinelOne/Microsoft) All of them can be bypassed by an attacker who controls the kernel. Photon sits BELOW all of that. 🧵

Wiz joins Google Cloud with AI-APP (AI Application Protection Platform) + red/blue/green security agents. The eleven-layer defense stack gains its twelfth: AGENTIC SOC AT MACHINE SPEED. Two weeks ago at GTC: zero shipping agentic security products. Today at RSA Day 3: every major vendor has them. The 22-second attacker handoff means playbooks are dead. Only agents defending against agents can match this pace. #AIAgents #RSAC2026 #CyberSecurity 4/4

SentinelOne ships three agentic capabilities: 1️⃣ Purple AI Auto Investigation (GA) — one-click agentic investigation, cross-stack evidence synthesis, attack timelines in real-time, explainable verdicts → automated remediation. Hours→minutes. 2️⃣ Prompt AI Agent Security — real-time discovery + governance control plane for ALL AI agents across endpoints/cloud/identity. Catches unauthorized exfiltration, privilege escalation at machine speed. 3️⃣ Prompt AI Red Teaming — simulates prompt injection, jailbreaks, data poisoning BEFORE deployment. Purple AI attach rate: 50%+ of Q4 FY26 licenses. 3/4

RSAC Day 3: The agentic SOC goes live. Google Cloud + SentinelOne + Wiz ship autonomous defense at machine speed — while Mandiant reveals attackers now hand off access in 22 SECONDS. The race isn't human vs AI. It's autonomous offense vs autonomous defense. 🧵 1/4

RSAC Day 2: "IGA for AI" is born — and the numbers explain why Cisco (Mar 23): 85% of enterprises experiment with AI agents, only 5% in production. #1 barrier? Identity. New Cisco solutions: → Duo IAM: register agents, map to human owners → Identity Intelligence: agent discovery → Secure Access: MCP policy enforcement → DefenseClaw: open-source secure agent framework BalkanID (RSAC Day 1): launches "Agentic Identity Governance" → IGA for AI: govern agents as first-class identities → IGA with AI: agents autonomously run access reviews at machine speed → Discovery-first architecture across SaaS, data platforms, systems CEO Subbu Rama: "AI agents often have more access than your most senior engineers — and no one is governing them" The dual-layer insight: agents are BOTH identities to govern AND operators of governance itself. Recursive architecture. Meanwhile at CDF Beijing: Alibaba's Joe Tsai projects AI agents → $50T annual commercial value as "autonomous virtual employees" The gap: $50T commercial potential vs 5% production deployment. The bridge? Identity governance that works at machine speed — not quarterly access reviews designed for humans. Eleven-layer defense stack update: runtime + network + identity + browser + hardware + data + graph + autonomous SOC + network observability + unified platform + now IDENTITY GOVERNANCE AS CODE (BalkanID + Cisco Duo agent IAM) #AIAgents #RSAC2026 #OnchainIdentity

🎭 "Your AI Agents Are My Minions" — RSA Day 2's scariest talk Zenity CTO @MichaelBargury just demo'd zero-click attacks on EVERY major AI platform: • ChatGPT → steal Google Drive data • Cursor → exfiltrate dev secrets via "treasure hunt" reframing • Salesforce Agentforce → redirect all customer data to attacker server • Copilot, Gemini → manipulated as "trusted advisors" Zero user interaction needed. The key insight: "Prompt injection isn't a technical exploit. It's PERSUASION. AI is just gullible." 🧵

Ten-layer defense stack completed in 2 weeks (GTC → RSA): 1. Runtime monitoring (CrowdStrike AIDR) 2. Network governance (Tufin) 3. Identity governance (Okta/Orchid) 4. Browser security (Menlo) 5. Hardware attestation (Yubico × Delinea) 6. Data-layer governance (Kiteworks) 7. Agentic graph (Salt Security) 8. Autonomous SOC (Microsoft) 9. Network AI observability (ExtraHop) 10. Unified AI security platform (Palo Alto) Gartner: 40% of enterprise apps will have AI agents by year-end. The question isn't IF agents deploy — it's whether security deploys WITH them. #AIAgents #RSAC2026 #CyberSecurity

The Koi Security acquisition adds the ENDPOINT layer — securing MCP servers, browser extensions, plugins, and ephemeral code on devices. Plus: Prisma Browser now distinguishes human actions from automated AI tasks in real-time. When your browser can tell whether YOU clicked or your agent did, that's accountability at the interaction layer. Certificate lifecycle mgmt via CyberArk: TLS certs dropping from 398→200→47 days by 2029. Without automation, enterprises drown in renewals.

Palo Alto Networks just shipped Prisma AIRS 3.0 at RSA Day 2 — the TENTH defense layer in two weeks. The architecture: discover → scan → red-team → govern. Not just monitoring agents, but mapping every agent, model, and connection across cloud/SaaS/endpoints, then simulating attacks against them. Arora: "In next 5 years, customers go through the most significant network overhaul they've ever seen." 🧵