Security at Scale¶
Treating agents as execution identities with explicit boundaries and least-privilege controls.
Why this chapter matters¶
Agents should be treated as a distinct identity class with constrained permissions and auditable behavior. Security outcomes depend on least privilege by design.
Key points for your team¶
Security posture must evolve with the actor model. Agents are execution identities that need explicit boundaries, not implicit trust inherited from developer workflows.
The conference companion takeaway is to make policy concrete early: branch scope, secret access, and tool permissions should be explicit, reviewable, and enforced before broad rollout.
What to review with your team¶
For team discussion, use this chapter to connect Agents are a new identity class, Scope: branches, MCP tools, secrets, environments, Prompt injection = the new SQL injection, and Least privilege, validated outputs, human gates on impact with your current delivery loop.
In the session context, Security teams: an agent is a new identity class. It needs an identity, a scoped permission set, an audit trail, and a blast radius. Use that framing to align engineering, platform, and governance stakeholders on concrete next steps.
Put this into practice¶
Define scope boundaries for branch access, secrets, and tool calls before rollout, and enforce them with policy controls.