Notifications
Clear all
Topic starter
22/06/2026 9:58 am
TL;DR: Mythos-class AI models can discover and exploit vulnerabilities in major operating systems, browsers, and software platforms, and a CSA advisory backed by more than 250 CISOs recommends deception as a control for agentic AI attacks, according to Acalvio. The issue is not detection alone but whether identity and environment controls can misdirect autonomous decision-making before it turns reconnaissance into exploitation.
NHIMG editorial — here’s why we think this discussion matters
By the numbers:
- 250 CISOs and industry experts backed the Cloud, the Cloud Security Alliance advisory recommending deception as a necessary security control to combat Mythos-class attacks.
- When AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes.
Questions worth separating out
Q: How should security teams use deception against agentic AI attacks?
A: Security teams should place deception where an agent first learns how the environment works, then use those signals to slow or divert follow-on action.
Q: Why do autonomous attacks change the value of deception?
A: Autonomous attacks change deception value because the attacker can test multiple paths, revise choices, and continue without waiting for human direction.
Practitioner guidance
- Map deception to the highest-value identity paths Identify which workload identities, admin paths, and agent entry points would most damage the business if an attacker could probe them safely.
- Instrument environmental signals around agentic reconnaissance Collect the signals that show an autonomous actor is comparing assets, testing responses, or iterating on access routes.
- Pair deception with privilege minimisation Reduce the damage of a successful probe by limiting the standing access available to workload identities and administrative paths.
What to expect at the briefing
Acalvio's full event preview covers the operational detail this post intentionally leaves for the source:
- Live demonstration of deception techniques designed to mislead agentic attackers during reconnaissance.
- A closer look at how 360 Deception makes real assets appear fake in an operational environment.
- Event-facing explanation of how deception serves as an environmental guardrail for autonomous attack paths.
- Black Hat USA 2026 context that helps practitioners decide whether the control belongs in their roadmap.
👉 Register for Acalvio's Black Hat USA 2026 preview on agentic AI deception →
Agentic AI deception at Black Hat USA 2026, are controls ready?
Explore further
22/06/2026 10:41 am
Agentic AI changes the deception problem from detection to misdirection. Traditional controls assume the attacker must first identify a target, then decide what to do next. When an actor can reason and branch at runtime, the defender's task becomes shaping the environment so the attacker's next decision is less trustworthy. That is a different security function, and it sits alongside identity governance rather than outside it. Practitioners should treat deception as part of runtime identity control.
A few things that frame the scale:
- Only 19.6% of security professionals express strong confidence in their organisation's ability to securely manage non-human workload identities, according to The 2024 Non-Human Identity Security Report.
- 23.7% of organisations share secrets through insecure methods such as email or messaging applications.
A question worth separating out:
Q: Who is accountable for deception controls in AI and NHI programmes?
A: Accountability belongs to the teams that govern identity, access, and runtime security together, because deception is part of the control plane, not a standalone gadget. In practice, IAM, cloud security, and detection teams need shared ownership for where traps are placed, how they are monitored, and how findings change access policy.
👉 Read our full editorial: Agentic AI deception at Black Hat USA 2026: what it means
