Insights

Blog

Engineering updates, security deep-dives, and building in the open.

2026-05-17Security

Dirty Frag: Why Hardware Isolation Matters

A new kernel zero-day gives unprivileged users deterministic root on most Linux distributions since 2017. We tested it against our microVM isolation boundary. Here's what happened.

Read more
2026-03-28Security

Why Sandboxes Alone Won't Secure Your AI Agents

Sandboxes isolate execution. But isolation doesn't stop your agent from leaking a customer's SSN to a third-party API. Here's the gap nobody talks about.

Read more
2026-03-24Engineering

Anatomy of an Agent Data Leak

We walked through a real scenario where a coding agent leaked a database password to a third-party API. Here's exactly how it happened and what would have stopped it.

Read more
2026-03-14Security

Prompt Injection Is Not Solved. Stop Pretending It Is.

Everyone knows prompt injection is a problem. Most teams think they've handled it with a system prompt. They haven't.

Read more
2026-03-10Engineering

Why We Chose Firecracker Over Docker for Agent Sandboxing

Containers are fast and convenient. They're also a terrible isolation boundary for untrusted AI agents. Here's the tradeoff we made and why.

Read more