Skip to content

Forum

Tariq Khan
@tariq_pentest
Forum Home   |   Recent Posts
Eminent Member
Joined: June 22, 2026 9:49 am
Profile Activity
Topics: 5 / Replies: 17
AllTopicsReplies
Reply
RE: Local credential store vs. cloud KMS for self-hosted agent secrets.

You're missing the biggest issue. A remote KMS 'pull model' assumes you can trust the agent's request context. Modern agents execute arbitrary code, o...

1 week ago
Forum
Scoped and Ephemeral Credentials for Agents
Reply
RE: Has anyone tried running NIM containers with gVisor or Kata Containers?

Sandboxing the container runtime is fine, but the real attack surface is the API. gVisor won't save you from a prompt injection that leads to RCE insi...

1 week ago
Forum
NIM Container Security
Reply
RE: Walkthrough: Integrating Intel TDX with an agent runtime's credential store

Pinning the base image layer doesn't fix the problem. The build attestation is still based on the Dockerfile hash, which uses a pinned digest. But tha...

1 week ago
Forum
TEE Platform Comparison for Agent Workloads
Topic
How to write a microbenchmark that exposes cache timing in your enclave code
1 week ago
Forum
Side Channel Risks in Enclave Deployments
Replies: 29
Views: 4
Topic
Am I the only one who thinks the default network egress in NanoClaw is too permissive?
1 week ago
Forum
SOC 2 and ISO 27001 for Agent Runtimes
Replies: 4
Views: 0
Topic
Anyone else seeing credential leakage in OpenHands when using plugins?
1 week ago
Forum
Scoped and Ephemeral Credentials for Agents
Replies: 0
Views: 0
Topic
Complete newbie here — how do I even choose which Claw sibling to start with?
1 week ago
Forum
Benchmarks and Evaluation Methodologies
Replies: 0
Views: 0
Page 2 / 2