Fresh start - excluded large ROM JSON files

memory/2026-02-13.md

@@ -0,0 +1,40 @@
+# 2026-02-13 - Daily Memory Log
+
+## YouTube Summary: Zero Trust in the Age of Agentic AI
+
+**Video:** https://youtu.be/d8d9EZHU7fw  
+**Topic:** Cybersecurity - Securing AI Agent Systems with Zero Trust Principles
+
+### Key Concepts
+
+**Agentic AI Risks**
+- AI agents that act (call APIs, buy things, move data, spawn sub-agents) introduce entirely new attack surfaces
+- Non-Human Identities (NHIs) - software actors using credentials - proliferate rapidly and need same/more control than human users
+
+**Core Zero Trust Principles**
+- "Never trust, always verify" - verification precedes trust
+- Just-in-time access vs. just-in-case (privilege only when needed)
+- Principle of least privilege
+- Move from perimeter-based security to pervasive controls throughout the system
+- Assumption of breach (design assuming attackers are already inside)
+
+**Attack Vectors on Agentic Systems**
+1. Direct prompt injection - breaking context to make agents do unauthorized things
+2. Policy/preference poisoning - manipulating training data or context
+3. Interface insertion - hijacking MCP calls or tool interfaces
+4. Credential attacks - stealing/copying NHI credentials to escalate privileges
+5. Attacks on APIs, data sources, tools, and spawned sub-agents
+
+**Zero Trust Solutions for AI**
+- Unique dynamic credentials for every agent/user stored in vaults (never embedded in code)
+- Tool registries with vetted/verified secure APIs only
+- AI firewalls/gateways for prompt injection detection and blocking
+- Continuous monitoring for data leaks and improper calls
+- Just-in-time privilege enforcement with strong authentication
+
+### Why It Matters
+As AI agents become more autonomous and integrated into systems, traditional perimeter security fails. Zero Trust principles adapted for software actors (NHIs) and agent-to-agent interactions will become critical for securing AI-native infrastructure.
+
+---
+
+*Stored during pre-compaction flush*