Securing AI Agents: A Gap CrowdStrike and Palo Alto Cannot Fill

The article discusses the security challenges in securing AI agents, which traditional endpoint security tools like CrowdStrike and Palo Alto are unable to address. It highlights a vulnerability in the Langflow AI agent framework and the broader security issues in the AI agent infrastructure.

Details

The article discusses a vulnerability (CVE-2026-33053) discovered in the Langflow AI agent framework, which is used by many enterprises to construct LangChain AI agent pipelines. While the vulnerability is patchable, it reveals a broader issue - the security tools organizations trust, such as CrowdStrike Falcon and Palo Alto Cortex XDR, are designed for endpoint and network threats and cannot observe the critical attack surfaces of AI agents. These include the prompt injection surface (external inputs that can carry adversarial instructions), the memory surface (where sensitive data can be stored), the tool surface (where agents with access can be redirected), the session persistence surface (where accumulated context grows increasingly sensitive), and the framework surface (where underlying vulnerabilities can exist). The article classifies this systematic absence of telemetry across these layers as 'Control Plane Blindness', which leaves a gap that traditional security tools cannot fill.