EchelonGraph Blog

Security Intelligence, Decoded

Deep dives into cloud security, real-world breach analysis, compliance automation, and the engineering behind EchelonGraph.

🛡️ SecurityMay 31, 2026·17 min readLatest

Your AI Stack Is Now an Attack Surface: NVIDIAScape, ShadowRay 2.0, and How to Get Alerted First

In 2025, attackers turned AI infrastructure into a target — a container escape in the NVIDIA toolkit that ~37% of clouds run (CVE-2025-23266), a self-propagating botnet hijacking exposed Ray clusters (CVE-2023-48022), an RCE in Ollama model servers (CVE-2024-37032), and a public DeepSeek database leaking chat history and API keys. The thread isn't exotic AI exploits — it's classic cloud-security failure at AI scale. Here are the real CVEs, with authoritative advisories, and exactly how EchelonGraph surfaces and alerts on each.

E

EchelonGraph

Founder

Read article

More Articles

Industry14 min read

CSPM and PAM After Palo Alto Idira + Versa CSPM: What the Compliance Layer Does Next

Palo Alto Networks shipped Idira (next-gen PAM built on CyberArk) and Versa Networks shipped CSPM in the same week. Both confirm AI has changed the rules. We walk through what each launch gets right, and the compliance layer that now has to keep up — 30-second re-scoring, 21 EU AI Act obligations live, and 7 newly shipped CIS-AWS IAM controls.

May 15, 2026Read →
Compliance22 min read

EU AI Act Compliance: The Complete Guide to August 2, 2026 Enforcement

The EU AI Act starts enforcing high-risk AI system obligations on August 2, 2026. Penalties reach €35M or 7% of global revenue. This is the complete guide — every Article, every deadline, every control, with the technical path to continuous compliance.

May 12, 2026Read →
Product9 min read

EchelonGraph Tier 3 (EcheDeep) Enters Early Access — Continuous, Zero-Knowledge eBPF Detection in Your Cluster

Tier 3 ships an eBPF DaemonSet that runs in your customer cluster, redacts PII at the kernel boundary, and submits envelope-encrypted findings sealed by a customer-controlled KMS. We never see your plaintext. Here's what's inside the v3.0.0 release.

May 10, 2026Read →
Security12 min read

What Coupang's $1.17 Billion Data Breach Teaches Us About Insider Threats

A former employee's unrevoked access key exposed 33.7 million customers over 5 months. We break down the timeline, the security failures, and how graph-based security intelligence could have caught it in hours, not months.

April 17, 2026Read →
Product5 min read

Introducing EchelonGraph: Cloud Security Intelligence for the Modern Enterprise

Today we're launching EchelonGraph — a platform that maps your entire cloud attack surface, visualizes blast radius, and automates compliance across AWS, GCP, and Azure.

March 28, 2026Read →
Engineering7 min read

Understanding Blast Radius: Why Graph-Based Security Matters

Traditional security tools scan in isolation. EchelonGraph uses graph databases to answer the question every CISO asks: 'If this one server gets compromised, what else is at risk?'

March 25, 2026Read →
Compliance10 min read

8 Compliance Frameworks Every Cloud Team Should Know

From SOC 2 to GDPR to DPDP Act — a practical guide to the compliance frameworks that matter for cloud-native teams, what they require, and how to automate scoring.

March 20, 2026Read →