| ▲ | muyuu 10 hours ago | |
This may sound obvious, but there must also be an enforcement of what's allowed into that sandbox. I can envision perfectly secure sandboxes where people put company secrets and communicate them over to "the cloud". | ||
| ▲ | insuranceguru 10 hours ago | parent [-] | |
exactly, egress control is the second half of that puzzle. A perfect sandbox is useless for dlp if the agent can just hallucinate your private keys or pii into a response and beam it back to the model provider. it’s basically an exfiltration risk that traditional infra-level security isn't fully built to catch yet. | ||