Crowds flocked to the AMC Century City theater in Los Angeles this morning for a special IMAX event featuring the first look at the concluding chapter in Denis Villeneuve’s “Dune” saga. Zendaya, Robert Pattinson, Javier Bardem, and Anya Taylor-Joy came out to meet the fans in person, while Timothée Chalamet sent in a video greeting via his phone. The energy in the room altered suddenly, as this plot picks up 17 years after the previous film finished and revolves around what happens when someone gains too much power.

The footage starts with Paul and Chani having a private conversation about what they could name their future child. Ghanima for a girl and Leto for a male, but even it felt tight, a result of how they’d begun to drift apart in the last film. Within seconds, the screen was filled with broader pictures of Paul and Stilgar exploring the cosmos on new planets, as their reach for the Atreides empire grew rapidly. Large sights of fleets of ships slicing across alien sky, as well as soldiers moving across rocky terrain far from Arrakis.

Sale

LEGO Icons Dune Atreides Royal Ornithopter 10327, Collectible Dune Inspired Model for Build and Display…

• Dune building set for adults – Collectible LEGO Icons Dune Atreides Royal Ornithopter building project for fans of the Dune 2021 movie
• What’s in the box? – Everything you need to craft a LEGO replica of the Dune Atreides Royal Ornithopter aircraft with foldout, flappable wings and…
• Minifigure character lineup – Includes Paul Atreides, Lady Jessica, Gurney Halleck, Chani, Leto Atreides, Liet Kynes, Duncan Idaho and Baron…

Chani showed up shortly, this time fighting her way through a violent battle scene. A sandworm can be spotted in the midst of it all, balancing on its back before diving into the melee. Just as Chani was in the middle of it, Alia, now all grown up and played by Anya Taylor-Joy, stepped into several critical frames of her own.

Paul himself provides some of the low, echoing vocals that run under the music throughout, while Robert Pattinson appears as Scytale, the shape-shifter who is as slick as ever and whose loyalties are impossible to read. Jason Momoa has also returned, and Duncan Idaho was seen briefly. Returning cast members include Rebecca Ferguson (Lady Jessica), Florence Pugh (Princess Irulan), and Javier Bardem (Stilgar), who join an already impressive group.

Villeneuve described this installment as a fast-paced thriller centered on action and pressure. Note how, even in the midst of all that upheaval, Paul and Chani’s link remains strong, as he describes it as a steady pulse that runs through everything, with a focus primarily on the two of them. He also emphasizes how the large jump in time allows Alia to become much more vital to the tale, which the previous films just hinted at. Also, it appears that Hans Zimmer has returned to the soundtrack. Fans who left the theater today are already counting down the days until December 18, 2026, when the film is released.

If your house is already lined with Sonos products, you may want a pair of over-ear headphones that know how to play nice with your other speakers. As it turns out, Sonos actually makes a pair of over-ear headphones, the Ace, and they’re currently just $299 on Amazon. That’s a great deal, and one that almost ties the all-time low price for these cans.

Not only do the Sonos Ace integrate with your existing Sonos setup via Bluetooth, they’re also great headphones in their own right. They have a crisp, flat audio profile, something Sonos is known for, and our reviewer Parker Hall specifically called out their ability to handle any song “with a good bass line.” They have great detail, with a dynamic sound that handles a variety of genres well.

They’re also one of the more comfortable headsets you can buy, largely thanks to their impressive lightness. At just 11 ounces, it’s easy to feel like you’re wearing nothing at all, and they have good clamping force on the side that helps take a lot of the pressure off the top of your head. If fit and finish are a top priority for your headset, the Sonos Ace have both by the truckload.

The ANC is right up there with the best headsets you can buy, and in particular handled low-frequency rumbles adeptly. Transparency mode is excellent too, with a clarity to conversations that doesn’t have you feeling like you’re talking to someone through a tin can. While they lack some of the convenience features found on other headsets, they make up for it with multipoint pairing, and you can adjust all the settings to your liking in the Sonos app.

While the Sonos Ace are available in multiple colors, I only spotted the black model marked down to the $300 sale price. As I write this, the white model is in stock at a slightly higher $365, which may or may not be worth it, depending on how much the aesthetics matter to you. If you’re not sold on the Sonos Ace, make sure to check out our full roundup of the best headphones, with hands-on testing from our team of audio experts.

After their dramatic falling-out, it doesn’t seem as though Anthropic and the Pentagon are getting back together.

Instead, the Pentagon is building tools to replace Anthropic’s AI, according to a Bloomberg conversation with Cameron Stanley, the chief digital and AI officer at the Pentagon.

“The Department is actively pursuing multiple LLMs into the appropriate government-owned environments,” he said. “Engineering work has begun on these LLMs, and we expect to have them available for operational use very soon.”

Anthropic’s $200 million contract with the Department of Defense (DOD) broke down over the last several weeks after the two parties failed to come to an agreement over the degree to which the military could obtain unrestricted access to Anthropic’s AI.

While Anthropic sought to include a contractual clause that prohibits the Pentagon from using its AI for mass surveillance of Americans or to deploy weapons that can fire without human intervention, the Pentagon didn’t budge. Instead, OpenAI swooped in and made its own agreement with the Pentagon. The Department of Defense — known under the Trump administration as the Department of War — also signed an agreement with Elon Musk’s xAI to use Grok in classified systems.

It makes sense, then, why the Pentagon would be working on phasing Anthropic’s technology out of its workflows. While some reports said there was a small possibility that Anthropic would reconcile with the Pentagon, this news suggests that the government is preparing to forge ahead without them.

In fact, Defense Secretary Pete Hegseth has declared Anthropic a supply-chain risk, a designation usually reserved for foreign adversaries, which bars companies that work with the Pentagon from working with Anthropic as well. Anthropic is challenging this designation in court.

For the first time on a major AI platform release, security shipped at launch — not bolted on 18 months later. At Nvidia GTC this week, five security vendors announced protection for Nvidia’s agentic AI stack, four with active deployments, one with validated early integration.

The timing reflects how fast the threat has moved: 48% of cybersecurity professionals rank agentic AI as the top attack vector heading into 2026. Only 29% of organizations feel fully ready to deploy these technologies securely. Machine identities outnumber human employees 82 to 1 in the average enterprise. And IBM’s 2026 X-Force Threat Intelligence Index documented a 44% surge in attacks exploiting public-facing applications, accelerated by AI-enabled vulnerability scanning.

Nvidia CEO Jensen Huang made the case from the GTC keynote stage on Monday: “Agentic systems in the corporate network can access sensitive information, execute code, and communicate externally. Obviously, this can’t possibly be allowed.”

Nvidia defined a unified threat model designed to flex and adapt for the unique strengths of five different vendors. Nvidia also names Google, Microsoft Security and TrendAI as Nvidia OpenShell security collaborators. This article maps the five vendors with embargoed GTC announcements and verifiable deployment commitments on record, an analyst-synthesized reference architecture, not Nvidia’s official canonical stack.

No single vendor covers all five governance layers. Security leaders can evaluate CrowdStrike for agent decisions and identity, Palo Alto Networks for cloud runtime, JFrog for supply chain provenance, Cisco for prompt-layer inspection, and WWT for pre-production validation. The audit matrix below maps who covers what. Three or more unanswered vendor questions mean ungoverned agents in production.

The five-layer governance framework

This framework draws from the five vendor announcements and the OWASP Agentic Top 10. The left column is the governance layer. The right column is the question every security leader’s vendor should answer. If they can’t answer it, that layer is ungoverned.

Five-layer governance audit matrix. Three or more unanswered vendor questions indicate ungoverned agents in production. [runtime enforcement] = inline controls active during agent execution. [pre-deployment] = controls applied before artifacts reach runtime. [pre-prod validation] = proving-ground testing before production rollout. [AI Factory validated design] = Nvidia reference architecture integration, not OpenShell-launch coupling.

CrowdStrike’s Falcon platform embeds at four distinct enforcement points in the Nvidia OpenShell runtime: AIDR at the prompt-response-action layer, Falcon Endpoint on DGX Spark and DGX Station hosts, Falcon Cloud Security across AI-Q Blueprint deployments, and Falcon Identity for agent privilege boundaries. Palo Alto Networks enforces at the BlueField DPU hardware layer within Nvidia’s AI Factory validated design. JFrog governs the artifact supply chain from the registry through signing. WWT validates the full stack pre-production in a live environment. Cisco runs an independent guardrail at the prompt layer.

CrowdStrike and Nvidia are also building what they call intent-aware controls. That phrase matters. An agent constrained to certain data is access-controlled. An agent whose planning loop is monitored for behavioral drift is governed. Those are different security postures, and the gap between them is where the 4% error rate at 5x speed becomes dangerous.

Why the blast radius math changed

Daniel Bernard, CrowdStrike’s chief business officer, told VentureBeat in an exclusive interview what the blast radius of a compromised AI agent looks like compared to a compromised human credential.

“Anything we could think about from a blast radius before is unbounded,” Bernard said. “The human attacker needs to sleep a couple of hours a day. In the agentic world, there’s no such thing as a workday. It’s work-always.”

That framing tracks with architectural reality. A human insider with stolen credentials works within biological limits: typing speed, attention span, a schedule. An AI agent with inherited credentials operates at compute speed across every API, database, and downstream agent it can reach. No fatigue. No shift change. CrowdStrike’s 2026 Global Threat Report puts the fastest observed eCrime breakout at 27 seconds and average breakout times at 29 minutes. An agentic adversary doesn’t have an average. It runs until you stop it.

When VentureBeat asked Bernard about the 96% accuracy number and what happens in the 4%, his answer was operational, not promotional: “Having the right kill switches and fail-safes so that if the wrong thing is decided, you’re able to quickly get to the right thing.” The implication is worth sitting on. 96% accuracy at 5x speed means the errors that get through arrive five times faster than they used to. The oversight architecture has to match the detection speed. Most SOCs are not designed for that.

Bernard’s broader prescription: “The opportunity for customers is to transform their SOCs from history museums into autonomous fighting machines.” Walk into the average enterprise SOC and inventory what’s running there. He’s not wrong.

On analyst oversight when agents get it wrong, Bernard drew the governance line: “We want to keep not only agents in the loop, but also humans in the loop of the actions that the SOC is taking when that variance in what normal is realized. We’re on the same team.”

The full vendor stack

Each of the five vendors occupies a different enforcement point the other four do not. CrowdStrike’s architectural depth in the matrix reflects four announced OpenShell integration points; security leaders should weigh all five based on their existing tooling and threat model.

Cisco shipped Secure AI Factory with AI Defense, extending Hybrid Mesh Firewall enforcement to Nvidia BlueField DPUs and adding AI Defense guardrails to the OpenShell runtime. In multi-vendor deployments, Cisco AI Defense and Falcon AIDR run as parallel guardrails: AIDR enforcing inside the OpenShell sandbox, AI Defense enforcing at the network perimeter. A poisoned prompt that evades one still hits the other.

Palo Alto Networks runs Prisma AIRS on Nvidia BlueField DPUs as part of the Nvidia AI Factory validated design, offloading inspection to the data processing unit at the network hardware layer, below the hypervisor and outside the host OS kernel. This integration is best understood as a validated reference architecture pairing rather than a tight OpenShell runtime coupling. Palo Alto intercepts east-west agent traffic on the wire; CrowdStrike monitors agent process behavior inside the runtime. Same cloud runtime row, different integration model and maturity stage.

JFrog announced the Agent Skills Registry, a system of record for MCP servers, models, agent skills, and agentic binary assets within Nvidia’s AI-Q architecture. Early integration with Nvidia has been validated, with full OpenShell support in active development. JFrog Artifactory will serve as a governed registry for AI skills, scanning, verifying, and signing every skill before agents can adopt it. This is the only pre-deployment enforcement point in the stack. As Chief Strategy Officer Gal Marder put it: “Just as a malicious software package can compromise an application, an unvetted skill can guide an agent to perform harmful actions.”

Worldwide Technology launched a Securing AI Lab inside its Advanced Technology Center, built on Nvidia AI factories and the Falcon platform. WWT’s vendor-agnostic ARMOR framework is a pre-production validation and proving-ground capability, not an inline runtime control. It validates how the integrated stack behaves in a live AI factory environment before any agent touches production data, surfacing control interactions, failure modes, and policy conflicts before they become incidents.

Three MDR numbers: what they actually measure

On the MDR side, CrowdStrike fine-tuned Nvidia Nemotron models on first-party threat data and operational SOC data from Falcon Complete engagements. Internal benchmarks show 5x faster investigations, 3x higher triage accuracy in high-confidence benign classification, and 96% accuracy in generating investigation queries within Falcon LogScale. Kroll, a global risk advisory and managed security firm that runs Falcon Complete as its MDR backbone, confirmed the results in production.

Because Kroll operates Falcon Complete as its core MDR platform rather than as a neutral third-party evaluator, their validation is operationally meaningful but not independent in the audit sense. Industry-wide third-party benchmarks for agentic SOC accuracy do not yet exist. Treat reported numbers as indicative, not audited.

The 5x investigation speed compares average agentic investigation time (8.5 minutes) against the longest observed human investigation in CrowdStrike’s internal testing: a ceiling, not a mean. The 3x triage accuracy measures one internal model against another. The 96% accuracy applies specifically to generating Falcon LogScale investigation queries via natural language, not to overall threat detection or alert classification.

JFrog’s Agent Skills Registry operates beneath all four CrowdStrike enforcement layers, scanning, signing, and governing every model and skill before any agent can adopt it — with early Nvidia integration validated and full OpenShell support in active development.

Six enterprises are already in deployment

EY selected the CrowdStrike-Nvidia stack to power Agentic SOC services for global enterprises. Nebius ships with Falcon integrated into its AI cloud from day one. CoreWeave CISO Jim Higgins signed off on the Blueprint. Mondelēz North America Regional CISO Emmett Koen said the capability lets his team “focus on higher-value response and decision-making.”

MGM Resorts International CISO Bryan Green endorsed WWT’s validated testing environments, saying enterprises need “validated environments that embed protection from the start.” These range from vendor selection and platform validation to production integration. The signal is converging across buyer types, not uniform at-scale deployment.

What the five-vendor stack does not cover

The governance framework above represents real progress. It also has three holes that every security leader deploying agentic AI will eventually hit. No vendor at GTC closed any of them. Knowing where they are is as important as knowing what shipped.

1. Agent-to-agent trust. When agents delegate to other agents, credentials compound. The OWASP Top 10 for Agentic Applications lists tool call hijacking and orchestrator manipulation as top-tier risks. Independent research from BlueRock Security scanning over 7,000 MCP servers found 36.7% contain vulnerabilities. An arXiv preprint study across 847 scenarios found a 23 to 41% increase in attack success rates in MCP integrations versus non-MCP. No vendor at GTC demonstrated a complete trust policy framework for agent-to-agent delegation. This is the layer where the 82:1 identity ratio becomes a governance crisis, not just an inventory problem.

2. Memory integrity. Agents with persistent memory create an attack surface that stateless LLM deployments do not have. Poison an agent’s long-term memory once. Influence its decisions weeks later. The OWASP Agentic Top 10 flags this explicitly. CrowdStrike’s intent-aware controls are the closest architectural response announced at GTC. Implementation details remain forward-looking.

3. Registry-to-runtime provenance. JFrog’s Agent Skills Registry addresses the registry side of this problem. The gap that remains is the last mile: end-to-end provenance requires proving the model executing in production is the exact artifact scanned and signed in the registry. That cryptographic continuity from registry to runtime is still an engineering problem, not a solved capability.

What running five vendors actually costs

The governance matrix is a coverage map, not an implementation plan. Running five vendors across five enforcement layers introduces real operational overhead that the GTC announcements did not address. Someone has to own policy orchestration: deciding which vendor’s guardrail wins when AIDR and AI Defense return conflicting verdicts on the same prompt. Someone has to normalize telemetry across Falcon LogScale, Prisma AIRS, and JFrog Artifactory into a single incident workflow. And someone has to manage change control when one vendor ships a runtime update that shifts how another vendor’s enforcement layer behaves.

A realistic phased rollout looks like this: start with the supply chain layer (JFrog), because it operates pre-deployment and has no runtime dependencies on the other four. Add identity governance (Falcon Identity) second, because scoped agent credentials limit blast radius before you instrument the runtime. Then instrument the agent decision layer (Falcon AIDR or Cisco AI Defense, depending on your existing vendor footprint), then cloud runtime, then local execution. Running all five simultaneously from day one is an integration project, not a configuration task. Budget for it accordingly.

What to do before your next board meeting

Here is what every CISO should be able to say after running the framework above: “We have audited every autonomous agent against five governance layers. Here is what’s in place, and here are the five questions we are holding vendors to.” If you cannot say that today, the issue is not that you are behind schedule. The issue is that no schedule existed. Five vendors just shipped the architectural scaffolding for one.

Do four things before your next board meeting:

1. Run the five-layer audit. Pull every autonomous agent your organization has in production or staging. Map each one against the five governance rows above. Mark which vendor questions you can answer and which you cannot.

2. Count the unanswered questions. Three or more means ungoverned agents in production. That is your board number, not a backlog item.

3. Pressure-test the three open gaps. Ask your vendors, explicitly: How do you handle agent-to-agent trust across MCP delegation chains? How do you detect memory poisoning in persistent agent stores? Can you show a cryptographic binding between the registry scan and the runtime load? None of the five vendors at GTC has a complete answer. That is not an accusation. It is where the next year of agentic security gets built.

4. Establish the oversight model before you scale. Bernard put it plainly: keep agents and humans in the loop. 96% accuracy at 5x speed means errors arrive faster than any SOC designed for human-speed detection can catch them. The kill switches and fail-safes have to be in place before the agents run at scale, not after the first missed breach.

The scaffolding is necessary. It is not sufficient. Whether it changes your posture depends on whether you treat the five-layer framework as a working instrument or skip past it in the vendor deck.