By Doug Green
“The question is no longer whether an attacker gets in—it’s how far they can go.”
In a recent Technology Reseller News podcast, I spoke with Doug Merritt, CEO of Aviatrix, about the company’s latest platform launch and a broader shift in cybersecurity strategy he calls the “Containment Era.” Aviatrix operates at the architectural layer of cloud environments, focusing on how systems, applications, and workloads communicate—where security outcomes are ultimately determined. As Merritt explains, the industry is moving beyond the assumption that breaches can always be prevented. Instead, the focus must shift to controlling what happens after a breach by defining exactly what each workload is allowed to reach and enforcing those boundaries consistently. The result is a model where lateral movement is restricted and risk is managed by reducing blast radius rather than relying solely on detection.
A major driver behind this shift is the rapid rise of AI. According to Merritt, AI has dramatically accelerated both vulnerability discovery and exploitation, shrinking the window between exposure and attack and making traditional response models less effective. At the same time, attackers are increasingly using legitimate credentials, trusted code, and authorized pathways, blending malicious activity into normal operations and making detection far more difficult. Compounding the issue, autonomous AI agents can now operate across systems, increasing both scale and risk. This combination defines the Containment Era—a model where the key question is not whether an attack gets in, but how far it can spread.
The Containment Era represents a shift from detection-first security to containment-first architecture. When threats are indistinguishable from legitimate activity, the defining variable becomes lateral movement—how far a compromised workload, identity, or AI agent can reach. Containment addresses this by enforcing strict communication controls so that systems can only access what they are explicitly permitted to reach. Even if a breach occurs, its impact is limited by design, requiring enforcement to move into the network and infrastructure layer rather than relying solely on edge or endpoint tools.
To support this shift, Aviatrix has introduced new capabilities within its Cloud Native Security Fabric. The platform delivers workload-level containment by enforcing precise communication policies across cloud environments without requiring agents or code changes. Key capabilities include consistent enforcement across clouds, regions, and compute environments; Zero Trust controls for AI workloads; default-deny policies to eliminate shadow AI and unauthorized connections; AgentGuard visibility into AI workloads; and integration with partners to secure both AI behavior and access. The goal is to reduce blast radius while maintaining flexibility for modern, distributed applications.
For enterprise and service provider leaders, the takeaway is clear: AI has fundamentally changed the threat landscape. The first step is understanding exposure—specifically, how far a compromise could spread—followed by measuring and managing blast radius as a core security metric. Architectural controls that limit workload communication need to become standard in cloud design, and security and infrastructure teams must align around containment as a shared responsibility. As AI adoption accelerates, governing how systems connect and interact will become increasingly critical, and the organizations that move early will be best positioned to harness AI while keeping risk contained.
Learn more: https://aviatrix.ai/
POWERED BY BLUBRRY
