Failure Pattern
Compute fabrics assume jobs are legitimate if submitted through proper channels. Attackers exploit submission pathways.
What We See in the Field
A compromised workload submits malicious jobs into the cluster. Queue managers accept the jobs because metadata or authentication passes.
Underlying Causes
Blind trust in job submission
No workload-level verification
Shared credentials
Metadata spoofing
Overprivileged compute roles
Trust-Native Network Resolution
DTL binds identity to each compute job. Queues accept jobs only from workloads presenting valid TrustKeys, stopping malicious submissions.
Broken Trust Assumption
The attacks that exposed this failure pattern were not stealthy break-ins. They were trusted operations.
During incidents such as SolarWinds, Capital One, and Okta, malicious activity was carried out using valid identities and approved execution paths. Certificates were valid. Tokens were accepted. Sessions were authenticated. From the system’s point of view, nothing appeared wrong.
This is the risk of trust inferred from credentials, location, or prior authentication.