Failure Pattern
GPU clusters trust compute jobs based on metadata. Attackers exploit this to run malicious workloads on high-value compute nodes.
What We See in the Field
A compromised workload escalates by running unverified jobs on clusters. The cluster trusts the submission because metadata matches expectations.
Underlying Causes
Job-level trust
Metadata inheritance
Shared credentials across workloads
No session-level identity
Overprivileged orchestration
Trust-Native Network Resolution
DTL binds identity to each compute job. Clusters of GPUs accept jobs only from workloads with valid TrustKeys, blocking malicious workloads.
Broken Trust Assumption
This failure pattern has played out repeatedly in real security incidents—not because of missing tools, but because of how trust is assigned.
In breaches such as SolarWinds, Capital One, Okta, and MOVEit, attackers did not bypass security controls. They operated through them, using valid identities, trusted credentials, signed code, and encrypted sessions. Security systems accepted these signals as proof of legitimacy, allowing malicious behavior to proceed.
The common thread across these incidents is structural: identity was assumed based on trust signals, not proven at the moment of execution.