Twitter
Google plus
Facebook
Vimeo
Pinterest

Five reads: infrastructure beats features this week

Ideas and Insights
By

Five reads this week, all telling the same story from different angles. A CVE that won’t get a press conference. A guest column in SIA’s newsletter making the case for infrastructure-first AI. A piece of behavior-pattern AI shipping in retail. The SDM 100 numbers. And one standards story from earlier this year that hasn’t gotten any less relevant. Across all five, the same throughline: in 2026, what’s moving physical security ROI is the layer underneath the features and the AI. Infrastructure.

1. Your ACS server is still a Windows box, and CISA wants you to remember

A new CISA advisory this month covers a high-severity flaw in one of the major enterprise access-control server products (CVE-2026-21661): an Uncontrolled Search Path Element issue that lets a standard user already on the host escalate privileges. The vendor has shipped fixes. Patch and move on. The more interesting part is what doesn’t change: enterprise access-control servers are still Windows hosts, and Windows-host bugs keep finding their way in.

Teldio Perspective: Anything sitting above the panel needs to treat the host as untrusted. Otherwise, a compromised ACS server quietly corrupts every downstream event it produces.

2. An infrastructure-first read on AI in security, via Wesco and SIA

In SIA’s All Things AI newsletter, Wesco’s Matt Powers and Tara Dunning argue for an infrastructure-first approach to AI in physical security. Their case boils down to this: compute, power, and network capacity will move AI ROI more than the algorithms themselves will. A welcome dose of cold water on the agentic-AI marketing cycle. What the piece doesn’t quite say out loud is that event routing is the other gating layer. An AI that correctly spots a threat at 2 am is operationally useless if the alert can’t reach the right pair of eyes with the right context before the window closes.

Teldio Perspective: Detection and routing are both infrastructure problems. Fabric handles the routing half — getting the right alert to the right person, with context, before the window closes.

3. Solink ships behavior-pattern AI for video

Solink picked up a Globee Award for its AI Agents. The AI Agents watch for compounding behavior patterns across a camera fleet and flag the kind of sequence a single-trigger system would blow right past. Honest take: this is genuinely useful, especially inside the retail and quick-service restaurant footprints Solink runs in, where loss prevention is the whole game. It’s a video-layer feature, not an enterprise-wide coordination layer. Two different problems, both worth solving.

Teldio Perspective: Behavior detection inside a camera system and cross-system orchestration solve different problems. Fabric’s job starts where the camera’s view ends.

4. The SDM 100 dealers are describing the same commercial customer

The SDM 100 list for 2026 is out, and the topline is healthy: $740M in collective recurring monthly revenue, a decade high, and 85% of top dealers expect 2026 growth. The more useful pattern is under those numbers. Quote after quote from named SDM 100 dealers describes the same commercial customer — one who already owns the cameras, the access control, the intrusion system, and now wants to optimize the stack they have. Silent Guard’s customers want “comprehensive system upgrades rather than piecemeal improvements.” Advanced Security Systems’ clients expect “fully integrated solutions” with “actionable insights, audit trails, remote management capabilities and scalability.” Custom Alarm describes shifting video “from a traditional add-on to a core, scalable business solution.” That work is structurally hard to deliver one custom integration at a time. Every new vendor pairing is another stack to maintain, another upgrade cycle to track, another failure mode that lands on the integrator’s plate.

Teldio Perspective: The “fully integrated solution” commercial buyers keep asking for is exactly what Fabric offers as a productized, billable service — rather than another set of one-off integrations that break with the next vendor upgrade.

5. From earlier this year, but the pattern still fits: Aliro 1.0

This one’s a few months old, but it belongs on this list. Back in February, the Connectivity Standards Alliance released Aliro 1.0, an access-control interoperability standard with Apple, Google, Samsung, and 220-plus member companies behind it. Working hardware showed up on the ISC West floor in March. Lee Odess wrote up the moment for Security Info Watch and made the point that needs to stick: “opening at the credential layer does not automatically mean opening at the platform layer.” Aliro is real progress at one layer. The orchestration problem above it doesn’t go away.

Teldio Perspective: That orchestration layer is where Fabric lives. It makes today’s proprietary integrations behave consistently right now, and it’ll absorb Aliro as one more surface when the standard ships.

What it adds up to

Nothing on this list rewards being early to AI. Most of it rewards being late to AI and early to the operational layer underneath. The buyers who come out ahead this cycle are the ones treating physical security like infrastructure instead of features. Worth watching: which major video or access-control vendor gets honest about that first.

Share