RedShield has introduced a new cybersecurity feature called ‘Third Horizon’ to provide additional protection against Distributed Denial-of-Service (DDoS) and automated bot attacks. The technology disrupts attack methods and forces attackers to adapt in ways that traditional automated or artificial intelligence-driven tools cannot manage effectively. The Third Horizon feature challenges suspicious users seeking access to an application by requiring them to supply a valid email address and verify their identity using a code sent to that email. This adds complexity for attackers using automated systems, as they typically struggle to answer such requests at scale. RedShield’s service operates using a three-tiered architecture for threat defence. The first layer, the First Horizon, uses traffic profiling to block high-volume attacks and malicious traffic. The second layer focuses on sophisticated bot detection, targeting malicious bots attempting to appear as legitimate users. The Third Horizon provides an identity and intent challenge, requiring suspicious users to confirm an email address before accessing a site or application. Recent findings highlight the scale of the challenge facing organizations, with automated bots accounting for nearly half of all internet traffic in 2024 and DDoS attacks increasing 1800% globally from the third to the fourth quarter of last year. RedShield is extending its layered approach by offering the Third Horizon as an optional add-on service for customers requiring heightened protection.
Proton’s AI assistant uses zero-access encryption and keeps no logs of conversations, has end-to-end encryption for storing chats, offers a ghost mode for conversations and doesn’t require the user to have an account to use the chatbot
Privacy-focused productivity tools maker Proton released its AI assistant, called Lumo, which keeps no logs of conversations, has end-to-end encryption for storing chats, and offers a ghost mode for conversations that disappear as soon as you close the window. Lumo doesn’t require you to have an account to use the chatbot and ask questions. You can upload files to have the chatbot answer questions about them, and if you have a Proton Drive account, you can connect it with Lumo to access files stored in the cloud. While the chatbot has access to the web, it might not find you the latest results if you use it to search. Lumo is based on open source models, and will only depend on them for research and development going forward without utilizing user data to train its models. Lumo relies on zero-access encryption, an encryption method that other Proton products also use, to let users store their conversation history, which can be decrypted on the device. “Lumo is based upon open-source language models and operates from Proton’s European datacenters. This gives you much greater transparency into the way Lumo works than any other major AI assistant. Unlike Apple Intelligence and others, Lumo is not a partnership with OpenAI or other American or Chinese AI companies, and your queries are never sent to any third parties,” Proton said.
Google’s AI agent discovers a critical SQLite vulnerability using threat intelligence and was able to actually predict that it was imminently going to be exploited for carrying out a cyberattack
Google is introducing a new approach to cybersecurity, focusing on artificial intelligence as the first line of digital defence. The company has introduced Big Sleep, an AI agent developed by Google DeepMind in collaboration with Project Zero, which has successfully stopped a security threat before it was launched. The tool is also being used to strengthen the security of open-source software, increasing defensive coverage. Google’s secure-by-design approach emphasizes human oversight, transparency, and privacy. In addition to Big Sleep, Google is infusing AI into its security infrastructure: Timesketch, the company’s open-source forensics platform, now integrates Sec-Gemini-powered agents to automate incident response. FACADE, an insider threat detection tool, processes billions of security events each day using contrastive learning, without relying on historical attack data. A new AI-assisted Capture the Flag challenge at DEF CON 33 will give participants hands-on experience working alongside AI agents in real-time cyber defence scenarios.
Blink Operations no-code platform lets users create unlimited, tailored micro‑agents focused on specific security tasks by leveraging visual editors or natural‑language prompts to orchestrate actions from a library of 30,000+ integrations and pre-built workflows
Enterprise cybersecurity automation platform Blink Operations has raised $50 million in new funding to accelerate its go-to-market efforts and scale updeployment of its no-code cybersecurity micro-agents platform. BlinkOps offers cybersecurity automation that gives organizations the ability to build, collaborate on and scale up security workflows via artificial intelligence-driven, no-code and low-code interfaces. The company’s platform serves as an automation hub where security teams leverage visual editors or natural‑language prompts to orchestrate actions from a library of more than 30,000 integrations and pre-built workflows. BlinkOps’ Security Micro‑Agent Builder, which launched in April, provides a drag‑and‑drop, no-code interface that allows users to create unlimited, tailored micro‑agents focused on specific security tasks, such as identity and access management, patching, alert triage, device control or vulnerability response. Agents can be assigned defined roles, domain‑specific knowledge and secure operational abilities, offering deterministic and auditable automation. The company’s micro-agents can work collaboratively as agent “teams,” communicating with each other to manage complex multistep workflows. The idea is that by distributing work across role‑specialized agents, the platform avoids reliance on a single overload‑prone agent, enabling scalable, reliable automation while keeping human-in-the-loop flexibility where needed.
Yubico’s Enhanced PIN feature to offer comprehensive PIN management for users with enforcement policies and PIN complexity applied by default, always-on user verification and minimum PIN length of six characters
Yubico has introduced the YubiKey 5 – Enhanced PIN, offering additional PIN capabilities for enterprises in 175 countries and 24 territories. The product is pre-configured with features to improve PIN management and user enforcement, including a mandatory minimum PIN length and requirements for increased complexity. This helps organizations meet evolving policy, compliance, and audit requirements for user authentication. The Enhanced PIN features are available on the YubiKey 5 NFC and YubiKey 5C NFC models, specifically through the YubiKey as a Service platform. The company has expanded its YubiKey as a Service to include all European Union countries and expanded its YubiEnterprise Delivery to 117 locations globally. The expanded service and new key features reflect Yubico’s effort to address the challenges posed by a changing cybersecurity landscape and varying global regulatory requirements, supporting enterprise customers in their transition to more robust authentication systems.
Legion Security’s lightweight browser extension learns directly from SOC analysts by observing their day-to-day investigation, records how they handle alerts and make decisions and translates them into scalable, automated workflows cutting investigation and response times by up to 90%
Browser-native AI security operations center startup Legion Security differs from existing solutions on the market through the use of a lightweight browser extension that learns directly from analysts by observing their day-to-day investigations. The idea is to allow the platform to capture the nuances of human expertise and translate them into scalable, automated workflows tailored to each organization’s unique tools and processes. Legion uses a three-phase operational model that moves from passive observation to full automation. In the initial “Learning Mode,” the platform shadows senior analysts and records how they handle alerts and make decisions. The next step, the “Guided Mode,” offers suggestions and performs tasks under human supervision. Finally, when teams are ready, an “Autonomous Mode” allows Legion to act independently or with selective approvals, drastically accelerating response times and reducing manual workload without sacrificing oversight. Analysts can configure exactly when and where Legion operates, restrict its access to certain tools and mask sensitive data during sessions. Every action taken by the AI is fully auditable and security teams retain final say over what is learned, applied or deployed. The offering from Legion is positioned to solve a longstanding pain point in cybersecurity: the overwhelming volume of alerts and the shortage of qualified personnel to investigate them. By converting institutional knowledge into actionable automation, the platform helps reduce triage time, cut down on false positives and eliminate repetitive documentation work. “What sets Legion apart is its browser-native AI platform,” said Sri Viswanath, managing director at Coatue. “It studies how security analysts work and instantly scales those workflows, cutting investigation and response times by up to 90%.”
Akeyless enables AI agents to authenticate using dynamic, just-in-time verifiable machine identities such as cloud IAM roles eliminating the need to embed secrets in code, containers, or pipelines
Akeyless, the Unified Secrets & Machine Identity Platform for the AI-driven Era, announced the launch of Akeyless SecretlessAI, a breakthrough solution purpose-built to secure the rapidly expanding universe of AI agents and Model Context Protocol (MCP) servers. Akeyless SecretlessAI™ eliminates the need to embed secrets in code, containers, or pipelines. Instead, it introduces dynamic, just-in-time secrets provisioning, where AI agents and MCP servers authenticate using verifiable machine identities — such as cloud IAM roles or Kubernetes service accounts. Akeyless extends traditional secrets management by integrating with advanced identity frameworks like SPIFFE (Secure Production Identity Framework for Everyone) through its SPIRE plugins, enabling a ‘secretless’ authentication model for workloads. Additionally, Akeyless offers built-in PKI-as-a-Service capabilities that automate the lifecycle of certificates, including issuance, renewal, and revocation, all within a secure and scalable SaaS platform. Based on centrally managed policies, Akeyless provisions ephemeral, tightly scoped secrets at runtime. This approach drastically reduces the window of compromise and supports Zero Trust and Least Privilege principles. The solution offers comprehensive auditing and centralized governance, providing visibility into every request and action. It enables policy-based access control and full lifecycle automation, empowering security and DevOps teams to enforce compliance without slowing innovation.
HUMAN Security’s solution offers actor-level visibility and intent-based control across humans, bots and AI agents and evaluates behavior and context over time, not just identity, to secure every interaction across the customer journey
HUMAN Security has launched HUMAN Sightline, a cyberfraud defense solution featuring AgenticTrust. Developed to secure every interaction across the customer journey, HUMAN Sightline preserves legitimate human activity, prevents fraud and scraping, enables trusted automation through intent-based controls and accelerates investigations. With the introduction of AgenticTrust, the solution extends visibility and control to AI agent activity across consumer-facing surfaces, including every action taken before, during and after login. This helps enterprises embrace and adopt agentic commerce, reduce fraud losses and securely scale engagement and revenue in the AI era. HUMAN Sightline, featuring AgenticTrust, secures the customer journey and unlocks safe, scalable growth with actor-level visibility and intent-based control across humans, bots and AI agents – and delivers: Actor-level visibility into humans, bots and AI agents; Adaptive trust decisioning based on behavior, context and intent over time; Governance tools to enforce policies in real time; Investigative intelligence to uncover networks and attack patterns. Key capabilities include: Agentic visibility and control: Identify AI agent activity, prevent spoofing and enable trusted automation; Adaptive trust decisioning: Evaluate behavior and context, not just identity, to determine trust; Layered detection and learning: Detect evolving threats through multi-model signal analysis; Fraud investigation intelligence: Map attacker behavior and fraud networks across the journey; Govern bots, LLMs, and agents: Block, allow, rate-limit, redirect or monetize based on traffic type and intent; Seamless deployment: Integrates into WAF, CDN, CIAM and fraud infrastructure.
Ataccama brings AI to data lineage- Business users can now trace a data point’s origin and understand how it was profiled or flagged without relying on IT
Tippu Gagguturu, CEO of SecurEnds, has launched APIDynamics, a next-generation API security company designed for machine-first, cloud-native ecosystems. The company addresses the gap between strict controls for user identities and minimal oversight for machine identities, the primary drivers of API traffic. APIDynamics offers real-time protection, adaptive authentication, and MFA for API-to-API communication, securing every API call, including machine-to-machine and non-human interactions. Gagguturu believes static tokens and blind trust are no longer viable with APIs driving AI agents and cloud workflows. The platform empowers security and engineering teams to: Discover and eliminate shadow and zombie APIs across environments; Secure machine-to-machine and non-human identity communications with Zero Trust; Enforce just-in-time, risk-based access policies using adaptive MFA; Integrate seamlessly into modern DevSecOps pipelines without slowing development.
Empirical Security combines the power of global threat intelligence with localized, organization-specific insights delivering highly accurate threat prioritization based on the specific context of the organization
Cybersecurity startup Empirical Security raised $12 million in new funding to develop and deploy custom artificial intelligence cybersecurity models tailored to each organization’s unique infrastructure and threat landscape. Empirical’s platform offers dual-model architecture that combines the power of global threat intelligence with localized, organization-specific insights. The models are trained on about 2 million daily exploitation events sourced from internet-scale datasets, while local models are fine-tuned using customer-provided and curated internal data. That, delivers highly accurate threat prioritization based on the specific context of the organization. The approach is designed to allow cybersecurity teams to make faster, evidence-based decisions, backed by predictive models that highlight the most critical vulnerabilities. The idea is that instead of relying on generic risk scores that may not reflect the actual danger to a specific business, the company’s local models provide actionable intelligence customized to a given company’s operational environment. Empirical also emphasizes explainability and decision support as key elements of its platform. The platform gives security leaders the ability to justify their strategies with data by integrating risk-based analysis with measurable prediction outputs. The transparency is especially valuable in boardroom discussions, compliance reporting and budgeting, where clear articulation of cybersecurity priorities is essential.