For platforms driving commerce in high-growth markets, checkout remains a major challenge. Redirects confuse users and interrupt the buying flow. One time passcodes are unreliable, slow, and expensive to deliver, and even tokenized auto-pay systems leave platforms blind to account takeovers and unable to alert users when things go wrong. These gaps not only increase friction and fraud, but also drive up abandonment rates at the most critical moment of conversion. Ideem’s solution is purpose-built for these environments, replacing outdated methods with a fast, seamless, and secure experience that helps platforms convert more users and build trust at scale. Ideem addresses these pain points by keeping users inside the merchant app, eliminating cumbersome authentication steps while securing every transaction. Its Zero-Trust Secure Module (ZSM) cryptographically binds to the device to protect against account takeovers while giving payment services full visibility and control over user communication in case of errors, all while making the checkout experience feel instant and effortless. Ideem secures every transaction with seamless, invisible 2FA, combining hardware-level cryptography with the flexibility of a pure software solution without any codes, pop-ups, or interruptions. By binding the device at a cryptographic level, Ideem eliminates user interruptions while dramatically improving security posture and operational efficiency. Key features include: Invisible device binding: Cryptographically binds user identity to their device for continuous, frictionless security across web, mobile and desktop environments. Distributed cryptography: Advanced MPC distributes cryptographic operations across devices and environments removing the risks of traditional key storage. Elastic scalability: A cloud-native, serverless architecture that expands effortlessly across environments means no hardware limits, no manual provisioning. At the core of Ideem is the Zero-Trust Security Module(ZSM), a software-defined secure element built on advanced multiparty computation (MPC). The ZSM cryptographically binds each user’s device, creating a persistent, invisible layer of security across native apps, mobile browsers, and desktops.
The US government extends contract to fund the CVE Program, the cybersecurity industry’s go-to database of software vulnerabilities vulnerability and associated severity scores
The U.S. government extended a contract through which it finances the CVE Program, the cybersecurity industry’s go-to database of software vulnerabilities. T he contract has been extended for 11 months. CVE provides information about cybersecurity vulnerabilities in software products. The database has more than 170,000 entries and counting. By storing vulnerability details in one place, it removes the need for cybersecurity professionals to piece together information about an exploit from multiple sources. Each CVE record contains a technical description of the associated vulnerability and a severity score ranging from 0 to 10. This number is calculated based on factors such as the ease with which hackers can use the flaw to launch cyberattacks. CVE’s severity scores spare cybersecurity professionals some of the work involved in understanding new cyber risks’ impact, which can speed up remediation initiatives. The database is maintained by MITRE, a nonprofit funded by the U.S. government. The organization operates a network of federally financed research and development centers, or FFRDCs. One of those FFRDCs maintains the CVE databases, while the other centers focus on areas such as healthcare and aviation.
KELA’s agentic AI automates generation of daily threat intelligence briefs; triaging, surfacing and validating leaked credentials; identifying IOCs, malware signatures, and active threat actors; and responding to custom requests for information (RFIs)
KELA has introduced Digital Cyber Analysts, AI-powered digital employees, to improve security teams’ consumption and action on threat intelligence. These agents enhance efficiency and speed, providing context-rich insights in seconds. Despite an increasing cybersecurity talent shortage, they bridge the gap by enhancing analyst capacity without adding headcount. They interpret complex queries, respond proactively, and take remediation actions. ELA’s Digital Cyber Analysts use large language models and agentic workflows to automate a wide range of CTI tasks including generating daily threat intelligence briefs; triaging, surfacing and validating leaked credentials, phishing campaigns, and brand abuse; identifying IOCs, malware signatures, and active threat actors; responding to custom requests for information (RFIs); and effective threat hunting to alert teams to newly emerging threats, targeted to their sector, infrastructure and geography. KELA offers tailored 24/7 solutions for both enterprise and public-sector needs: Alex, the digital cyber analyst for enterprise and MSSP environments, works to monitor, triage, and respond to threats specific to an organization. Integrated with KELA’s deployed intelligence modules, Identity Providers (IdP), security tools and B2B data platforms, Alex surfaces and acts on the most relevant intelligence. Ethan, the mission-ready cyber warrior for government and law enforcement, operates with unrestricted access to KELA’s complete cybercrime intelligence data lake. Ethan can perform in-depth investigations, respond to RFIs, and identify adversary behavior across the dark web, threat actor ecosystems, advanced persistent threats, and geopolitical threat landscapes.
U.S. Bank introduces Spend Management for business owners built directly into existing credit card experience; offers 360 view of all spending, with real-time analytics and custom reports
U.S. Bank announced a new Spend Management platform to help businesses monitor, track, and control their card-based spending. U.S. Bank is introducing the all-in-one spend management platform across its full portfolio of business banking credit cards to give business owners an alternative to using multiple tools. Spend Management helps business owners drive down costs, reduce manual work, and save time through the use of robust card controls, integrated accounting, intuitive receipt capture, and more – all within a single, easy-to-use dashboard. “This innovative spend management solution is built directly into our existing credit card experience to give our cardholders an effortless way to manage their business expenses without additional applications or setup,” said Courtney Kelso, head of U.S. Bank Payments: Consumer and Small Business. “It’s an additive capability on our credit cards that provides our cardholders with the convenience of monitoring, controlling and tracking business spending – while continuing to enjoy the great rewards and benefits already associated with their business credit cards. With Spend Management, those same cards are an even more enriching tool for operating a business.” U.S. Bank Spend Management gives owners more control over their employees’ card spending, empowering them to easily manage card permissions and integrate their expense policies before employee spending happens. “U.S. Bank Spend Management is a game changer for managing business expenses,” said Shruti Patel, chief product officer for business banking at U.S. Bank. “Within a single user-friendly interface, business owners can take control of their card spend and access continuous tracking with real-time visibility into spending habits and patterns, enabling them to monitor their cash flow and adjust their budgets accordingly. Spend Management helps business owners work smarter, not harder, with many time-saving functions, leaving them with more time to focus on their business. This capability is the perfect enhancement to our exceptional family of business credit cards.”Spend Management is part of U.S. Bank’s comprehensive suite of solutions across banking and payments. The platform is currently available for customers who have a U.S. Bank business credit card.
- With the platform, business owners can:
- Monitor spending and set spending controls for card use. For example, a business could limit employees to purchase only fuel at a gas station.
- Turn employees’ credit cards on and off with one click.
- Assign cards to specific employees, job sites, or departments.
- Control and adjust spend limit requests for cards on the fly.
- Upload receipts to match transactions automatically.
- See a 360 view of all of their business spending, with real-time analytics and custom reports.
- Organize and export all spending to their accounting platform of choice.
Improve their cash flow while simultaneously earning high value rewards from their U.S. Bank credit card
U.S. Bank introduces Spend Management for business owners built directly into existing credit card experience; offers 360 view of all spending, with real-time analytics and custom reports
U.S. Bank announced a new Spend Management platform to help businesses monitor, track, and control their card-based spending. U.S. Bank is introducing the all-in-one spend management platform across its full portfolio of business banking credit cards to give business owners an alternative to using multiple tools. Spend Management helps business owners drive down costs, reduce manual work, and save time through the use of robust card controls, integrated accounting, intuitive receipt capture, and more – all within a single, easy-to-use dashboard. “This innovative spend management solution is built directly into our existing credit card experience to give our cardholders an effortless way to manage their business expenses without additional applications or setup,” said Courtney Kelso, head of U.S. Bank Payments: Consumer and Small Business. “It’s an additive capability on our credit cards that provides our cardholders with the convenience of monitoring, controlling and tracking business spending – while continuing to enjoy the great rewards and benefits already associated with their business credit cards. With Spend Management, those same cards are an even more enriching tool for operating a business.” U.S. Bank Spend Management gives owners more control over their employees’ card spending, empowering them to easily manage card permissions and integrate their expense policies before employee spending happens. “U.S. Bank Spend Management is a game changer for managing business expenses,” said Shruti Patel, chief product officer for business banking at U.S. Bank. “Within a single user-friendly interface, business owners can take control of their card spend and access continuous tracking with real-time visibility into spending habits and patterns, enabling them to monitor their cash flow and adjust their budgets accordingly. Spend Management helps business owners work smarter, not harder, with many time-saving functions, leaving them with more time to focus on their business. This capability is the perfect enhancement to our exceptional family of business credit cards.”Spend Management is part of U.S. Bank’s comprehensive suite of solutions across banking and payments. The platform is currently available for customers who have a U.S. Bank business credit card.
- With the platform, business owners can:
- Monitor spending and set spending controls for card use. For example, a business could limit employees to purchase only fuel at a gas station.
- Turn employees’ credit cards on and off with one click.
- Assign cards to specific employees, job sites, or departments.
- Control and adjust spend limit requests for cards on the fly.
- Upload receipts to match transactions automatically.
- See a 360 view of all of their business spending, with real-time analytics and custom reports.
- Organize and export all spending to their accounting platform of choice.
Improve their cash flow while simultaneously earning high value rewards from their U.S. Bank credit card
VirtueAI’s automated red teaming algorithms can measure susceptibility to prompt injection attacks and can detect flaws in AI-generated code
AI safety startup Virtue AI offers a trio of software products that can help enterprises ensure their AI applications are safe. 1) VirtueRed can automatically perform red-teaming, or the task of testing an AI application for safety issues. The software includes more than 100 red-teaming algorithms that cover more than 300 risk categories. Some of VirtueRed’s algorithms are designed to measure AI applications’ susceptibility to prompt injection attacks. VirtueRed also detects cases when an application’s guardrails are overly strict and block routine requests from users. It can detect cybersecurity flaws in AI-generated code and prompt responses that leak proprietary data. VirtueRed likewise identifies situations where a model’s output breaches regulations. The software compiles its findings into an automatically generated report and offers recommendations on how to fix them. 2) Virtue AI’s second product VirtueGuard is geared toward protecting AI models in production. It’s a kind of firewall that can automatically block harmful AI output. VirtueGuard works with not only text models but also image and video generators. According to Virtue AI, the component of the product that focuses on protecting text models is more than 30 times faster than Llama Guard 3, a popular open-source alternative. That means users of an AI model integrated with VirtueGuard receive prompt responses faster. 3) Rounding out Virtue AI’s product portfolio is VirtueAgent. According to the company, it provides safety-optimized AI agents that can perform tasks such as identifying the databases to which an employee account has access.
Cato Networks’ tool uncovers shadow AI use by identifying and classifying gen AI applications across the organization from a catalog of over 950 generative AI apps
Cloud networking company Cato Networks introduced GenAI security controls for Cato Cloud Access Security Broker, including a shadow AI dashboard and policy engine. The new shadow AI dashboard allows enterprises to detect, analyze and gain insights into the use of Gen AI, while the policy engine gives enterprises the power to take control of user activity in generative AI applications. Combined, the new offerings allow security and information technology teams to balance innovation with risk management. The new generative AI security tools introduced for Cato CASB allow security and IT teams to uncover shadow AI use by identifying and classifying generative AI applications across the organization. The service offers a catalog of over 950 generative AI apps, allowing teams to distinguish between sanctioned and unsanctioned tools in use. The new controls also enable granular access management, allowing organizations to define what generative AI applications users can access and what actions, such as uploading or downloading, are permitted. Being able to do so ensures responsible use of generative AI tools in line with corporate policies. Cato CASB now offers real-time protection against data exposure by preventing sensitive information from being uploaded to large language models. It also supports governance and compliance with full visibility into user activity, aligning generative AI use with regulatory standards.
DataDome SAS’s AI engine detects intent, not just identity and automatically groups all LLM crawlers and AI agents into a dedicated category, offering visibility into model’s activity and behavior
Cyberfraud protection startup DataDome SAS announced advancements to its platform and partner ecosystem. DataDome’s AI engine now enables the identification, categorization, adaptation and response to traffic in less than two milliseconds with new expanded intent-based AI models, LLM detection and new AI agent response policies. DataDome’s AI engine detects intent, not just identity. The latest enhancements give customers deeper control over user intent and allow them to distinguish between legitimate AI-driven use and malicious automation. The company’s platform now automatically groups all LLM crawlers and AI agents into a dedicated category, offering visibility into which models are accessing digital assets, how often and for what purpose. The visibility is paired with intelligent policy recommendations to help security teams quickly respond based on bot identity, behavior and trustworthiness. The advancements are complemented with new AI models that enhance multilayered AI detection. One of the new models, which detects sudden traffic spikes from unique user agents, IP-based network identifiers and header patterns, has already proven effective, blocking more than 1.2 million malicious requests in 48 hours. The platform runs hundreds of foundational AI models, as well as more than 85,000 customer-specific and use-case-specific AI models tailored to unique traffic patterns, intent-based behavioral analysis and threat profiles for endpoints such as login, password reset, add-to-cart and payment flows.