Hundreds of eCommerce sites, at least one of which is owned by a $40 billion multinational company, were impacted by a supply chain attack, Sansec reported. Cybersecurity observers believe the next major wave of enterprise breaches may not come from direct attacks but rather through trusted dependencies and third parties. The attack came from a sophisticated backdoor embedded within 21 Magento extensions concealed within license verification files. The attackers left the code dormant for six years and only activated it in April, ultimately compromising between 500 and 1,000 eCommerce websites with malicious code capable of stealing payment card information and other sensitive data. The Magento incident serves as a sign of a broader evolution in cyberattacks, from quick heists to long cons. This is espionage at the code level, and the prolonged and covert infiltration of eCommerce providers serves as a reminder of the evolving tactics employed by cybercriminals and the critical importance of proactive cybersecurity measures. A breach in an eCommerce plugin can cascade into enterprise resource planning (ERP) systems, customer relationship management (CRM) platforms and payroll software. A single compromised dependency can compromise thousands of downstream systems. The problem can be exacerbated by visibility gaps. Many enterprises struggle to maintain accurate inventories of their software components. Without knowing what’s under the hood, it’s nearly impossible to detect tampering, let alone respond swiftly when a vulnerability is disclosed. This new landscape may demand a shift in mindset. Trust-based assumptions, which were once the norm in IT supply relationships, are increasingly being replaced with “zero trust” frameworks that continuously verify and monitor every component and user. Software bills of materials (SBOMs), automated code integrity checks and secure-by-design principles are no longer optional but are becoming operational necessities.
Platformization taking centre stage in cybersecurity driven by the need to create experience-driven engagement and safeguard complex, distributed environments where data, people and machines all intersect
Platformization is becoming a critical strategy in cybersecurity as organizations shift from fragmented tools to integrated platforms to manage growing threats, complex infrastructure and changing buyer expectations. Vendor consolidation and re-platformization are reshaping the cybersecurity landscape, but expectations often clash with reality on the show floor. As buyers shift toward experience-driven engagement, traditional booth strategies fall short. “I think we’re just consolidating those alphabet soups into specific platforms,” Jackie McGuire, principal analyst, security analytics, operations and strategy at theCUBE Research. said. “The IAM, PAM, all of the identity will become an identity platform. The data security, DSPM, all of that will be a data platform. We are seeing platformization, I just don’t think it’s quite the one login to rule them all that the big vendors would have you believe.” As the security perimeter disappears and digital threats reach into physical infrastructure, the importance of truly integrated platforms continues to rise. Organizations are no longer just defending networks, they’re safeguarding complex, distributed environments where data, people and machines all intersect. The challenge now is not just technical unification, but creating experiences and solutions that align with how modern buyers think, behave and invest, according to John Furrier, co-founder and executive analyst at theCUBE Research. “I call it the re-platformization, because some people are re-platforming, some are actually adopting platforms for the first time because they had best of breed,” he added. “The theme is homogeneous layers where you need data and people, using the Waymo example, where you have so much data and devices or things connected that you need to have data controls. That’s become a big theme.”
Akamai creates firewall purpose built for unique AI threats unauthorized queries, adversarial inputs, and large-scale data-scraping attempts
Akamai Technologies announced Firewall for AI, a new solution that provides multilayered protection for AI applications against unauthorized queries, adversarial inputs, and large-scale data-scraping attempts. Combined with other new enhancements such as API LLM Discovery, Akamai Firewall for AI provides customers with a holistic set of AI-driven capabilities. AI models contain valuable proprietary knowledge and sensitive datasets, making them prime targets for attackers. Akamai Firewall for AI addresses this as a purpose-built security solution designed to protect AI-powered applications, LLMs, and AI-driven APIs from emerging cyberthreats. By securing inbound AI queries and outbound AI responses, the firewall closes security gaps that generative AI technologies introduce. Key features of Firewall for AI include: Multilayered protection: Blocks adversarial inputs, unauthorized queries, and large-scale data scraping to prevent model manipulation and data exfiltration. Real-time AI threat detection: Uses adaptive security rules to dynamically respond to evolving AI-based attacks, including prompt injection and model exploitation. Compliance and data protection: Helps ensure AI-generated outputs remain safe and align with regulatory and industry standards. Flexible deployment options: Deploys via Akamai edge, REST API, or reverse proxy, enabling seamless integration into existing security frameworks. Proactive risk mitigation: Filters AI outputs to prevent toxic content, hallucinations, and unauthorized data leaks.
NetApp adds quantum-safe encryption and AI ransomware detection to ONTAP data management software – ransomware-specific role-based access controls, which empower security teams with granular permissions tailored to combat ransomware threats
To help customers enhance their cyber resiliency at the storage layer, NetApp is releasing new data security capabilities including: Post-Quantum Cryptography: NetApp has embedded post-quantum cryptography into its storage portfolio for file and block workloads. NetApp’s secure-by-design storage keeps its customers’ data protected against quantum threats, fostering confidence among customers, partners, and regulators. By leveraging encryption algorithms standardized by NIST—a globally recognized standards body and authority—businesses can rely on a defense that is thoroughly tested and capable of carrying them into the future with quantum-ready storage. NetApp BlueXP Ransomware Protection Update: Updates to BlueXP ransomware protection strengthen the service’s ability to provide a comprehensive, orchestrated ransomware defense for NetApp ONTAP workloads. The new features include ransomware-specific role-based access controls, which empower security teams with granular permissions tailored to combat ransomware threats effectively, and support for ransomware protection for native cloud workloads. These advancements provide enterprises with enhanced control and protection against ransomware, safeguarding critical data and maintaining operational resilience in an increasingly complex threat landscape. NetApp BlueXP Backup and Recovery Workload Support: NetApp BlueXP backup and recovery provides a simple, secure, and cost-effective integrated data protection service for ONTAP data. With these new updates, customers will benefit from a redesigned user interface that makes it easier to integrate and define a 3-2-1 data protection strategy for their workloads, including Microsoft SQL Server, VMware, and Kubernetes applications. NetApp Security Professional Services: NetApp is offering expanded professional security assessment and security hardening services to help customers evaluate and further tighten their security posture by enabling the built-in security capabilities in NetApp that help keep their data secure.
Upwind’s ML cloud platform collects multi-layer telemetry data of the networking stack for real-time detection of threats to APIs, enabling 7X reduction in the mean time to respond
Upwind has added a feature to its cloud application detection and response (CADR) platform, allowing real-time detection of threats to application programming interfaces (APIs). The platform uses machine learning algorithms to collect telemetry data from Layers 3, 4, and 7 of the networking stack, enabling the identification of deviations and anomalous behavior in API traffic. The goal is to reduce the time required to investigate API security incidents by up to 10 times and mean time to response times by up to seven times. In the age of generative artificial intelligence (AI), there is a growing focus on API security. Many organizations are discovering that sensitive data is being shared inadvertently with AI models. Historically, responsibility for securing APIs has been unclear, with many cybersecurity teams assuming that application development teams are securing them as they are developed. However, this can lead to thousands of APIs that cybercriminals can exploit to exfiltrate data or modify business logic. Over the next 12-18 months, organizations plan to increase software security spend on APIs, DevOps toolchains, incident response, open source software, software bill of materials, and software composition analysis tools. Advancements in AI and eBPF technologies could simplify the entire software development lifecycle by streamlining the collection and analysis of telemetry data.
Microsoft Sentinel enables more accurate event reconstruction by integrating Endace’s one-click, drill-down access to definitive, full packet evidence and SIEM workflows
Endace has partnered with Microsoft Sentinel to integrate EndaceProbe with the cloud security solution. This integration allows NetOps and SecOps teams to access full packet evidence from Microsoft Sentinel, enabling faster investigations and more accurate event reconstruction. This integration also enhances security teams’ ability to respond to threats with confidence. Benefits of the integration include: Streamlined investigation workflows, alerts, and playbooks from Microsoft Sentinel, with one-click, drill-down access to definitive, full packet evidence captured by EndaceProbe; Continuously capture weeks or months of full packet data, across Hybrid, On-Prem, and Multi-Cloud environments; Single central console for searching and analyzing recorded packet data across global scale networks, integrated with Microsoft Sentinel; Deep visibility that shows exactly what happened before, during, and after every event; Zero-Day Threat (ZDT) risk validation using playback of recorded network traffic; Combining EndaceProbe’s centralized search with Microsoft Sentinel’s AI-powered SIEM enables faster, more efficient incident investigation and resolution; Military-grade Security: EndaceProbe appliances are FIPS 140-3 compliant and are listed on the DoDIIN APL.
BigID’s privacy management solution helps enterprises to capture, score, and track AI-related privacy risks in a centralized register to strengthen governance and enable effective risk mitigation
BigID, announced the launch of AI Privacy Risk Posture Management – the industry’s first solution to help organizations manage data privacy risks across the AI lifecycle. With unmatched visibility, automated assessments, and actionable privacy controls, BigID empowers enterprises to govern AI responsibly while staying ahead of fast-evolving regulations. BigID’s platform help organizations: 1) Automatically Discover AI Assets: Quickly inventory all models, vector databases, and AI pipelines across hybrid environments to understand how sensitive and personal data flows through AI systems – a critical requirement for GDPR Article 35 and beyond. 2) Proactively Manage AI Data Lifecycles: Enforce policies for data minimization, retention, and lawful purpose across training and inference, preventing model drift and limiting risk exposure. 3) Streamline Privacy Risk Management: Capture, score, and track AI-related privacy risks in a centralized Privacy Risk Register to strengthen governance and enable effective risk mitigation. 4) Accelerate AI Privacy Impact Assessments: Use pre-built, customizable templates for DPIAs and AIAs aligned to regulatory frameworks – with automated evidence capture to simplify documentation. 5) Automate Risk Visibility & Reporting: Gain up-to-date reporting and dynamic risk assessments to demonstrate compliance and communicate AI risk posture to regulators and stakeholders. 6) Board Ready Privacy Metrics: Deliver meaningful KPIs and metrics to DPOs and board leaders, helping quantify AI privacy risk and monitor remediation efforts.
Cyera’s AI DLP solution automatically detects unique data in real-time and prevents exfiltration, controls data used in AI tools and prompts to prevent data exposure
Cyera, the world’s fastest-growing data security company, today announced the launch of Omni DLP, a breakthrough AI-native solution that finally delivers on the promise of enterprise data loss prevention. Omni DLP combines the power of Cyera’s AI-native Data Security Posture Management (DSPM) with a real-time DLP analysis engine from its Trail Security acquisition, creating a unified architecture that protects data at rest, in motion, and in use. With Omni DLP, organizations gain: 1) AI-Powered Noise Reduction – Eliminate over 95% of false positive alerts to focus on the few most critical and actionable 2) Real-Time, Adaptive Protection – Automatically detect your unique data and prevent exfiltration 3) Deep AI Governance – Control data used in AI tools and prompts, and prevent data exposure through AI systems. 4) 360 View – all your endpoint, network, email, messaging and cloud DLP risks, alerts and policies in a single view, leveraging AI for enrichment and correlation. 5) Policies That Learn – auto-tuned controls that evolve with your data. “Omni DLP is the brain DLP has been missing,” said Yotam Segev, CEO and co-founder of Cyera. “Omni DLP enables us to protect sensitive data in motion – the crown jewels – automatically classified by our AI-native classification engine. This is data security the way it was meant to be: intelligent, adaptive, and built for the AI era.”
HiddenLayer’s AISec platform 2.0 enhances explainability of AI models using Model Genealogy and AI Bill of Materials (AIBOM), that reveal their lineage and pedigree to track how they were trained, fine-tuned, and modified over time
HiddenLayer released AISec Platform 2.0, the platform with the most context, intelligence, and data for securing AI systems across the entire development and deployment lifecycle. Tnew release includes Model Genealogy and AI Bill of Materials (AIBOM), expanding the platform’s observability and policy-driven threat management capabilities. With AISec Platform 2.0, HiddenLayer is establishing a new benchmark in AI security where rich context, actionable telemetry, and automation converge to enable continuous protection of AI assets from development to production. With AISec Platform 2.0, HiddenLayer empowers security teams to Accelerate model development, Gain full visibility, Automate model governance and enforcement and Deploy AI with confidence. AISec Platform 2.0 introduces: 1) Model Genealogy: Unveils the lineage and pedigree of AI models to track how they were trained, fine-tuned, and modified over time, enhancing explainability, compliance, and threat identification. 2) AI Bill of Materials (AIBOM): Automatically generated for every scanned model, AIBOM provides an auditable inventory of model components, datasets, and dependencies. Exported in an industry-standard format, it enables organizations to trace supply chain risk, enforce licensing policies, and meet regulatory compliance requirements. 3) Enhanced Threat Intelligence & Community Insights: Aggregates data from public sources like Hugging Face, enriched with expert analysis and community insights, to deliver actionable intelligence on emerging machine learning security risks. 4) Red Teaming & Telemetry Dashboards: Updated dashboards enable deeper runtime analysis and incident response across model environments, offering better visibility into prompt injection attempts, misuse patterns, and agentic behaviors.
Pentera’s distributed orchestration platform lets security teams run simultaneous security validation tests via single interface through a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures at scale
Automated Security Validation platform Pentera is setting a new standard for enterprise-scale security validation with the introduction of its Distributed Attack Orchestration architecture and AI-reporting capabilities. These enhancements meet the requirements of security teams to scale security validation testing to govern a consistent security posture across decentralized enterprise IT architectures. With a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures, security teams can run simultaneous security validation tests coordinated through a single interface. Each node runs in-depth attack emulation, ensuring that as testing scales across the enterprise, the depth and rigor of validation remain uniform. Designed for centralized control, Pentera provides security teams with the following capabilities to manage distributed testing efficiently: Granular Test Scheduling, Real-Time Control over Test Operations, Silent Runs – Pentera provides advanced control over test noise levels, with signed commands and payloads, allowing operators to test across environments without overloading the SOC with false alarms. “Our Distributed Attack Orchestration solution provides visibility into how adversaries can exploit the enterprise attack surface, while our AI-based reporting aggregates the trends security leaders need to prioritize to reduce exposure across the organization,” said Ran Tamir, Chief Product Officer at Pentera.