Cloud networking company Cato Networks has launched Cato Autonomous Policies, a new AI capability built into the Cato SASE Cloud Platform that automates and optimizes policy management. Cato claims the Autonomous Policies are the world’s first secure access service edge-native policy analysis engine built to optimize and improve all SASE policies — security, access and networking. With the release, enterprises can experience targeted, AI-driven recommendations for eliminating unnecessary security exposure, tightening access control and proactively improving network performance. The policies reduce risk, eliminate manual upkeep and simplify compliance, paving the way for proactive governance and autonomous SASE. The first use case for Cato Autonomous Policies is firewall-as-a-service to tackle firewall rule bloat. Cato argues that over time, organizations accumulate thousands of policies, many outdated, overly permissive or misconfigured, leading to increased risk, decreased efficiency and compliance challenges. Cato Networks’ FWaaS already simplifies access control with a unified policy set that covers users, devices, locations and cloud environments. With the new addition of Cato Autonomous Policies, the service is enhanced through AI-driven automation and optimization. The new capabilities help eliminate policy drift and misconfigurations by providing continuous, AI-powered insights. The insights provided ensure that policies remain accurate and effective across on-premises, hybrid and multicloud deployments, reducing the risk of human error.
Fenergo’s agentic AI for compliance allows users to interact with all operational, policy and entity data through natural language and harness real-time insights on process efficiency, operations and risk
Fenergo, a Dublin-based provider of client lifecycle management and compliance solutions, has launched its FinCrime Operating System. The system uses “agentic AI” to help firms cope with rising operational costs and compliance demands. The FinCrime OS unifies client lifecycle events, including onboarding, KYC, screening, ID&V, and transaction monitoring, on a single platform. The system can automate tasks and save up to 93% of operational costs. Fenergo’s initial six AI agents can streamline periodic KYC reviews, cutting review timeframes by up to 45%. The Six AI agents available today include: Data sourcing agent: Sources data from one or more third-party data provider, compares against entity data and auto-completes tasks; Screening agent: Runs screening checks against third-party integrations, auto-resolves hits and returns results to providers; Document agent: Extracts, classifies and links documents using AI to automate document-management processes; Significance agent: Performs a check against data changes to determine significance to define next action; Autocompletion agent: Automates the completion of tasks based on pre-defined rules, policy and configured guardrails; and Insights agent: Fenergo’s co-pilot allows users to interact with all operational, policy and entity data through natural language and harness real-time insights on process efficiency, operations and risk.
Microsoft Copilot AI for SharePoint can access the contents of encrypted spreadsheet including restricted passwords by circumventing download restrictions and information protection principles
Pen Test Partners, a company that specializes in security consulting, specifically penetration testing took a close look at how Microsoft’s Copilot AI for SharePoint could be exploited. The results were, to say the least, concerning. Not least considering an encrypted spreadsheet that the hackers were, quite rightly, rejected from opening by SharePoint, no matter what method was employed, was broken wide open when they asked the Copilot AI agent to go get it. “The agent then successfully printed the contents,” Jack Barradell-Johns, a red team security consultant with the security company, said, “including the passwords allowing us to access the encrypted spreadsheet.” Barradell-Johns explained that during the engagement, the red teamers encountered a file named passwords.txt, located adjacent to an encrypted spreadsheet containing sensitive information. Naturally, they tried to access the file. Just as naturally, Microsoft SharePoint said nope, no way. “Notably,” Barradell-Johns said, “in this case, all methods of opening the file in the browser had been restricted.” The download restrictions that are part of the restricted view protections were circumvented, and the content of the Copilot chats could be freely copied. “SharePoint information protection principles ensure that content is secured at the storage level through user-specific permissions and that access is audited. This means that if a user does not have permission to access specific content, they will not be able to view it through Copilot or any other agent. Additionally, any access to content through Copilot or an agent is logged and monitored for compliance and security.”
Fenergo launches compliance operating system, eyes big cost savings
Fenergo, a Dublin-based provider of client lifecycle management and compliance solutions, has launched its FinCrime Operating System. The system uses “agentic AI” to help firms cope with rising operational costs and compliance demands. The FinCrime OS unifies client lifecycle events, including onboarding, KYC, screening, ID&V, and transaction monitoring, on a single platform. The system can automate tasks and save up to 93% of operational costs. Fenergo’s initial six AI agents can streamline periodic KYC reviews, cutting review timeframes by up to 45%. The Six AI agents available today include: Data sourcing agent: Sources data from one or more third-party data provider, compares against entity data and auto-completes tasks; Screening agent: Runs screening checks against third-party integrations, auto-resolves hits and returns results to providers; Document agent: Extracts, classifies and links documents using AI to automate document-management processes; Significance agent: Performs a check against data changes to determine significance to define next action; Autocompletion agent: Automates the completion of tasks based on pre-defined rules, policy and configured guardrails; and Insights agent: Fenergo’s co-pilot allows users to interact with all operational, policy and entity data through natural language and harness real-time insights on process efficiency, operations and risk.
Keyfactor acquires InfoSec Global and CipherInsights for quantum-safe security expansion
Keyfactor has acquired InfoSec Global and CipherInsights to further expand cryptographic posture management and quantum readiness. The acquisitions enable Keyfactor to deliver deep cryptographic asset discovery, real-time risk monitoring, and seamless transition to quantum-safe standards. With these acquisitions, Keyfactor is addressing the critical gap in cryptographic observability, helping organizations take control of their non-human identities and prepare for the next era of secure infrastructure. Key capabilities include AgileSec Analytics for deep cryptographic visibility, AgileSec Agility for managing and updating cryptography without source code changes, and CipherInsights for real-time passive network monitoring of cryptographic risks. Customers will benefit from enhanced capabilities that will empower security teams to take control of their cryptographic landscape including Comprehensive Visibility; Actionable Intelligence; Risk Remediation.
Agentic AI’s role in taking down DanaBot malware-as-a-service through orchestrating predictive threat modeling cuts months of forensic analysis to weeks validates its value for SOC teams
U.S. Department of Justice unsealed a federal indictment in Los Angeles against 16 defendants of DanaBot, a Russia-based malware-as-a-service (MaaS) operation responsible for orchestrating massive fraud schemes, enabling ransomware attacks and inflicting tens of millions of dollars in financial losses to victims. Agentic AI played a central role in dismantling DanaBot, orchestrating predictive threat modeling, real-time telemetry correlation, infrastructure analysis and autonomous anomaly detection. These capabilities reflect years of sustained R&D and engineering investment by leading cybersecurity providers, who have steadily evolved from static rule-based approaches to fully autonomous defense systems. Taking down DanaBot validated agentic AI’s value for Security Operations Centers (SOC) teams by reducing months of manual forensic analysis into a few weeks. All that extra time gave law enforcement the time they needed to identify and dismantle DanaBot’s sprawling digital footprint quickly. DanaBot’s takedown signals a significant shift in the use of agentic AI in SOCs. SOC Analysts are finally getting the tools they need to detect, analyze, and respond to threats autonomously and at scale, attaining the greater balance of power in the war against adversarial AI. Agentic AI directly addresses a long-standing challenge, starting with alert fatigue. Microsoft research reinforces this advantage, integrating gen AI into SOC workflows and reducing incident resolution time by nearly one-third. DanaBot’s dismantling signals a broader shift underway: SOCs are moving from reactive alert-chasing to intelligence-driven execution. At the center of that shift is agentic AI. SOC leaders getting this right aren’t buying into the hype. They’re taking deliberate, architecture-first approaches that are anchored in metrics and, in many cases, risk and business outcomes.
Keyfactor supports quantum-safe security expansion enabling managing and updating cryptography without source code changes, and also real-time passive network monitoring of cryptographic risks; for
Keyfactor has acquired InfoSec Global and CipherInsights to further expand cryptographic posture management and quantum readiness. The acquisitions enable Keyfactor to deliver deep cryptographic asset discovery, real-time risk monitoring, and seamless transition to quantum-safe standards. With these acquisitions, Keyfactor is addressing the critical gap in cryptographic observability, helping organizations take control of their non-human identities and prepare for the next era of secure infrastructure. Key capabilities include AgileSec Analytics for deep cryptographic visibility, AgileSec Agility for managing and updating cryptography without source code changes, and CipherInsights for real-time passive network monitoring of cryptographic risks. Customers will benefit from enhanced capabilities that will empower security teams to take control of their cryptographic landscape including Comprehensive Visibility; Actionable Intelligence; Risk Remediation.
IPQS Email Verification tech enables businesses to accurately identify fraudulent or suspicious emails at scale by using email reputation database to analyze factors such as email age, domain reputation, and historical fraud associations
IPQS launched its IPQS Email Verification Database. This database is the first of its kind, enabling businesses to validate email addresses at scale. It reduces the need for external API calls for every fraud check, and makes it easier to comply with data privacy regulations. The IPQS Email Verification Database enables businesses to identify fraudulent, disposable, or suspicious emails with unparalleled accuracy by tapping into IPQS’s vast repository of email reputation data. By analyzing factors such as email age, domain reputation, and historical fraud associations, companies can significantly enhance fraud detection while improving customer trust. Additionally, businesses can maintain better email hygiene by filtering out invalid or risky email addresses, improving deliverability rates and sender reputation. IPQS provides businesses with the most comprehensive access to granular email risk intelligence. This enables organizations to detect high-risk users, block fraudulent account registrations, and prevent payment fraud at scale. Delivered securely via an API, the database is updated on a daily, weekly, or monthly basis, depending on business requirements: On-Premise Deployment; Lightweight Design; Regulatory Compliance; Unmatched Data Accuracy; Email List Hygiene. With the IPQS Email Verification Database, businesses can tap into the freshest, most comprehensive email risk intelligence, CEO Dennis Weiss said.
Upwind’s ML cloud platform collects multi-layer telemetry data of the networking stack for real-time detection of threats to APIs, enabling 7X reduction in the mean time to respond
Upwind has added a feature to its cloud application detection and response (CADR) platform, allowing real-time detection of threats to application programming interfaces (APIs). The platform uses machine learning algorithms to collect telemetry data from Layers 3, 4, and 7 of the networking stack, enabling the identification of deviations and anomalous behavior in API traffic. The goal is to reduce the time required to investigate API security incidents by up to 10 times and mean time to response times by up to seven times. In the age of generative artificial intelligence (AI), there is a growing focus on API security. Many organizations are discovering that sensitive data is being shared inadvertently with AI models. Historically, responsibility for securing APIs has been unclear, with many cybersecurity teams assuming that application development teams are securing them as they are developed. However, this can lead to thousands of APIs that cybercriminals can exploit to exfiltrate data or modify business logic. Over the next 12-18 months, organizations plan to increase software security spend on APIs, DevOps toolchains, incident response, open source software, software bill of materials, and software composition analysis tools. Advancements in AI and eBPF technologies could simplify the entire software development lifecycle by streamlining the collection and analysis of telemetry data.
Microsoft Sentinel enables more accurate event reconstruction by integrating Endace’s one-click, drill-down access to definitive, full packet evidence and SIEM workflows
Endace has partnered with Microsoft Sentinel to integrate EndaceProbe with the cloud security solution. This integration allows NetOps and SecOps teams to access full packet evidence from Microsoft Sentinel, enabling faster investigations and more accurate event reconstruction. This integration also enhances security teams’ ability to respond to threats with confidence. Benefits of the integration include: Streamlined investigation workflows, alerts, and playbooks from Microsoft Sentinel, with one-click, drill-down access to definitive, full packet evidence captured by EndaceProbe; Continuously capture weeks or months of full packet data, across Hybrid, On-Prem, and Multi-Cloud environments; Single central console for searching and analyzing recorded packet data across global scale networks, integrated with Microsoft Sentinel; Deep visibility that shows exactly what happened before, during, and after every event; Zero-Day Threat (ZDT) risk validation using playback of recorded network traffic; Combining EndaceProbe’s centralized search with Microsoft Sentinel’s AI-powered SIEM enables faster, more efficient incident investigation and resolution; Military-grade Security: EndaceProbe appliances are FIPS 140-3 compliant and are listed on the DoDIIN APL.