Identity-driven detection and response startup ClearVector aims to shift the cybersecurity paradigm from traditional threat detection to identity activity. The company’s platform emphasizes real-time detection and isolation of threats by monitoring identity behaviors across various environments. The platform seeks to address issues with traditional security approaches that fail despite billions invested in security tools each year. ClearVector argues that enterprises continue to be compromised at an alarming rate and are overwhelmed by excessive alerts from siloed security solutions that lack critical context on how the organization operates. Added to the mix are increasing rates of identity-based attacks that traditional defenses struggle to deal with. ClearVector says it shifts the security paradigm from chasing threats to understanding and controlling identity activity across production environments. ClearVector’s platform utilizes identity graph technology that maps and monitors the behaviors of all identities — human, machine, third-party and artificial intelligence — within an organization’s production environment. Using the platform’s real-time threat detection and mitigation system, security teams can instantly investigate and respond to threats using a “Big Red Button” function that stops attacks with a single click. Combined with identity-aware investigations, defenders can act with speed and precision without the need to sift through vast amounts of log data.
Cato Networks automates and optimizes policy management for all SASE policies through targeted recommendations for reducing exposure, tightening access control and improving network performance
Cloud networking company Cato Networks has launched Cato Autonomous Policies, a new AI capability built into the Cato SASE Cloud Platform that automates and optimizes policy management. Cato claims the Autonomous Policies are the world’s first secure access service edge-native policy analysis engine built to optimize and improve all SASE policies — security, access and networking. With the release, enterprises can experience targeted, AI-driven recommendations for eliminating unnecessary security exposure, tightening access control and proactively improving network performance. The policies reduce risk, eliminate manual upkeep and simplify compliance, paving the way for proactive governance and autonomous SASE. The first use case for Cato Autonomous Policies is firewall-as-a-service to tackle firewall rule bloat. Cato argues that over time, organizations accumulate thousands of policies, many outdated, overly permissive or misconfigured, leading to increased risk, decreased efficiency and compliance challenges. Cato Networks’ FWaaS already simplifies access control with a unified policy set that covers users, devices, locations and cloud environments. With the new addition of Cato Autonomous Policies, the service is enhanced through AI-driven automation and optimization. The new capabilities help eliminate policy drift and misconfigurations by providing continuous, AI-powered insights. The insights provided ensure that policies remain accurate and effective across on-premises, hybrid and multicloud deployments, reducing the risk of human error.
Microsoft Copilot AI for SharePoint can access the contents of encrypted spreadsheet including restricted passwords by circumventing download restrictions and information protection principles
Pen Test Partners, a company that specializes in security consulting, specifically penetration testing took a close look at how Microsoft’s Copilot AI for SharePoint could be exploited. The results were, to say the least, concerning. Not least considering an encrypted spreadsheet that the hackers were, quite rightly, rejected from opening by SharePoint, no matter what method was employed, was broken wide open when they asked the Copilot AI agent to go get it. “The agent then successfully printed the contents,” Jack Barradell-Johns, a red team security consultant with the security company, said, “including the passwords allowing us to access the encrypted spreadsheet.” Barradell-Johns explained that during the engagement, the red teamers encountered a file named passwords.txt, located adjacent to an encrypted spreadsheet containing sensitive information. Naturally, they tried to access the file. Just as naturally, Microsoft SharePoint said nope, no way. “Notably,” Barradell-Johns said, “in this case, all methods of opening the file in the browser had been restricted.” The download restrictions that are part of the restricted view protections were circumvented, and the content of the Copilot chats could be freely copied. “SharePoint information protection principles ensure that content is secured at the storage level through user-specific permissions and that access is audited. This means that if a user does not have permission to access specific content, they will not be able to view it through Copilot or any other agent. Additionally, any access to content through Copilot or an agent is logged and monitored for compliance and security.”
Keyfactor acquires InfoSec Global and CipherInsights for quantum-safe security expansion
Keyfactor has acquired InfoSec Global and CipherInsights to further expand cryptographic posture management and quantum readiness. The acquisitions enable Keyfactor to deliver deep cryptographic asset discovery, real-time risk monitoring, and seamless transition to quantum-safe standards. With these acquisitions, Keyfactor is addressing the critical gap in cryptographic observability, helping organizations take control of their non-human identities and prepare for the next era of secure infrastructure. Key capabilities include AgileSec Analytics for deep cryptographic visibility, AgileSec Agility for managing and updating cryptography without source code changes, and CipherInsights for real-time passive network monitoring of cryptographic risks. Customers will benefit from enhanced capabilities that will empower security teams to take control of their cryptographic landscape including Comprehensive Visibility; Actionable Intelligence; Risk Remediation.
Keyfactor supports quantum-safe security expansion enabling managing and updating cryptography without source code changes, and also real-time passive network monitoring of cryptographic risks; for
Keyfactor has acquired InfoSec Global and CipherInsights to further expand cryptographic posture management and quantum readiness. The acquisitions enable Keyfactor to deliver deep cryptographic asset discovery, real-time risk monitoring, and seamless transition to quantum-safe standards. With these acquisitions, Keyfactor is addressing the critical gap in cryptographic observability, helping organizations take control of their non-human identities and prepare for the next era of secure infrastructure. Key capabilities include AgileSec Analytics for deep cryptographic visibility, AgileSec Agility for managing and updating cryptography without source code changes, and CipherInsights for real-time passive network monitoring of cryptographic risks. Customers will benefit from enhanced capabilities that will empower security teams to take control of their cryptographic landscape including Comprehensive Visibility; Actionable Intelligence; Risk Remediation.
IPQS Email Verification tech enables businesses to accurately identify fraudulent or suspicious emails at scale by using email reputation database to analyze factors such as email age, domain reputation, and historical fraud associations
IPQS launched its IPQS Email Verification Database. This database is the first of its kind, enabling businesses to validate email addresses at scale. It reduces the need for external API calls for every fraud check, and makes it easier to comply with data privacy regulations. The IPQS Email Verification Database enables businesses to identify fraudulent, disposable, or suspicious emails with unparalleled accuracy by tapping into IPQS’s vast repository of email reputation data. By analyzing factors such as email age, domain reputation, and historical fraud associations, companies can significantly enhance fraud detection while improving customer trust. Additionally, businesses can maintain better email hygiene by filtering out invalid or risky email addresses, improving deliverability rates and sender reputation. IPQS provides businesses with the most comprehensive access to granular email risk intelligence. This enables organizations to detect high-risk users, block fraudulent account registrations, and prevent payment fraud at scale. Delivered securely via an API, the database is updated on a daily, weekly, or monthly basis, depending on business requirements: On-Premise Deployment; Lightweight Design; Regulatory Compliance; Unmatched Data Accuracy; Email List Hygiene. With the IPQS Email Verification Database, businesses can tap into the freshest, most comprehensive email risk intelligence, CEO Dennis Weiss said.
AI-powered cyberattacks are expected within a year and will emerge from models that are less controlled than OpenAI and Anthropic
Kevin Mandia, one of the most prolific cyber entrepreneurs and investors, predicts the world is only a year away from an AI-agent-enabled cyberattack. Mandia warned that chances are we won’t even know an AI tool was the perpetrator. “Everybody’s going to look at that, wonder how that got done, and it’s probably AI behind it,” he told Axios on the sidelines of the RSA Conference. AI doomsday scenarios have haunted cyber pros for decades, but the introduction of generative AI hypercharged their fears. Some have predicted we’ll see autonomous cyber weapons that can evade security tools in the wild by 2027. Others predict that one day the robots will be fighting robots. Mandia founded famed cybersecurity incident response company Mandiant in the early 2000s. The type of attack Mandia is predicting will likely come from the cyber criminal side of the world, rather than nation-states, he said. Mandia added that the first iteration of any new attack style is typically “a bit sloppy” and that foreign adversaries like China are more likely to take their time before rushing to follow suit. “There is enough R&D happening right now on how to use AI [at legitimate organizations] that the criminal element is doing that R&D as well,” he said. Models from OpenAI, Anthropic and other popular AI companies aren’t likely to be involved in the attack that Mandia is predicting. Those models are “pretty darn good” at blocking such blatant violations of their safety parameters. “It’s going to come from some model that’s somewhere out there that’s less controlled,” he said. Chester Wisniewski, global field CISO at Sophos, told Axios that cyber criminals may already have the capabilities — but many of them don’t have a real incentive to tap into them yet. “Fortunately today, cyber criminals are really lazy, and because we keep leaving our wallets open with large sums of cash in them, they’re happy to just steal the money and move on and not do anything fancy,” Wisniewski said.
JFrog’s software supply chain platform integration with Nvidia to scan all components for vulnerabilities, version them and track them across the entire development lifecycle, along with end-to-end artifact and model management
Software supply chain company JFrog announced a new strategic partnership with Nvidia Corp. to power what the company calls the next era of enterprise AI. Under the partnership, JFrog’s platform will serve as the central software artifact repository and secure model registry within Nvidia’s recently unveiled Enterprise AI Factory. The initiative is designed to help enterprises build, deploy and manage next-generation AI workloads, including agentic and physical AI applications, in a secure and scalable environment. The integration between JFrog and Nvidia will allow users to gain secure and governed visibility into all software components, including ML models and engines. The components can be scanned for vulnerabilities, versioned and tracked across the entire software development lifecycle. Users will also benefit from end-to-end artifact and model management, with the ability to seamlessly pull, upload and host AI models, datasets and containers. The integration includes full support for Nvidia NIMs and other assets optimized for the Enterprise AI Factory architecture. By using JFrog Artifactory, organizations can eliminate the need to access components from external sources, improving both performance and security. The integration includes the ability for the JFrog Platform to run natively on Nvidia’s Grace Blackwell architecture to help reduce latency and process tasks with unparalleled performance, efficiency and scale. Additionally, the integration is expected to support a wide range of AI-enabled enterprise applications, agentic and physical AI workflows, autonomous decision-making and real-time data analysis across various industries, including financial services, healthcare, telecommunications, retail, media and manufacturing.
Glean to integrate Palo Alto Network’s security platform to enable secure deployment of enterprise AI agents at scale through runtime security; offers unified data governance across the 100+ connected SaaS applications with SASE-native controls and real-time visibility
Glean, the Work AI platform, announced a strategic technology partnership with Palo Alto Networks to further secure and accelerate the use of AI agents in the enterprise. With new integrations to Palo Alto Networks Prisma AIRS and Prisma Access Browser and AI Access, Glean customers gain enhanced visibility and control over how AI agents operate and interact with sensitive enterprise data – enabling rapid innovation without sacrificing trust, security, or compliance. Glean is purpose-built to solve the challenges of deploying AI at scale in the enterprise. From day one, it was architected with enterprise-grade security at its core: enforcing source-level permissions, isolating customer data, and integrating tightly with identity systems. That foundation has since evolved to include proactive guardrails for agent behavior, continuous governance scanning, and an open ecosystem of security partners. Palo Alto Networks Prisma AIRS is the world’s most comprehensive AI security platform that is designed to protect the entire enterprise AI ecosystem, providing Model Scanning, Posture Management, AI Red Teaming, Runtime Security, and Agent Security. The new integration of Prisma AIRS with Glean’s platform will offer: Secure AI adoption at scale with Runtime Security; Confident cloud data governance Posture Management; Zero-compromise security.
Virtana’s full-stack observability platform integrates natively with NVIDIA GPU platforms to offer in-depth insights into AI environments by continuously collecting telemetry
Virtana announced the launch of Virtana AI Factory Observability (AIFO), a powerful new capability that extends Virtana’s full-stack observability platform to the unique demands of AI infrastructure. With deep, real-time insights into everything from GPU utilization and training bottlenecks to power consumption and cost drivers, AIFO enables enterprises to turn complex, compute-intensive AI environments into scalable, efficient, and accountable operations. This launch strengthens Virtana’s position as the industry’s broadest and deepest observability platform, spanning AI, infrastructure, and applications across hybrid and multi-cloud environments. Virtana’s AI Factory Observability (AIFO) helps enterprises treat AI infrastructure with the same level of visibility, discipline, and accountability as traditional IT. As an official NVIDIA partner, Virtana integrates natively with NVIDIA GPU platforms to deliver in-depth telemetry, including memory utilization, thermal behavior, and power metrics, providing precise, vendor-validated insight into the most performance-critical components of the AI Factory. This deep integration delivers accurate, actionable intelligence at enterprise scale. Virtana AI Factory Observability (AIFO) is purpose-built to meet the demands of AI operations. It continuously collects telemetry across GPUs, CPUs, memory, network, and storage and then correlates that data with training and inference pipelines to provide clear and actionable insights. Core capabilities include: GPU Performance Monitoring; Distributed Training Visibility; Infrastructure-to-AI Mapping; Power and Cost Analytics; Root Cause Analysis. AIFO is already delivering measurable results in production AI environments across multiple industries. Operational outcomes include: 40% reduction in idle GPU time, improving resource utilization and reducing infrastructure costs; 60% faster mean time to resolution (MTTR) for AI-related incidents; 50% decrease in false alerts, reducing operational noise and accelerating response; 15% improvement in power efficiency, supporting sustainability goals.