OPSWAT and SentinelOne® announced their OEM partnership with the integration of SentinelOne’s industry-leading AI-powered detection capabilities into OPSWAT’s Metascan™ Multiscanning technology. This collaboration elevates malware detection across platforms, empowering enterprises to combat modern cyber threats with even greater precision and speed. With SentinelOne’s AI/ML detection capabilities now part of OPSWAT’s Metascan Multiscanning, joint customers benefit from: Enhanced detection accuracy through industry-leading AI capabilities; Cross-platform functionality, supporting both Windows and Linux deployments; Stronger ransomware and zero-day threat defense with autonomous, cloud-independent operation. Integrating SentinelOne’s AI detections strengthens Metascan’s multilayered defense, giving our customers faster, smarter protection against today’s most sophisticated threats. The inclusion of SentinelOne’s AI/ML detections in Metascan Multiscanning provides unmatched malware detection through simultaneous scanning with over 30 leading anti-malware engines, utilizing signature, heuristic, and machine learning techniques to achieve over 99% detection accuracy. The integration of SentinelOne’s AI/ML detections further amplifies this capability by identifying threats that bypass traditional defenses such as polymorphic malware.
Verax Protect safeguards companies against rising AI risks, peventing AI tools from exposing information to users that they are not authorized to access and enforcing organizational policies on AI
Verax AI has launched Verax Protect, a cutting-edge solution – suitable even for companies in highly regulated industries – aims to help large enterprises uncover and mitigate Generative AI risks, including unintended leaks of sensitive data. Key capabilities of Verax Protect: Prevent sensitive data from leaking into third-party AI tools: AI tools encourage users to input as much data as possible into them in order to maximise their productivity benefits. This often leads to proprietary and sensitive data being shared with unvetted third-party providers. Prevent AI tools from exposing information to users that they are not authorized to access: The increasing use of AI tools to generate internal reports and summarize sensitive company documents opens the door to oversharing data, raising the risk of other employees seeing information they’re not meant to access. Enforce organizational policies on AI: In contrast to the currently popular —but largely ineffective—methods of ensuring employee compliance with AI policies, such as training sessions and reminder pop-up banners, Verax Protect enables automatic enforcement of corporate AI policies, preventing both accidental and deliberate violations. Comply with security and data protection certifications. Many compliance certifications, such as those dealing with GDPR in Europe or sector-specific laws in the U.S. like HIPAA for healthcare or GLBA for financial services require evidence of an effort to safeguard sensitive and private data. Gen AI adoption makes such efforts more difficult to implement and even harder to demonstrate. Verax Protect helps to prove that sensitive and private data is safeguarded even when AI is used.
F5 introduces post-quantum cryptography tools for application security providing unified visibility into all encrypted traffic, apps and APIs
Application security firm F5 announced a series of post-quantum cryptography (PQC) solutions, designed to safeguard sensitive data and maintain performance across hybrid, multicloud and legacy environments at a time when classical encryption methods are becoming increasingly vulnerable. The company argues that, given the change ahead, that a poorly managed transition can cause outages and disrupt operations, especially across hybrid, multicloud and legacy systems. Without the right approach, organizations risk costly downtime, slower applications, compliance issues and frustrated users. The platform-based approach, which offers PQC support for both server-side and client-side encryption, protects organizations’ apps, APIs and data while optimizing performance. F5’s PQC capabilities offers a range of benefits, including trusted post-quantum encryption that utilizes the National Institute of Standards and Technology-standardized algorithms to secure customer data, intellectual property and critical assets without impacting system performance. The platform delivers end-to-end security, from client-side encryption to backend protection, and does so by combining high-availability application delivery with threat intelligence, firewall functions and secure access controls. The PQC offering provides unified visibility into all encrypted traffic, apps and APIs to enhance security oversight and support artificial intelligence, automation and telemetry initiatives. It also simplifies regulatory compliance by helping organizations meet evolving data protection standards as they adopt post-quantum cryptographic protocols.
Negotiating with ransomware gangs works, survey finds- nearly half of the companies that paid a ransom to hackers last year ended up paying less than the initial asking price with the median ransom payment dropping to $1 million from $2 millions
Approximately half of the companies that paid a ransom to hackers last year ended up paying less than the criminals originally asked for, according to new Sophos data. That’s good news for companies worried about devastating losses from data-encrypting ransomware attacks. Even if hackers are getting paid less, they’re still getting paid. Half of the 3,400 IT and cybersecurity leaders surveyed — all of whom faced ransomware attacks in the last year — said their companies paid hackers a ransom. Law enforcement and security experts warn that paying hackers could further embolden them. It’s also not a guarantee that hackers will follow through with their promises to decrypt systems or delete stolen data. 3% of ransomware victims said their companies ultimately ended up paying less than the initial asking price. The median ransom demand dropped by one-third to about $1.3 million last year, down from $2 million the previous year. Meanwhile, the median ransom payment was cut in half in the last year, according to the data. Companies paid a median of $1 million, down from $2 million. Organizations bringing in more than $5 billion in annual revenue faced steeper price tags: Their average ransom demand was about $5.5 million. Of the companies that paid less, 47% said they did so by actively negotiating with the hackers. Another 45% said the attackers also reduced their demands due to external pressures, such as law enforcement actions and bad press. The percentage of companies that recovered from a ransomware attack after just one week grew to 53%, up from 35% in the previous year’s data.
Upwind’s ML cloud platform collects multi-layer telemetry data of the networking stack for real-time detection of threats to APIs, enabling 7X reduction in the mean time to respond
Upwind has added a feature to its cloud application detection and response (CADR) platform, allowing real-time detection of threats to application programming interfaces (APIs). The platform uses machine learning algorithms to collect telemetry data from Layers 3, 4, and 7 of the networking stack, enabling the identification of deviations and anomalous behavior in API traffic. The goal is to reduce the time required to investigate API security incidents by up to 10 times and mean time to response times by up to seven times. In the age of generative artificial intelligence (AI), there is a growing focus on API security. Many organizations are discovering that sensitive data is being shared inadvertently with AI models. Historically, responsibility for securing APIs has been unclear, with many cybersecurity teams assuming that application development teams are securing them as they are developed. However, this can lead to thousands of APIs that cybercriminals can exploit to exfiltrate data or modify business logic. Over the next 12-18 months, organizations plan to increase software security spend on APIs, DevOps toolchains, incident response, open source software, software bill of materials, and software composition analysis tools. Advancements in AI and eBPF technologies could simplify the entire software development lifecycle by streamlining the collection and analysis of telemetry data.
Microsoft Sentinel enables more accurate event reconstruction by integrating Endace’s one-click, drill-down access to definitive, full packet evidence and SIEM workflows
Endace has partnered with Microsoft Sentinel to integrate EndaceProbe with the cloud security solution. This integration allows NetOps and SecOps teams to access full packet evidence from Microsoft Sentinel, enabling faster investigations and more accurate event reconstruction. This integration also enhances security teams’ ability to respond to threats with confidence. Benefits of the integration include: Streamlined investigation workflows, alerts, and playbooks from Microsoft Sentinel, with one-click, drill-down access to definitive, full packet evidence captured by EndaceProbe; Continuously capture weeks or months of full packet data, across Hybrid, On-Prem, and Multi-Cloud environments; Single central console for searching and analyzing recorded packet data across global scale networks, integrated with Microsoft Sentinel; Deep visibility that shows exactly what happened before, during, and after every event; Zero-Day Threat (ZDT) risk validation using playback of recorded network traffic; Combining EndaceProbe’s centralized search with Microsoft Sentinel’s AI-powered SIEM enables faster, more efficient incident investigation and resolution; Military-grade Security: EndaceProbe appliances are FIPS 140-3 compliant and are listed on the DoDIIN APL.
BigID’s privacy management solution helps enterprises to capture, score, and track AI-related privacy risks in a centralized register to strengthen governance and enable effective risk mitigation
BigID, announced the launch of AI Privacy Risk Posture Management – the industry’s first solution to help organizations manage data privacy risks across the AI lifecycle. With unmatched visibility, automated assessments, and actionable privacy controls, BigID empowers enterprises to govern AI responsibly while staying ahead of fast-evolving regulations. BigID’s platform help organizations: 1) Automatically Discover AI Assets: Quickly inventory all models, vector databases, and AI pipelines across hybrid environments to understand how sensitive and personal data flows through AI systems – a critical requirement for GDPR Article 35 and beyond. 2) Proactively Manage AI Data Lifecycles: Enforce policies for data minimization, retention, and lawful purpose across training and inference, preventing model drift and limiting risk exposure. 3) Streamline Privacy Risk Management: Capture, score, and track AI-related privacy risks in a centralized Privacy Risk Register to strengthen governance and enable effective risk mitigation. 4) Accelerate AI Privacy Impact Assessments: Use pre-built, customizable templates for DPIAs and AIAs aligned to regulatory frameworks – with automated evidence capture to simplify documentation. 5) Automate Risk Visibility & Reporting: Gain up-to-date reporting and dynamic risk assessments to demonstrate compliance and communicate AI risk posture to regulators and stakeholders. 6) Board Ready Privacy Metrics: Deliver meaningful KPIs and metrics to DPOs and board leaders, helping quantify AI privacy risk and monitor remediation efforts.
Cyera’s AI DLP solution automatically detects unique data in real-time and prevents exfiltration, controls data used in AI tools and prompts to prevent data exposure
Cyera, the world’s fastest-growing data security company, today announced the launch of Omni DLP, a breakthrough AI-native solution that finally delivers on the promise of enterprise data loss prevention. Omni DLP combines the power of Cyera’s AI-native Data Security Posture Management (DSPM) with a real-time DLP analysis engine from its Trail Security acquisition, creating a unified architecture that protects data at rest, in motion, and in use. With Omni DLP, organizations gain: 1) AI-Powered Noise Reduction – Eliminate over 95% of false positive alerts to focus on the few most critical and actionable 2) Real-Time, Adaptive Protection – Automatically detect your unique data and prevent exfiltration 3) Deep AI Governance – Control data used in AI tools and prompts, and prevent data exposure through AI systems. 4) 360 View – all your endpoint, network, email, messaging and cloud DLP risks, alerts and policies in a single view, leveraging AI for enrichment and correlation. 5) Policies That Learn – auto-tuned controls that evolve with your data. “Omni DLP is the brain DLP has been missing,” said Yotam Segev, CEO and co-founder of Cyera. “Omni DLP enables us to protect sensitive data in motion – the crown jewels – automatically classified by our AI-native classification engine. This is data security the way it was meant to be: intelligent, adaptive, and built for the AI era.”
HiddenLayer’s AISec platform 2.0 enhances explainability of AI models using Model Genealogy and AI Bill of Materials (AIBOM), that reveal their lineage and pedigree to track how they were trained, fine-tuned, and modified over time
HiddenLayer released AISec Platform 2.0, the platform with the most context, intelligence, and data for securing AI systems across the entire development and deployment lifecycle. Tnew release includes Model Genealogy and AI Bill of Materials (AIBOM), expanding the platform’s observability and policy-driven threat management capabilities. With AISec Platform 2.0, HiddenLayer is establishing a new benchmark in AI security where rich context, actionable telemetry, and automation converge to enable continuous protection of AI assets from development to production. With AISec Platform 2.0, HiddenLayer empowers security teams to Accelerate model development, Gain full visibility, Automate model governance and enforcement and Deploy AI with confidence. AISec Platform 2.0 introduces: 1) Model Genealogy: Unveils the lineage and pedigree of AI models to track how they were trained, fine-tuned, and modified over time, enhancing explainability, compliance, and threat identification. 2) AI Bill of Materials (AIBOM): Automatically generated for every scanned model, AIBOM provides an auditable inventory of model components, datasets, and dependencies. Exported in an industry-standard format, it enables organizations to trace supply chain risk, enforce licensing policies, and meet regulatory compliance requirements. 3) Enhanced Threat Intelligence & Community Insights: Aggregates data from public sources like Hugging Face, enriched with expert analysis and community insights, to deliver actionable intelligence on emerging machine learning security risks. 4) Red Teaming & Telemetry Dashboards: Updated dashboards enable deeper runtime analysis and incident response across model environments, offering better visibility into prompt injection attempts, misuse patterns, and agentic behaviors.
Pentera’s distributed orchestration platform lets security teams run simultaneous security validation tests via single interface through a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures at scale
Automated Security Validation platform Pentera is setting a new standard for enterprise-scale security validation with the introduction of its Distributed Attack Orchestration architecture and AI-reporting capabilities. These enhancements meet the requirements of security teams to scale security validation testing to govern a consistent security posture across decentralized enterprise IT architectures. With a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures, security teams can run simultaneous security validation tests coordinated through a single interface. Each node runs in-depth attack emulation, ensuring that as testing scales across the enterprise, the depth and rigor of validation remain uniform. Designed for centralized control, Pentera provides security teams with the following capabilities to manage distributed testing efficiently: Granular Test Scheduling, Real-Time Control over Test Operations, Silent Runs – Pentera provides advanced control over test noise levels, with signed commands and payloads, allowing operators to test across environments without overloading the SOC with false alarms. “Our Distributed Attack Orchestration solution provides visibility into how adversaries can exploit the enterprise attack surface, while our AI-based reporting aggregates the trends security leaders need to prioritize to reduce exposure across the organization,” said Ran Tamir, Chief Product Officer at Pentera.