Descope, the drag & drop external IAM platform, launched the Agentic Identity Hub, an industry-first platform that helps organizations solve authentication and authorization challenges for AI agents, systems, and workflows. The Descope no / low code external IAM platform helps organizations easily create, modify, and manage journeys for their consumers, business customers, partners, and APIs / AI agents using visual workflows. Capabilities announced include: 1) Inbound Apps, which provide every application an easy way to become its own identity provider using the OAuth standard. This allows AI agents to securely authenticate, access authorized user data, and take scoped actions on behalf of users with their explicit consent. 2) Outbound Apps, which provide every AI agent builder a secure, scalable way to connect AI agents to external tools without having to manually manage and store tokens, scopes, and permissions. Developers can choose from over 50 out-of-the-box tool integration templates including Gmail, HubSpot, GitHub, Snowflake, Slack, Notion, and Shopify. 3) MCP Auth SDKs and APIs that help developers building and managing remote MCP servers secure their systems with robust authorization controls as well as extend the MCP servers’ functionality by connecting them with multiple OAuth-based services.
BlackCloak’s ID verification tech combats deepfake-powered phishing and other impersonation attacks targeted at high-profile executives by enabling users to verify the authenticity of suspicious communications
BlackCloak has launched an industry-first Identity Verification solution to combat deepfake-powered and other impersonation attacks, targeting high-profile executives and individuals. BlackCloak’s new Identity Verification offering is the first to address this rapidly emerging cybersecurity issue by enabling customers who receive a suspicious email to verify the sender’s identity and ensure the message is authentic. Integrated into its Digital Executive Protection platform, this feature enables users to verify the authenticity of suspicious communications, providing vital protection for executives, families, and businesses. BlackCloak’s new Identity Verification feature targets phishing campaigns, such as deepfakes, by allowing the user to prompt the sender to validate that they are who they claim to be through the BlackCloak mobile app. The new feature can combat the impact of deepfakes containing the following attributes: Synthetic Media, Facial Manipulation, Voice Cloning:, and Behavioral Mimicry.
Cyera’s AI DLP solution automatically detects unique data in real-time and prevents exfiltration, controls data used in AI tools and prompts to prevent data exposure
Cyera, the world’s fastest-growing data security company, today announced the launch of Omni DLP, a breakthrough AI-native solution that finally delivers on the promise of enterprise data loss prevention. Omni DLP combines the power of Cyera’s AI-native Data Security Posture Management (DSPM) with a real-time DLP analysis engine from its Trail Security acquisition, creating a unified architecture that protects data at rest, in motion, and in use. With Omni DLP, organizations gain: 1) AI-Powered Noise Reduction – Eliminate over 95% of false positive alerts to focus on the few most critical and actionable 2) Real-Time, Adaptive Protection – Automatically detect your unique data and prevent exfiltration 3) Deep AI Governance – Control data used in AI tools and prompts, and prevent data exposure through AI systems. 4) 360 View – all your endpoint, network, email, messaging and cloud DLP risks, alerts and policies in a single view, leveraging AI for enrichment and correlation. 5) Policies That Learn – auto-tuned controls that evolve with your data. “Omni DLP is the brain DLP has been missing,” said Yotam Segev, CEO and co-founder of Cyera. “Omni DLP enables us to protect sensitive data in motion – the crown jewels – automatically classified by our AI-native classification engine. This is data security the way it was meant to be: intelligent, adaptive, and built for the AI era.”
HiddenLayer’s AISec platform 2.0 enhances explainability of AI models using Model Genealogy and AI Bill of Materials (AIBOM), that reveal their lineage and pedigree to track how they were trained, fine-tuned, and modified over time
HiddenLayer released AISec Platform 2.0, the platform with the most context, intelligence, and data for securing AI systems across the entire development and deployment lifecycle. Tnew release includes Model Genealogy and AI Bill of Materials (AIBOM), expanding the platform’s observability and policy-driven threat management capabilities. With AISec Platform 2.0, HiddenLayer is establishing a new benchmark in AI security where rich context, actionable telemetry, and automation converge to enable continuous protection of AI assets from development to production. With AISec Platform 2.0, HiddenLayer empowers security teams to Accelerate model development, Gain full visibility, Automate model governance and enforcement and Deploy AI with confidence. AISec Platform 2.0 introduces: 1) Model Genealogy: Unveils the lineage and pedigree of AI models to track how they were trained, fine-tuned, and modified over time, enhancing explainability, compliance, and threat identification. 2) AI Bill of Materials (AIBOM): Automatically generated for every scanned model, AIBOM provides an auditable inventory of model components, datasets, and dependencies. Exported in an industry-standard format, it enables organizations to trace supply chain risk, enforce licensing policies, and meet regulatory compliance requirements. 3) Enhanced Threat Intelligence & Community Insights: Aggregates data from public sources like Hugging Face, enriched with expert analysis and community insights, to deliver actionable intelligence on emerging machine learning security risks. 4) Red Teaming & Telemetry Dashboards: Updated dashboards enable deeper runtime analysis and incident response across model environments, offering better visibility into prompt injection attempts, misuse patterns, and agentic behaviors.
Pentera’s distributed orchestration platform lets security teams run simultaneous security validation tests via single interface through a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures at scale
Automated Security Validation platform Pentera is setting a new standard for enterprise-scale security validation with the introduction of its Distributed Attack Orchestration architecture and AI-reporting capabilities. These enhancements meet the requirements of security teams to scale security validation testing to govern a consistent security posture across decentralized enterprise IT architectures. With a choice of persistent or dynamic attack nodes deployed across multi-site infrastructures, security teams can run simultaneous security validation tests coordinated through a single interface. Each node runs in-depth attack emulation, ensuring that as testing scales across the enterprise, the depth and rigor of validation remain uniform. Designed for centralized control, Pentera provides security teams with the following capabilities to manage distributed testing efficiently: Granular Test Scheduling, Real-Time Control over Test Operations, Silent Runs – Pentera provides advanced control over test noise levels, with signed commands and payloads, allowing operators to test across environments without overloading the SOC with false alarms. “Our Distributed Attack Orchestration solution provides visibility into how adversaries can exploit the enterprise attack surface, while our AI-based reporting aggregates the trends security leaders need to prioritize to reduce exposure across the organization,” said Ran Tamir, Chief Product Officer at Pentera.
Snyk’s AI-powered security testing solution assists developers to proactively detect, inventory and deal with risks that can occur when using generative AI and APIs in software development
Cybersecurity company Snyk announced the launch of Snyk API & Web, a new dynamic application security testing or DAST solution designed to meet the growing demands of modern and increasingly AI-powered software development. The new service integrates technology from Probley, a startup acquired by Snyk into Snyk’s application security platform. The technology unifies critical AppSec testing techniques into a single developer security platform. The DAST service seeks to assist in dealing with risks that can occur when businesses increasingly leverage generative AI and use APIs to bridge the gap between LLMs and the applications they fuel. Snyk argues that APIs introduce vulnerabilities that can expose AI models to significant risks, jeopardizing the security of entire software supply chains. Snyk API & Web offers a robust solution for developers and AppSec teams to proactively discover, inventory and secure API vulnerabilities before they become threats. The new service offers tools designed to simplify DAST for developers and security teams. The inetgration also leverages AI-driven capabilities to detect vulnerabilities that are often missed by conventional methods. This makes the solution especially useful in fast-paced development environments where speed and accuracy are paramount. API & Web also includes an AI-powered API Security Testing engine that uses generative AI and traditional machine learning models. The engine helps developers better map the growing API attack surface and automate the process of scanning for vulnerabilities.
Invoice factoring platform for SMBs FundThrough acquires consumer brands-focused fintech Ampla to help more businesses solve their cash flow problem through digital-first ecosystem
FundThrough, the fintech invoice factoring platform for SMBs, announced its acquisition of Ampla, the provider of financial technology solutions for consumer brands offering working capital, business banking, corporate cards, and analytics. Ampla surpassed +$2B of loan originations and handled +$5T of transaction volume through its platform. This strategic acquisition strengthens FundThrough’s digital-first ecosystem, creating an unrivaled platform explicitly designed for small businesses that sell to larger companies and wait to get paid after invoicing. Steven Uster, FundThrough’s CEO said “Ampla’s technology significantly enhances FundThrough’s AI-powered model, enabling us to level the playing field further. With Ampla, we can scale faster, enhance our credit underwriting and monitoring processes, and help even more businesses solve their number one pain point, cash flow.” In addition to the acquisition, FundThrough also raised $25 million in its Series B round, led by existing investor Klister Credit Corp., an early and large investor in both Shopify and FundThrough. This strategic investment fuels aggressive expansion into key growth areas, including further acquisitions, investments in technology and AI, enhanced UX, and accelerated product innovation.
Embedded payroll startup Salsa to launch integrated offerings and tools that streamline worker onboarding, tax filings and tracking commissions, tips and overtime
Embedded payroll startup Salsa continues to gain momentum. With a newly secured $20 million in Series A funding, its total capital is $30 million since its founding in 2021. The round was led by Altos Ventures, with additional participation from Greycroft, SemperVirens, Definition and Better Tomorrow Ventures. Altos Ventures Partner Tae Yoon said, “Payroll is one of the clear next frontiers in embedded FinTech. … We are thrilled to partner with Salsa as it becomes the foundational layer for payroll across entire industries.” The new funding will support Salsa’s efforts to help software platform developers in all 50 U.S. states and Canada embed payroll features in their products that they didn’t previously have. This includes launching integrated payroll offerings and tools that streamline tasks like worker onboarding, tax filings and tracking commissions, tips, overtime and employees who work in multiple locations — all without the need to have in-house payroll expertise.
Navy Federal to roll out Bloom Credit’s checking account feature offering the ability to report existing payments such as rent, telco, and utility payments as tradelines to the major credit bureaus
Navy Federal, the largest credit union in the U.S., has selected cash flow reporting and credit data infrastructure platform Bloom Credit’s consumer permissioned data solution, Bloom+, as a new checking account feature for its 14 million members. Bloom+ allows a financial institution to provide customers the ability to leverage existing payments from their checking accounts, such as rent, telco, and utility payments, to be reported as tradelines to the major credit bureaus. By using Bloom+ consumer bill repayment history becomes a powerful tool in building and demonstrating creditworthiness. The Bloom+ white label, no code API allows banks and credit unions to offer checking account customers the ability to report bill payments as tradelines. The proprietary software, which can be launched with clients in as little as two weeks, helps financial institutions to attract and retain deposits, create revenue opportunities, and secure actionable cashflow insights on customers. Bloom Credit also announced a $10.5 million growth investment led by Crosslink Capital, including participation from existing investors Allegis Capital and Commerce Ventures.
Mr. Cooper’s customers have an average FICO score of 736, and loan-to-value ratios averaged 52%; 6.5 million servicing customers open the opportunity to offer clients more products
Mr. Cooper executives provided a glimpse of the opportunities the deal represents for companies in the mortgage space — or how it intends to power the “Apple of homeownership” flywheel. “This transaction is about creating a scaled homeownership experience,” Mr. Cooper Group CEO Jay Bray said. Overall, Mr. Cooper delivered $88 million in net income in the first quarter, which include a negative hit of $82 million on its mortgage servicing rights (MSR) portfolio. “The integration teams are already synched and planning for how to bring our business together once the transaction closes,” Bray told analysts. It all starts with a $1.514 billion servicing portfolio in the first quarter, down from $1.556 billion in the fourth quarter of 2024. That was tied to the shift of $60 million in sub-serviced loans to other firms amid the closure of its Flagstar deal at the end of the year — the biggest acquisition in Mr. Cooper’s history. Still, that’s the largest portfolio in the industry, and it offers ample opportunity to originate refinances when interest rates drop, along with other products while they are still at higher levels. In total, Mr. Cooper had 6.5 million servicing customers in the first quarter. Servicing loans opens the opportunity to offer clients more products. Executives said Mr. Cooper sees momentum in home equity loans and cash-out refinances, which have massive long-term growth potential regardless of the interest rate environment, they say. Mike Weinbach, president of Mr. Cooper Group, said these products are “turning out to be a very popular method for customers to tap the equity in their homes.” In total, 94% of Mr. Cooper’s customers have at least 20% equity in their homes. “They typically use this liquidity for debt consolidation, home improvements and other major expenses,” Weinbach added. “Regardless of the use, these products cost much less than most credit cards, and that’s even before considering the tax deductibility of mortgage interest.” While the current environment offers limited opportunity for rate-and-term refis, the firm’s refinance recapture rate was a little over 50% in the first quarter. Second liens were not included in the ratio. “As of quarter end, 21% of our portfolio had note rates of 6% or higher, which is indicative of a sizable opportunity when rates next rally,” Weinbach said. Mr. Cooper’s origination segment earned $45 million in pretax income, in line with the previous quarter. It funded $8.3 billion in loans across 32,296 loans in the first quarter, with $1.9 tied to its direct-to-consumer channel and $6.4 billion from correspondent business. Total volume shrank from $9.2 billion in the fourth quarter of 2024. Regarding the company’s portfolio, delinquencies were at 1.1%. Customers have an average FICO score of 736, and loan-to-value ratios averaged 52%. Johnson said the company “doesn’t try to forecast overall consumer credit cycles.” Bray added that “balance-sheet strength is non-negotiable for industry leaders, and it’s especially important during periods of elevated uncertainty such as the markets are currently experiencing.”