Infosec stories - Page 9

OPSWAT founder Benny Czarny urges a prevention-first cyber defence in his new book, arguing detection-led tools can no longer keep pace.

As logins replace break‑ins, experts urge a shift from perimeter defence to operational cyber resilience grounded in identity security.

Ekco unveils managed risk centre using Qualys technology to give UK and Irish firms continuous, business-focused visibility of cyber threats.

A paranoid posture and heavy automation promise to transform SOCs, cutting dwell times and exposing stealthy attacks at unprecedented scale.

Kroll warns boards are overestimating cyber resilience as attacks cost firms an average USD $2.2 million a year and response plans lag reality.

Manchester City appoints N-able as official cyber partner to safeguard its expanding digital operations and global fan data footprint.

DigiCert reports record Q4 ARR in FY26 as DigiCert ONE platform growth, acquisitions and automation demand drive digital trust expansion.

Delinea warns that rapid AI rollout is eroding identity controls, leaving machine accounts exposed and widening security blind spots.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Rapid7's Exposure Command now adds runtime validation and DSPM to rank real attack paths in hybrid and multi-cloud environments.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Security flaws in 17 AI companion apps used by 150m people could expose intimate chats, photos and voice messages to attackers.

Cohesity bakes Sophos malware scanning into its Data Cloud to spot hidden threats in backups and cut reinfection risk during recovery.

Cobalt weaves AI into its pentesting platform, automating recon and triage while keeping human experts on complex attack paths.

Versa teams with Intel on AI at the edge, debuts a secure enterprise browser and launches inbound SSE to protect internet-facing apps.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

Token Security launches intent-based controls to govern AI agents' access by purpose, aiming to curb over-privileged, autonomous system behaviour.

Coalfire's new DivisionHex service hunts shadow AI and rogue agents as most firms report AI-driven security incidents without proper oversight.

World Backup Day now warns boards that backup is no mere IT chore, but a frontline defence against ransomware targeting recovery itself.

Lineaje launches UnifAI, a security and governance layer to centralise control, discovery and policy for enterprise agentic AI deployments.