Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scaling Microsoft AI Agents Securely: Zenity Brings Inline Prevention to Microsoft Foundry and Copilot Studio

Microsoft Foundry and Microsoft Copilot Studio have made it simple to build AI agents that automate workflows, access sensitive data, and integrate across critical business systems. However, agent democratization without control creates new security challenges. Further, as more agents are deployed across the organization, it means more agents that can access more data, invoke more tools (including MCP and A2A), and perform more actions. In other words, the potential attack surface is expanding.

AppSec metrics fail, Mend.io's Risk Reduction Dashboard fixes it

Today, we’re introducing our Risk Reduction Dashboard. This is a new way for security leaders to quantify their AppSec program’s impact, prioritize high-value fixes, and prove ROI with data-backed insights that go beyond raw vulnerability counts.

Comparing NER Models for PII Identification

Identifying and redacting personally identifiable information (PII) is a critical need for enterprises handling sensitive data. Over 1000 NLP models and tools claim to solve this problem, but an infinite number of options opens a paradox of choice. We compiled this comprehensive comparison that examines ten notable PII detection solutions – their features, use cases, pros/cons, and reported success rates.

Obrela joins the discussion on the future of NATO's cloud security

Drawing on Obrela’s experience managing complex cyber incidents and supporting national-level assurance programmes, Sebastian Bocquier, Head of DFIR, will present a practical, mission-ready framework that shifts accreditation from a static, one-time checkpoint to a continuous assurance capability embedded throughout NATO’s cloud ecosystem.

CVE-2025-55752: Apache Tomcat Path Traversal Vulnerability

Apache Tomcat continues to play a central role in hosting Java-based web applications across enterprises, cloud services, and government systems. Its reliability and lightweight architecture make it a go-to choice for developers, but its ubiquity also means that a single vulnerability can have widespread security implications. CVE-2025-55752, disclosed in late 2025, highlights how a subtle processing regression can evolve into a high-impact vulnerability under the right conditions.

From Cloud to Code: Salt Cloud Connect Now Scans GitHub

One of our most-loved features is Salt Cloud Connect. In a world of complex deployments, it’s a breath of fresh air: an agentless discovery model that delivers under 10-minute deployment and rapidly gathering API-specific info in cloud platforms. Customers plug it in, and in minutes, not weeks, they get a “traffic-free”, complete inventory of their APIs across AWS, Azure, GCP, Kong, and Mulesoft. This “ease of use” provides a “wow” moment of immediate visibility.

What You Don't Know: The Role of Threat Intelligence in Driving Cybersecurity Awareness

In times of geopolitical and economic instability, no organization would consider running without backups, additional support, clear end goals, and company-wide communication. Within business, the wisdom of strength in numbers and power in unity is widely understood. However, when it comes to its cybersecurity – a critical pillar that reputation, safety, and resilience rely upon – the opposite often happens.

Defeating BLOCKADE SPIDER: How CrowdStrike Stops Cross-Domain Attacks

Cross-domain attacks exemplify adversaries’ drive for speed and stealth. In these attacks, threat actors navigate multiple domains such as endpoint, cloud, and identity systems to maximize their reach and impact. Their goal is to exploit the weaknesses in organizations’ fast-growing and complex environments.

What is Ransomware-as-a-Service? How It Happens and How to Defend Against It?

Cyberattacks are becoming more advanced and threatening with every passing day. Even if you have a reliable security system in place, the risk of cyberattacks remains. Of all the cyberattacks, Ransomware is perhaps the most dangerous because it causes both data and financial loss. It started as simple encryption malware, but over the years, it has turned into a full-scale business model known as Ransomware as a Service (RaaS).