Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Generative AI creates new attack surfaces that traditional security tools were not designed to address. The biggest generative AI security risks include prompt injection, data leakage, shadow AI, compliance exposure, model poisoning, insecure RAG pipelines, and broken access control. Each one requires a specific defense, not a generic firewall or DLP rule.

The most common first move in a modern cyberattack isn't a zero-day exploit or a piece of custom malware. It's a username and a password. Attackers know that credential theft is the fastest path into an enterprise network. And when an organization implements Single Sign-On (SSO), that path gets shorter. One stolen credential equals access to dozens of applications.

Managing JD Edwards user access by hand quickly becomes a hardship, especially as your team grows and roles shift constantly. You end up with deprovisioning that drags on for weeks, role assignments that don't match job descriptions, and audit trails scattered across emails and spreadsheets. These aren't one-off problems. They happen predictably when manual processes try to handle enterprise-scale demands in a fast-moving business environment.

A strong audit score can feel like a victory. It looks neat, reassuring, and board-friendly. But a high score can also hide the most important question of all: whether the business is actually safer, more resilient, and better prepared when something goes wrong. That gap is where compliance theater lives. It is a polished performance of compliance, but it lacks the underlying strength.

Today, we’re proud to share that Tines has achieved ISO 27001, ISO 27701, and ISO 42001 certification. This marks an important milestone in how we continue to effectively manage information security, privacy, and AI governance across our business and platform. For you, this is about more than achieving the ISO trifecta.

At 11:11 Systems, we’ve always believed that disaster recovery is about much more than the underlying technology. It’s about cyber resilience, business continuity, and exceptional customer outcomes. Recently, 11:11 Systems was named an Aspiring Vendor in the 2025 Gartner Peer Insights Voice of the Customer for Disaster Recovery as a Service (DRaaS) report. This marks the third year 11:11 has received this recognition.

As organizations scale Kubernetes across hybrid environments, they need data protection that is built for cloud-native operations and aligned with the platforms already powering their infrastructure.

AI agents have changed how teams think about private network access. Your coding agent needs to query a staging database. Your production agent needs to call an internal API. Your personal AI assistant needs to reach a service running on your home network. The clients are no longer just humans or services. They're agents, running autonomously, making requests you didn't explicitly approve, against infrastructure you need to keep secure.

Agents let you build software faster than ever, but securing your environment and the code you write — from both mistakes and malice — takes real effort. Open Web Application Security Project (OWASP) details a number of risks present in agentic AI systems, including the risk of credential leaks, user impersonation, and elevation of privilege.

We have thousands of internal apps at Cloudflare. Some are things we’ve built ourselves, others are self-hosted instances of software built by others. They range from business-critical apps nearly every person uses, to side projects and prototypes. All of these apps are protected by Cloudflare Access. But when we started using and building agents — particularly for uses beyond writing code — we hit a wall. People could access apps behind Access, but their agents couldn’t.