Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Most mobile security workflows end in a familiar way. A scan runs, a report is generated, and the output looks reassuring. There are no critical issues, maybe a few medium findings, nothing that blocks a release. The process completes, the team moves forward, and the app ships. At that moment, the assumption is clear. The app has been tested. The risk is understood. But there is a question that rarely gets asked, and it changes the entire conversation.

COMMENTARY: When the United States and Israel launched coordinated strikes against Iran on February 28, the security community mobilized around the visible response. I’ve watched that response for two weeks: teams tracking hacktivist DDoS campaigns, incident counts climbing, news coverage following close behind.

AI application security protects AI-powered apps, including those powered by large language models ( LLMs), from unique threats like prompt injection, data poisoning, and model theft. It achieves this by securing the entire lifecycle, including code, data, algorithms, and APIs, using specialized tools and processes that go beyond traditional security measures. It involves securing the AI model’s behavior, training data, and outputs.

Attackers inside OT environments don’t run, they walk slowly, blend in, and map everything before they act. Here’s why cyber deception technology is built for exactly that threat.

Organisations deploying agents face a challenge: the predominant AI frameworks most organisations rely on do not explicitly address agentic AI. This is true for the big three: ISO 42001, NIST's AI Risk Management Framework (RMF), and the EU AI Act.

Cisco polled its major enterprise customers before RSA 2026 and found something astounding. 85% of large enterprises are experimenting with AI agents. Only 5% have moved them into production. That's not a technology gap. The models work. The tools exist. The 80-point spread between experimentation and production is a governance gap. It's also a context gap.

Organizations have traditionally treated phishing emails as a technology problem to be solved with spam filters and secure email gateways. But with phishing attacks on the rise, these tactics are no longer enough. KnowBe4’s 2025 Phishing By Industry Benchmarking Report found a 47% increase in phishing attacks that bypass Microsoft’s native defenses and secure email gateways. Why do they succeed? Because they exploit reliable human behavior.