Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CEO Maxime Lamothe-Brassard made an observation after the RSA conference that security vendors don't typically say out loud: "The frontier models are just better than anything people roll their own. There's no secret sauce these vendors are offering that is better than the latest frontier model release." That's a pointed claim that carries a significant implication buyers may not have fully considered.

Brand impersonation protection helps enterprises detect, disrupt, and stop impersonation attacks where criminals imitate trusted brands, websites, apps, domains, ads, or digital journeys to deceive users and steal credentials, data, money, or access. The goal is not to stop every fake asset from ever appearing. That is not realistic.

If you’re weighing open source against commercial tools for detecting attacks on your AI agents, you’re probably trying to answer a single question. Can we build this ourselves, or should we buy it? It’s a fair question, and the existing content on it isn’t much help. Most comparisons line up tools side by side and tally features. That tells you which tool is better at one slice of the problem. It doesn’t tell you whether you have a working detection program.

An AI agent moving laterally through a Kubernetes cluster does not look like an intrusion. There is no foreign process, no exploit, no dropped binary — just the agent using the identity, network routes, and tools it was handed at deployment to reach targets it was technically allowed to touch. That is the entire problem. The controls you run were built to catch an outsider pivoting from host to host.

For decades, VMware stood at the center of enterprise infrastructure. It underpinned critical applications, supported recovery plans, shaped data center strategy, and sustained daily IT workflows. For many organizations, VMware felt less like a platform choice and more like an operational cornerstone: load-bearing, familiar, and assumed. Then the landscape began to shift. Few developments have loomed larger over the IT industry recently than the reshaping of VMware’s commercial model.

Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

Note: This blog is a recap of 1Password’s recent webinar, “The unmanaged stack: Governing SaaS apps and AI tools outside SSO.” Head here to watch the complete webinar recording.

Cosine similarity is pure math. No magic. No understanding. Once you accept that, a lot of the confusion goes away. We talk to a lot of customers, and even seasoned engineers, who treat cosine similarity like magic that solves everything. Engineers talk about embeddings like they are definitive. Product teams trust similarity scores like they are facts. Vendors sell “semantic understanding” like the model actually understands. Truth is, it does not.

False positives can disrupt inbound email security as much as missed threats by slowing business workflows and eroding trust in security controls. As phishing attacks become more convincing, many systems respond by tightening filtering thresholds. But without enough context, this can lead to overblocking, where everyday business communication is misclassified as suspicious. Reducing false positives requires more than adjusting filters.

If AI agents are becoming organizational actors, then governance needs to move beyond principles and into operational structure. In Camille Stewart Gloster’s upcoming book The Insider You Build, she explains that governance is not defined by policies or structures, but by whether it can actually influence system behavior at runtime. In an agentic environment, governance only exists where it can shape, constrain, and intervene in decisions as they happen.