AI tools are moving faster than the security controls meant to govern them.In this episode of Defender Fridays, Cisco's Cybersecurity Technical Solutions Architect Katherine McNamara walks through changes in the threat landscape as organizations rush to integrate AI without applying basic security discipline. When Katherine meets with customers to discuss AI security, the conversation almost always starts and ends in the same place: data leakage. Someone might upload sensitive files to a public LLM.

A newly disclosed privilege-escalation flaw in Microsoft Active Directory Domain Services (AD DS) is a timely reminder that identity infrastructure continues to be one of the most consequential attack surfaces in any enterprise. CVE-2026-25177, rated HIGH with a CVSS score of 8.8, allows an authenticated domain user to escalate their privileges over the network without any elevated starting point or user interaction.

It usually starts the same way. The CISO comes back from a board meeting having signed off on agentic AI for production. The SOC lead is told, in roughly that many words, to build detection for the agents. And the security stack she has — CNAPP for posture, EDR on the nodes, container runtime sensors, a SIEM ingesting everything — was architected before AI agents existed as a workload class.

Modern security environments generate enormous volumes of telemetry. Authentication events from identity platforms, API activity from cloud services, endpoint security logs, email interactions, and network traffic can all flow into centralized systems. For most organizations, the challenge is no longer data collection. The real problem is extracting meaningful insight from that data without overwhelming analysts or introducing operational friction.

DDI Central version 6.1 introduced significant enhancements to the IPAM section, bringing a segmented view for sites, clusters, and supernets, along with multiple display options: table, tree, and card views. The release also added trusted feed configurations, root hint templates, and unmapped subnet monitoring, giving network admins greater flexibility and control over their DNS and DHCP resources.

Today we're releasing the 1Password Device Trust MCP Server, an open-source server that connects your Device Trust data directly to the AI tools your team already uses, like Claude or ChatGPT. It's available now for all customers on Device Trust Connect.