Today we're releasing the 1Password Device Trust MCP Server, an open-source server that connects your Device Trust data directly to the AI tools your team already uses, like Claude or ChatGPT. It's available now for all customers on Device Trust Connect.

AI usage is invisible to most security tools. Network monitoring sees HTTPS traffic. Endpoint detection sees browser activity. CASB platforms see cloud application access. None of them sees what employees type into AI prompts or upload to AI services through web forms. This invisibility creates a problem. Organizations can’t prove they didn’t expose customer data through AI because they can’t see the data that employees shared.

The Essential Eight identifies the most critical cybersecurity risk mitigation controls, providing a set of minimum baseline strategies. As organizations work to mature the security posture, the Essential Eight maturity model offers some options that they can use. However, for organizations that need to implement a more comprehensive security program, the Australian Signals Directorate (ASD) published the Information Security Manual (ISM).

It's 9:47 AM on a Tuesday. A Slack message from legal lands in the security channel: "Did anyone approve the marketing team's new AI vendor? They're feeding customer data into it." Nobody approved it. The vendor's terms say they can use input data for model training, and the contract was signed three weeks ago. That moment, some version of which plays out at most organizations now, is what makes AI governance an operational priority rather than a compliance exercise.

The security landscape has fundamentally changed, and many organizations haven’t caught up. If you’re still relying on quarterly scans, annual penetration tests, or spreadsheet-based vulnerability tracking to manage risks within your applications, you’re not managing risk. You’re documenting it after the fact.

Enabling seamless user access without compromising security is a complex challenge. Gaurav Sheth, Cynthia Yang and Sorabh Chopra are helping to change that. As part of Kroll’s recently established team dedicated to Digital Identity, their focus is on transforming fragmented administration, manual processes and siloed identity solutions into mature programs.

Networking teams have invested heavily in automation to help them manage increasing workloads and reduce manual tasks. Yet many still face the same issues, like outages, stalled operations, and managing growing incident volume. This problem isn’t a lack of automation: it’s what happens after automation runs. Automation is useful for individual tasks, but it can’t handle the complexity of real-world networking processes, which demand coordination across teams, environments, and tools.