One of the primary reasons that the Bitsight Security Rating is widely respected and closely correlated with real-world security outcomes is the scale and sophistication of our asset attribution capabilities. In a recent post, my colleague Francisco Ferreira shared an update on the momentum building with Bitsight Graph of Internet Assets (GIA), the AI-powered engine we use to map assets to organizations and build our Ratings Trees.

A password generator is an online tool that automatically creates strong, random passwords at the click of a button. To create unique passwords, a password generator combines a variety of uppercase and lowercase letters, numbers and symbols. Password generators dramatically ease the process of creating strong passwords by automatically producing random, lengthy ones – two qualities that make passwords more challenging for cybercriminals to crack.

As businesses increasingly adopt Generative AI (Gen AI) to enhance operations, customer engagement, and innovation, the need for robust AI guardrails has never been more critical. While Gen AI offers transformative potential, it also introduces significant risks that can jeopardize your business if not properly managed. Below, we explore five critical risks associated with Gen AI and provide strategies to avoid them.

Over the past year, BlueVoyant’s cyber threat analysts have identified a significant rise in third-party phishing tactics, most notably with a campaign impersonating the Zelle digital payment service. By mimicking a well-known payment site like Zelle, threat actors can evade detection more effectively while collecting credentials and personally identifiable information (PII) from online users of hundreds of financial institutions.

AI guardrails are vital for ensuring the safe and responsible use of AI/large language models (LLMs). However, focusing solely on single prompt-level checks can leave organizations vulnerable to sophisticated threats. Many company policy violations and security risks can be cleverly split across multiple, seemingly innocent queries. To effectively protect against these threats, a more comprehensive approach is needed — session-level monitoring.

On September 11, 2024, GitLab released patches for a critical vulnerability affecting various versions of GitLab CE/EE, identified as CVE-2024-6678. This flaw allows a remote attacker to trigger a pipeline as an arbitrary user under specific conditions. A GitLab pipeline is a collection of automated processes that run in stages to build, test, and deploy code.