At the AI Agent Security Summit in San Francisco, some of the brightest minds in AI security and top industry leaders gathered to tackle one of the most challenging problems in tech nowadays - how do we secure super smart systems that change at runtime and are designed to think, adapt, and compete? As someone who spends every day turning AI security challenges into tangible solutions, I left the summit both inspired by the innovation on display and concerned by the magnitude of what’s still ahead.

When an auditor walks through your door, they aren't looking for a list of vulnerabilities; they're looking for proof that your Third-Party Cyber Risk Management (TPCRM) program is consistent, defensible, and robust. Internal and external auditors evaluate the Vendor Risk Management process by testing evidence, but they do so with different goals.

Endpoint detection and response (EDR) tools, and the analysts using them, have become incredibly effective. They have become so good, in fact, that we're now seeing a clear shift in adversary behavior: attackers are being pushed off the endpoint and onto places where EDR cannot run. This isn't just a theory. As I was writing a separate blog about a recent Cisco exploit which spurred an immediate CISA emergency directive, news dropped about another major network edge vendor, F5.

You've been here before. The vendor risk assessment is complete, the report is generated, and it lands on a stakeholder's desk. And yet, this comprehensive, detailed document, which provides vital information on a vendor's security posture, goes nowhere. The handoff lands in limbo.

As we near the end of Cybersecurity Awareness Month, a quick reminder that digital threats aren’t just a concern for Fortune 500 companies. Small and medium-sized businesses (SMB’s) face mounting cyber risks, yet many lack the resources or expertise to defend against increasingly sophisticated attacks. The reality? Cybercriminals target SMBs precisely because they assume you’re unprepared.

This article has been authored by Cynthia Yang and Sorabh Chopra. As cyber threats evolve, traditional credential management falls short. A mature identity and access management (IAM) framework is essential to secure digital identities and reduce risk.

Last Tuesday, October 21st, OpenAI released ChatGPT Atlas, an AI-powered browser that allows users to interact with ChatGPT directly from any browser tab. Throughout last week, the Cyberhaven Labs team tracked its adoption in corporate environments and actively investigated its security vulnerabilities.

TLDR: Excessive Data Exposure (leaking internal data via API responses) is the silent, pervasive threat that is more dangerous than single dramatic flaws like SQL Injection. It amplifies every other API vulnerability (like BOLA) and happens everywhere because developers prioritize speed over explicit data filtering. Fixing it means systematically checking hundreds of endpoints for unneeded PII and sensitive internal data.

Securing what comes into your Kubernetes cluster often gets top billing. But what leaves your cluster, outbound or egress traffic, can be just as risky. A single compromised pod can exfiltrate data, connect to malicious servers, or propagate threats across your network. Without proper egress controls, workloads can reach untrusted destinations, creating serious security and compliance risks.