Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The OWASP Top 10 is usually presented as a list of technical failures. Broken access control. Injection. Insecure design. Misconfiguration. Each category points to something that went wrong in the application. What it doesn’t say explicitly is what was actually at risk when it went wrong. In most real incidents, the answer is not “the application.” It’s the data inside it. Sensitive data is the reason attackers care about OWASP failures in the first place. Credentials.

Automotive engineering teams are being asked to deliver faster, with less tolerance for failure. Software-defined vehicle programmes, secure OTA rollouts, zonal and service-oriented architectures, and continuous feature delivery are now baseline expectations. In parallel, regulatory pressure is increasing — from WP.29 (R155/R156), ISO/SAE 21434, and the forthcoming EU Cyber Resilience Act — tightening requirements around software integrity, traceability, and lifecycle governance.

In AI-powered security, advantage comes not from automation alone, but from clear insight into how decisions are made. At Arctic Wolf, home to one of the world’s largest commercial security operations centers (SOC), we process over 10 trillion security events weekly. Rather than chasing automation for its own sake, we build AI that scales human expertise – preserving judgment where it matters most. But what is the optimal combination of humans and machines for security operations?

Gartner frames the AI SOC landscape as a dichotomy: providers pursuing full SOC replacement versus those building AI products to augment existing staff. Of these two approaches, only augmentation aligns with real-world security operations. It helps analysts triage alerts, investigate faster, enrich context, and summarize incidents with better consistency, all while keeping humans in the loop, even if their day-to-day efforts change.

WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations. Father Mike Schmitz, a priest who hosts a podcast with over a million followers, warned his listeners in November that AI-generated deepfakes were using his likeness to fraudulently solicit donations. WIRED found that several of these fake accounts are still active on TikTok, and they appear when a TikTok user searches for Father Schmitz.

Nowadays, it’s not uncommon for enterprise IT leaders to find themselves in a situation that seems like a catch-22. On one hand, they’re expected to make data-driven decisions that improve productivity and profitability in a business. On the other, they’re preoccupied with their core responsibilities such as protecting critical systems, maintaining network security, and accelerating investigations when a security event occurs. Traditional tooling won’t keep up with modern systems.

MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) is a globally recognized AI security framework that catalogs adversarial techniques targeting artificial intelligence systems. Similar in structure to MITRE ATT&CK but purpose-built for AI, machine learning, and agentic systems, ATLAS translates abstract AI risks into concrete, actionable attack techniques that security teams can monitor and mitigate.