Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Connecting to an application should be as simple as knowing its name. Yet, many security models still force us to rely on brittle, ever-changing IP addresses. And we heard from many of you that managing those ever-changing IP lists was a constant struggle. Today, we’re taking a major step toward making that a relic of the past.

GenAI adoption is exploding across organizations, transforming how work gets done and where data moves. CrowdStrike is announcing four new innovations in CrowdStrike Falcon Data Protection to empower organizations to embrace GenAI tools while securing data across endpoints, cloud, GenAI, and SaaS environments.

Artificial intelligence (AI) has come a long way over the past six decades. From simple chatbots in the 1960s to today’s sophisticated large language models (LLMs), mimicking human behavior has always been one of AI’s most intriguing applications. At present, though, AI cannot plan or make decisions as humans do. If it could, the ethical implications of AI would suddenly become much more complex. That’s where agentic AI comes in.

AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA. In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.

As AI transforms software development, AppSec teams face new complexities. For instance, the lack of visibility into where AI is being used and the reality that AI-generated code is often highly vulnerable make it nearly impossible to prioritize remediation and effectively scale security programs. To succeed, AppSec teams have to evolve from task managers to strategic governance enforcers.

Company overview: Labelbox is the leading data factory for delivering high-quality, frontier data to top AI labs and enterprise AI teams.

Across financial services operations, machine identities play critical roles, but in many organizations, these cryptographic keys, API tokens, certificates, and service accounts remain chronically under-governed. What’s more, machine identities outnumber human identities by staggering margins, creating a massive, often unseen, unsecured attack surface—one that’s only further compounded by the rise of artificial intelligence (AI).

What if we told you that our newly released API Scanner has 922 quintillion payloads for a single type of vulnerability test? A quintillion is a billion billion – an immense number that highlights the limitations of traditional API security testing. Old methods like relying on signatures, vulnerability-specific payloads, or a fixed set of fuzzing inputs just aren’t enough anymore, especially when dealing with custom-built software and unique API endpoints.

Think of how painful it would be to spend a few weeks creating a mobile app to watch users abandon it because of a faulty update or chronic feature rollout. Your coders are fed up. Your QA team is flooded. And with every release, it is a tightrope walk with the blindfold on. That is the sad state of mobile app development without CI/CD. But here is what you can imagine: whenever your team pushes code, a test, a build, and a deploy happen automatically. No eleventh-hour rush. No delays.