Technology

RSA and DC Dispatches: Agentic AI Security Is the Story, Government Policy Needs to Catch Up

Apr 1, 2026 By Taylor Roberts In Zenity

Fresh off two weeks of back-to-back meetings in Washington, DC, and on the floor/in the wings of the RSA Conference, one theme echoed through nearly every conversation I had with senior government officials and public policy leaders from global technology companies: agentic AI security is the defining emerging security challenge of this moment — and policy is not keeping pace.

Read Post

Zenity

Read more about RSA and DC Dispatches: Agentic AI Security Is the Story, Government Policy Needs to Catch Up

Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver

Apr 1, 2026 By Rory Malone In Cloudflare

Exactly 8 years ago today, we launched the 1.1.1.1 public DNS resolver, with the intention to build the world’s fastest resolver — and the most private one. We knew that trust is everything for a service that handles the "phonebook of the Internet." That’s why, at launch, we made a unique commitment to publicly confirm that we are doing what we said we would do with personal data.

Read Post

Cloudflare

Read more about Our ongoing commitment to privacy for the 1.1.1.1 public DNS resolver

What is an AI-BOM? Why Static Manifests Fall Short

Apr 1, 2026 By Shauli Rozen In ARMO

Your AI-BOM shows every model, tool, and data source you deployed. But when your SOC investigates an alert about unusual agent behavior, that inventory tells them nothing about what actually happened at runtime. Static AI-BOMs document what you intended to run. Attackers exploit what your AI workloads actually do in production: which APIs they call, what data they touch, and how they use approved tools in unapproved ways.

Read Post

ARMO

Read more about What is an AI-BOM? Why Static Manifests Fall Short

Detecting Rogue AI Agents: Tool Misuse and API Abuse at Runtime

Apr 1, 2026 By Yossi Ben Naim In ARMO

When your CNAPP flags a suspicious dependency in an AI agent container, your WAF logs an unusual API spike, and your SIEM shows a burst of cloud storage calls—are those three separate incidents or one rogue agent attack? Most security teams treat them as three tickets in three queues, investigated by three people who may never connect the dots. By the time someone pieces together that a single compromised agent drove all three signals, the attacker has already moved laterally and exfiltrated data.

Read Post

ARMO

Read more about Detecting Rogue AI Agents: Tool Misuse and API Abuse at Runtime

Why This AWS Move Matters

Apr 1, 2026 By Jeff Fink In Securonix

Over the past year, I have spent a lot of time with security leaders who are trying to navigate the same tension. They know their operations need to move faster. They know the volume, speed, and complexity of what lands in the SOC are not going to ease up. But they are also trying to make smart decisions in environments where trust matters, governance matters, and the cost of getting it wrong is real.

Read Post

Securonix

Read more about Why This AWS Move Matters

Why Affordable Web Hosting Providers Are Enhancing Built-In Security Features

Apr 1, 2026 By SecuritySenses In SecuritySenses

Affordable web hosting used to mean basic service. The assumption was straightforward. Paying less meant fewer protections and more site security responsibilities. That view is growing inaccurate. Even cheap hosting companies realize that tiny websites, startups, bloggers, and rising online retailers need protection.

Read Post

SecuritySenses

Read more about Why Affordable Web Hosting Providers Are Enhancing Built-In Security Features

Sovereign Cloud vs Public Cloud: A Side-by-Side Technical Comparison

Apr 1, 2026 By SecuritySenses In SecuritySenses

Cloud adoption is no longer a binary decision. Most enterprises already use public cloud in some form. The real question in 2026 is whether that model satisfies growing requirements around data residency, regulatory compliance, and jurisdictional control. Sovereign cloud has emerged as a response to those pressures. It is designed to ensure that data, infrastructure, and operational control remain within a defined legal boundary. For organizations operating in regulated industries or across multiple jurisdictions, that distinction has become critical.

Read Post

SecuritySenses

Read more about Sovereign Cloud vs Public Cloud: A Side-by-Side Technical Comparison

The UK's Cyber Action Plan marks the end of compliance-led security

Mar 31, 2026 By Dan Jones, Senior Security Advisor EMEA In Tanium

The UK government's new £210 million Cyber Action Plan signals an important shift in how cyber risk is being addressed at a national level. Designed to strengthen cyber defences across government departments and the wider public sector, the plan establishes a new Cyber Unit and introduces stronger expectations around resilience, accountability and operational capability.

Read Post

Tanium

Read more about The UK's Cyber Action Plan marks the end of compliance-led security

Behavioral Analysis in Cloud Workload Protection: Why Runtime Detection Is Now Mandatory

Mar 31, 2026 By Fidelis Security In Fidelis Security

Cloud environments don’t follow the same rules traditional data centers did. Workloads spin up in seconds, containers live and die within a single request cycle, serverless functions execute without a persistent footprint, and infrastructure scales faster than any manual security process can track. The security problem this creates isn’t just about scale. It’s about visibility.

Read Post

Fidelis Security

Read more about Behavioral Analysis in Cloud Workload Protection: Why Runtime Detection Is Now Mandatory

Claude Code source exposure: What enterprises should do next

Mar 31, 2026 By Tanium In Tanium

Source code for Claude Code, Anthropic’s developer facing CLI tool, was exposed through source maps included in a published npm package under Anthropic’s npm namespace. The exposure revealed approximately 500,000 lines of application code across roughly 1,900 files.

Read Post