Technology

An AI Agent Didn't Hack McKinsey. Its Exposed APIs Did.

Mar 13, 2026 By Roey Eliyahu In Salt Security

This week’s McKinsey incident should be a wake-up call for every enterprise moving fast to deploy AI. Not because AI itself is inherently insecure. But because too many organizations are still thinking about AI security at the model layer, while the real enterprise risk sits in the action layer: the APIs, MCP servers, internal services, and shadow integrations that AI agents can reach, invoke, and manipulate. That is the part most companies still do not see.

Read Post

Salt Security

Read more about An AI Agent Didn't Hack McKinsey. Its Exposed APIs Did.

Why Soft Guardrails Get Us Hacked: The Case for Hard Boundaries in Agentic AI

Mar 13, 2026 By Chris Hughes In Zenity

One recurring theme in my research and writing on agentic AI security has been the distinction between soft guardrails and hard boundaries. As someone who serves on the Distinguished Review Board for the OWASP Agentic Top 10, and who spends every day thinking about how to secure agents across enterprise environments at Zenity, this distinction is not academic. It is potentially the single most important conceptual framework practitioners need to internalize right now.

Read Post

Zenity

Read more about Why Soft Guardrails Get Us Hacked: The Case for Hard Boundaries in Agentic AI

How Governments Use AI Safely | AI Governance Explained

Mar 13, 2026 By Protecto In Protecto

How are governments using AI while protecting citizens’ data and privacy? In this episode of AI on the Edge, Ciara Maerowitz, Chief Privacy Officer for the City of Phoenix, explains how cities implement AI governance, manage bias, ensure transparency, and assess AI risks. Learn how responsible AI frameworks, policies, and risk management help governments safely adopt artificial intelligence.

View Video

Protecto

Read more about How Governments Use AI Safely | AI Governance Explained

FedRAMP. AI. Player 3 Has Entered the Game.

Mar 13, 2026 By George Chamales In Teleport

Across the Webex link is the 3PAO team sent to pass judgment on your adherence with FedRAMP 20x. Like all auditors, they're diligent, professional, and particularly unnerving when they’re trying to be disarming. It’s the first interview where you explain what the product does.

Read Post

Teleport

Read more about FedRAMP. AI. Player 3 Has Entered the Game.

How Artificial Intelligence (AI) Can Increase Threat Detection and Response

Mar 13, 2026 By Arctic Wolf In Arctic Wolf

Security leaders are being squeezed from both sides. On one side, threat actors are scaling operations with AI automation, using it to craft more convincing social engineering attacks, accelerating reconnaissance, and improving lateral movement. On the other side, defenders are drowning in telemetry, suffering under staffing constraints, and facing the harsh reality that threat actors don’t keep business hours.

Read Post

Arctic Wolf

Read more about How Artificial Intelligence (AI) Can Increase Threat Detection and Response

AppSec in the age of AI: An RSA Conference preview

Mar 13, 2026 By Wallarm In Wallarm

Application security is at a breaking point as development teams move faster than ever, aided by AI-powered coding assistants. While these tools boost productivity, they also introduce subtle errors and insecure patterns at scale. The result: a growing backlog of vulnerabilities that outpaces traditional AppSec models. This webcast examines the risks and opportunities of AI in AppSec and who will be addressing it at RSA Conference. We’ll explore how defenders can use AI to level the playing field with automated scanning, intelligent prioritization, and secure-by-design practices.

View Video

Wallarm

Read more about AppSec in the age of AI: An RSA Conference preview

Post-Quantum, Deepfakes & Agile SASE: Cloudflare One's Biggest Week

Mar 13, 2026 By Cloudflare In Cloudflare

In this episode of This Week in NET, host João Tomé is joined by Warnessa Weaver (Senior Product Manager) and Yumna Moazzam (Senior Product Marketing Manager) to break down Cloudflare’s SASE blog takeover week and what it means for enterprise security.

View Video

Cloudflare

Read more about Post-Quantum, Deepfakes & Agile SASE: Cloudflare One's Biggest Week

What Data Is Required for EU AI Act Compliance

Mar 12, 2026 By Kovrr In Kovrr

The EU AI Act places significant emphasis on documentation because regulatory oversight depends on an organization's ability to demonstrate how its AI systems operate and how associated risks are managed. Compliance is not determined solely by how an AI system performs, but by whether the organization can provide evidence that appropriate governance, risk controls, and oversight mechanisms are in place throughout the system lifecycle.

Read Post

Kovrr

Read more about What Data Is Required for EU AI Act Compliance

LLM Data Leakage Prevention: 10 Best Practices

Mar 12, 2026 By Ashish Kamathi In Protecto

Forget the breach notification email. Forget the security audit trail. A fintech user opened their chatbot last year, saw someone else’s account details staring back at them, and filed a support ticket. That’s how the team found out their LLM had been leaking customer PII for weeks. LLM data security isn’t a checkbox. It’s an architecture decision. Make it before the first model call, not after the first breach. Most teams get one expensive lesson before they understand that.

Read Post

Protecto

Read more about LLM Data Leakage Prevention: 10 Best Practices

Agentic AI & Hyperautomation: Your SOC Guide for 2026

Mar 12, 2026 By Torq In Torq

According to the SACR 2025 AI SOC Market Landscape report, 40% of security alerts go uninvestigated. The average alert investigation takes 70 minutes. Meanwhile, attackers achieve breakout in under 48 hours. That math doesn’t work in anyone’s favor — except the adversary’s.

Read Post