Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Safe agentic commerce starts with KYA and dynamic IDV

Product, fraud, and trust and safety teams at online merchants and marketplaces have been fighting bots for a long time. While there were occasional disagreements about how “bad” bots were (a purchase is a purchase, some might say), the general consensus often ranged from suspicious to block them all. But not anymore. As AI-powered browsers and agents become more commonplace, online merchants have to prepare for a world where agentic commerce is a standard sales channel.

Why CVEs Alone Don't Explain Risk | Ed Amoroso & Garrett Hamilton on Actionable Security

Vulnerability data isn’t the starting point. Context is. Ed Amoroso and Garrett Hamilton unpack why CVEs on their own don’t explain risk. What matters first: ⇢ What assets actually exist⇢ How controls are deployed and configured⇢ What the live posture looks like, not last month’s report With that context in place, vulnerabilities stop being noise and start becoming decisions. Garrett also makes a critical point near the end: many security tools are excellent at producing findings, but far less effective at helping teams resolve them.

The Strengths and Shortcomings of AI Control Tower

This is why platforms like ServiceNow AI Control Tower are showing up in governance roadmaps. Control Tower helps organizations standardize how AI systems are requested, reviewed, cataloged, and managed across their lifecycle. It can bring order to chaos. But there’s a second, equally important reality: the strongest governance workflow in the world can’t govern what it can’t see.

Data Privacy: How Organizations Protect the Workplace From AI Threats

Data privacy in the workplace is not just compliance. It is how an organization protects employees, builds trust, and reduces business risk. Employees handle most workplace data, which makes them a major target for AI-powered threats like deepfakes and business email compromise (BEC). The best way to protect data is a mix of practical employee habits, realistic training, and strong controls like least privilege access, MFA, monitoring, and email authentication.