Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing Shadow AI: 6 Principles from Security Leaders Who've Been There

Everyone's racing to use AI right now. But securing AI adoption while maintaining productivity—getting visibility into shadow AI, educating employees without blocking innovation, and building governance that actually works—is harder than it looks. We recently hosted a discussion between Anant Mahajan, Head of Product at Nightfall, and Yunique Demann, VP of Information Security at TPx, to dig into the practical realities of AI governance.

How AI Contract Solutions Reduce Risk and Cost

With how businesses operate nowadays, managing contracts is a vital aspect of company operations. Minor errors can cost you a lot of money and land you in legal trouble. Artificial intelligence provides a unique approach to enhancing contract management, reducing risk exposure, and reducing compliance costs.

Optimizing the SOC: Leveraging AI and automation for modern threats

The Security Operations Center (SOC) is the nerve center of an organization's defenses, but its efficiency and effectiveness are often limited by the growing volume and complexity of threats. By leveraging AI-driven threat detection and automated incident response, security leaders can optimize their SOC to respond faster and smarter. For CISOs, this means not only protecting the organization from current threats but also future-proofing defenses against an increasingly sophisticated threat landscape.

Nx npm Malware Explained: AI Agent Hijacking

Nx npm malware (Aug 2025): attackers published malicious Nx packages that weaponized AI coding agents (Claude Code, Gemini CLI, Amazon Q) via a postinstall script to inventory sensitive files and exfiltrate sensitive data to public GitHub repos named “s1ngularity-repository-*.” We break down what happened, affected versions, and how to check + respond (rotate credentials, hunt IoCs, and more). Resources.

7 Cybersecurity Concerns Related to The MCP Protocol

Everyone’s trying to make AI agents do useful things. That’s why the Model Context Protocol (MCP) is gaining momentum with teams operationalizing LLMs across their infrastructure and tooling. Backed by teams like OpenAI and Google, MCP gives a consistent, standardized way to connect LLMs with the rest of your stack. In other words, the MCP Protocol makes connecting AI tools with real business data and workflows easier using structured access instead of janky UI hacks and glued-on custom code.

Fireside Chat | Adapting Security Leadership for the Age of AI

Erika Carrara, VP & Chief Information Security & Infrastructure Officer at The Greenbrier Companies, shares how she’s adapting her security strategy to meet the demands of the AI era by modernising her tech stack, implementing AI governance, and embedding security into business culture. Interested in finding out more about UpGuard?