Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Measuring AI-Enabled Success: 3 KPIs Leaders Should Track

AI represents a fundamental shift in how organizations work and innovate. It demands an equally fundamental shift in how technology leaders approach governance. Forward-looking leaders are moving beyond traditional gatekeeping by creating "paved roads": secure, pre-approved pathways that embed security controls, automated data protections, and real-time monitoring directly into AI workflows so teams can innovate rapidly within safe boundaries.

RAG vs Agentic AI: What's the Difference and Why Does It Matter for Security?

Security architects who understood the large language model (LLM) risk two years ago are now confronting a more complex problem. The enterprise AI stack has split into two distinct architectural patterns, retrieval-augmented generation (RAG) and agentic AI, and the security posture required for each is fundamentally different. Conflating them is how programs end up with coverage gaps.

GenAI security management: Governing apps, agents and MCP servers through central policy

Author: Alexander Ivanyuk, Senior Director, Technology Generative AI in business is no longer just one chatbot in one browser tab. In many environments, it is already a mix of web-based AI apps, built-in assistants inside larger platforms, internal agents created for specific workflows and model context protocol (MCP)-connected tools that let AI reach documents, services and business systems beyond the model itself. That changes the conversation completely.

Common vulnerabilities in AI-developed applications

AI-assisted development tools are changing how software is built. From code generation and automated testing to rapid prototyping and full-stack application scaffolding, Large Language Models (LLMs) are increasingly being used to accelerate software delivery across startups, SaaS providers, and engineering teams. In many cases, these tools are delivering genuine operational value.

CISA's GitHub Leak Is a Preview of the MCP Security Problem Every CISO Is About to Inherit

America's cybersecurity agency left its production credentials sitting in a public GitHub repo for six months. The same failure pattern is now being automated by AI agents in every enterprise running Cursor, Claude Desktop, or Copilot.

Build Custom, High-Impact Training with KnowBe4's Content Creation Agent

In the world of security awareness training, a comprehensive library of relevant and engaging content is a necessity. But even the best training can feel limited when you need to talk about your specific VPN rules, a policy that changed this morning, or a novel threat uniquely targeting your industry today. When you need exactly the right training at the right time customized to your organization, what do you do?

Snyk announces Anthropic updates: Evo integrates with Claude Enterprise, and Snyk Desk comes to Claude Desktop

Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.

Episode 15 - The Right Eyes: Mythos, and the Future of Vulnerability Discovery

The emergence of advanced large language models like Anthropic's Mythos represents an epochal shift in cybersecurity, fundamentally altering how zero-day vulnerabilities are surfaced and remediated. In this episode, host Richard Bejtlich sits down with Corelight Co-founder Greg Bell to analyze the security implications of this AI-driven bug explosion, highlighting recent AI-assisted vulnerability discoveries across infrastructure mainstays like FreeBSD and Firefox.

Beyond the AI Hype with Netskope: Why Governance is the Bedrock of AI & Cloud Integration at Embecta

Modern enterprise solutions—ranging from cloud data and power platforms to agentic AI and API connections—require rigorous oversight. Every platform integration must be evaluated through the lenses of risk, data compliance, and privacy to ensure secure operations. Netskope provides the necessary visibility and control for all data paths, including APIs and cloud-based AI platforms, helping Embecta enforce the data compliance and privacy standards required when integrating disparate applications.

Before you replace your SIEM: AI-driven security requires operational context, not just centralized data

Artificial intelligence is rapidly reshaping how security operations centers (SOCs) function. Many organizations are now evaluating AI-native architectures to reduce workload and accelerate investigations. A new architectural narrative is emerging. A growing set of AI-native security vendors are proposing centralizing telemetry in a warehouse and deploying AI agents to replace the operational role of the SIEM. They want to centralize telemetry, apply AI, and automate the SOC.