Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

OpenAI HIPAA BAA: What It Actually Covers (And What Leaves PHI Exposed)

OpenAI now offers a Business Associate Agreement. For healthcare organizations and health-tech teams racing to deploy AI, that single sentence felt like permission to move fast. But here’s the harder truth: a HIPAA BAA is a legal document, not a technical control. And the gap between what OpenAI’s BAA promises and what it protects is where patient data quietly slips through.

Common vulnerabilities in AI-developed applications

AI-assisted development tools are changing how software is built. From code generation and automated testing to rapid prototyping and full-stack application scaffolding, Large Language Models (LLMs) are increasingly being used to accelerate software delivery across startups, SaaS providers, and engineering teams. In many cases, these tools are delivering genuine operational value.

CISA's GitHub Leak Is a Preview of the MCP Security Problem Every CISO Is About to Inherit

America's cybersecurity agency left its production credentials sitting in a public GitHub repo for six months. The same failure pattern is now being automated by AI agents in every enterprise running Cursor, Claude Desktop, or Copilot.

Build Custom, High-Impact Training with KnowBe4's Content Creation Agent

In the world of security awareness training, a comprehensive library of relevant and engaging content is a necessity. But even the best training can feel limited when you need to talk about your specific VPN rules, a policy that changed this morning, or a novel threat uniquely targeting your industry today. When you need exactly the right training at the right time customized to your organization, what do you do?

Snyk announces Anthropic updates: Evo integrates with Claude Enterprise, and Snyk Desk comes to Claude Desktop

Today, we're announcing two new integrations with Anthropic that cover both sides of AI-assisted development. Evo by Snyk now integrates with Anthropic's Claude Enterprise, giving security and compliance teams a complete inventory of their Claude environment models, approved MCP servers, per model risk signals, and tool-level permissions in the platform they already use to govern the rest of the stack.

Episode 15 - The Right Eyes: Mythos, and the Future of Vulnerability Discovery

The emergence of advanced large language models like Anthropic's Mythos represents an epochal shift in cybersecurity, fundamentally altering how zero-day vulnerabilities are surfaced and remediated. In this episode, host Richard Bejtlich sits down with Corelight Co-founder Greg Bell to analyze the security implications of this AI-driven bug explosion, highlighting recent AI-assisted vulnerability discoveries across infrastructure mainstays like FreeBSD and Firefox.

Beyond the AI Hype with Netskope: Why Governance is the Bedrock of AI & Cloud Integration at Embecta

Modern enterprise solutions—ranging from cloud data and power platforms to agentic AI and API connections—require rigorous oversight. Every platform integration must be evaluated through the lenses of risk, data compliance, and privacy to ensure secure operations. Netskope provides the necessary visibility and control for all data paths, including APIs and cloud-based AI platforms, helping Embecta enforce the data compliance and privacy standards required when integrating disparate applications.

Before you replace your SIEM: AI-driven security requires operational context, not just centralized data

Artificial intelligence is rapidly reshaping how security operations centers (SOCs) function. Many organizations are now evaluating AI-native architectures to reduce workload and accelerate investigations. A new architectural narrative is emerging. A growing set of AI-native security vendors are proposing centralizing telemetry in a warehouse and deploying AI agents to replace the operational role of the SIEM. They want to centralize telemetry, apply AI, and automate the SOC.

Best SaaS AI SEO Companies in the United Kingdom for Technical SEO at Scale

Technical SEO for SaaS is not the same discipline as technical SEO for e-commerce or media. SaaS marketing sites are frequently built on JavaScript frameworks - React, Vue.js, Next.js - that create rendering challenges traditional crawlers struggle with. Product documentation hubs generate thousands of dynamically created pages that require careful indexability management. App login portals must be correctly blocked from crawling without inadvertently blocking adjacent marketing content.

Predictive Indicators Every CX Leader Should Watch

Customer experience teams are under pressure to spot problems before they become visible in missed service levels, customer complaints or rising costs. Predictive indicators help leaders move beyond reporting what has already happened and start identifying where demand, performance or customer sentiment may shift next. For contact centres, the most useful signals are those that connect customer behaviour, operational capacity and team performance in a way that supports faster, better-informed decisions.