Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secure AI for the real world

AI makes building look easy. That’s the trap. Without a secure, well-designed foundation, workflows break, costs spike, and systems grow fragile. CTOs and CISOs from leading organizations discuss what breaks without a secure foundation, and how to build AI systems that hold up at scale. This session goes deep on the real-world tradeoffs between speed, risk, and trust.

What Is AI Asset Discovery (And Why It Matters for AI Governance)

Enterprise artificial intelligence adoption is scaling at a pace that manual inventory methods simply cannot match. This rapid proliferation has created a severe visibility chasm for security and risk teams: it is fundamentally impossible to govern, secure, or quantify what you do not know exists. ‍ To bridge this gap, organizations are shifting away from point-in-time compliance audits and adopting continuous discovery.

We just crossed the point of no return with AI #aisingularity #cybersecurity

AI is moving so fast that even security professionals feel they are staring over an event horizon without knowing what comes next. Public information alone is already unsettling, and the fear grows when you consider what is happening beyond open sources, from hidden capabilities to post quantum risk no one has fully mapped yet.

Your AI Agent Needs to Know Who You Are

When your AI agent calls an MCP tool, that tool has no idea who actually triggered the request. It sees the agent, not you. This post explains why that matters and how to fix it with Teleport JWTs. In part two of this post, we will explain how to extend this to AWS to carry your identity through Amazon Bedrock AgentCore all the way into CloudTrail.

Automate Vulnerability Triage with Seemplicity AI Analysts | Demo Video

Stop manual investigation and scale your security operations. In this demo video, discover how Seemplicity’s AI Analysts automate vulnerability triage by investigating exploitability directly within your remediation workflow. Manual triage doesn't scale for large organizations. Seemplicity delivers dedicated AI experts for code, dependency, and infrastructure/host vulnerabilities to move the needle for security professionals.

Why Uniform Governance Fails with Enterprise AI Agents (And How to Fix It)

As organizations aggressively shift from static Large Language Model (LLM) chatbots to fully dynamic, autonomous AI agents (e.g. systems designed to plan workflows, call APIs, write runtime code, and modify enterprise databases), traditional compliance and governance frameworks are hitting a breaking point. A landmark press release from Gartner highlights a critical systemic risk: treating AI agent governance as a monolithic, one-size-fits-all policy guarantees project failure.

How JFrog and NanoClaw are Bringing Software Supply Chain Security to the Age of Autonomous AI

There’s a category of security risk that most organizations aren’t ready for. It doesn’t live in your code repository, your CI pipeline, or your developer laptops. It lives in your runtime, in the autonomous AI agents already running in your environment, extending their own capabilities, and making decisions that no human explicitly approved. This is the challenge JFrog set out to address with our integration with NanoCo AI and their open-source agent framework, NanoClaw.

6 Key Elements of a Responsible AI Usage Policy

Recently, I had the pleasure of presenting an AI governance-focused webinar with my colleague Neil Jones at Egnyte. In the session, we discussed many ways to improve AI governance, and you can watch and share the complete session replay here. During the session, we discussed the importance of respo nsible AI usage policies. However, my experience is that many organisations struggle to create policies aligned with their business requirements and the technological solutions that they use.

Not Zero-Days. Not Nation-States. A Firewall Rule.

A firewall's entire job is to control what gets in. In Reach's research, it was the most common source of a configuration-related near miss or exposure, ahead of EDR and identity controls. It does not take much. One rule broadened for a project, one exception that outlived its reason, one change that shipped without anyone checking it against intent. A single overly permissive rule, sitting live between quarterly reviews, is enough.

AI Analysts for Autonomous Vulnerability Response

Security teams are drowning in findings, not because scanners miss things, but because nothing confirms which ones an attacker could actually reach. Seemplicity AI Analysts run the investigation themselves, checking runtime configuration, network reachability, and exploit conditions for each finding, and re-rank your backlog by confirmed exploitability. What rises to the top is backed by evidence. What drops down has been checked and reasoned out.