Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI-SPM for Financial Services: Managing AI Risk Under SOC2, PCI-DSS, and MAS TRM

The external auditor’s evidence request lands Tuesday morning. A security architect at a Tier 1 bank pulls up her AI-SPM dashboard for the SOC2 Type 2 review. Eighty-three AI agents running across the bank’s clusters. For each one, the dashboard shows the current configuration and the current behavioral baseline. The data is accurate, comprehensive, and point-in-time.

Behavior Intelligence: The New Model for Securing the Agentic Enterprise

Behavior Intelligence is a security operations model that detects risk by analyzing behavior, automates investigation and response using AI, and measures whether security outcomes are improving over time. It focuses on how users, systems, and AI agents operate rather than relying only on predefined rules or knowns indicators of compromise. This shift matters because modern attacks rarely look malicious at first. They look normal.

Most Critical Infrastructure is Held Together by Sticky Tape

The fear is not only what advanced AI can do, it is what it can do to brittle systems already running on neglect and compromise. When critical infrastructure is patched together with ageing controls and restricted tools land in a few powerful hands, the imbalance gets worse fast.

Runtime Observability for LangChain and AutoGPT on Kubernetes

A platform team at a mid-size SaaS company runs three LangChain agents and one AutoGPT-derived planner on EKS. LangSmith is wired in. OpenTelemetry traces flow into their observability stack. Falco runs on every node. The setup is what most security teams would consider thorough. A pip dependency in one of the agents’ tool packages ships a malicious update.

How to Prevent Prompt Injection

A prompt injection occurs when an attacker manipulates input to your AI system, overriding its instructions. To prevent prompt injection, you need a layered approach: separate system instructions from user input, validate user input before it reaches the model, monitor model outputs for anomalies, enforce least-privilege access for AI agents, and protect the data layer so sensitive information never reaches the model in a readable form. No single fix is enough.

AI Inference Server Observability in Kubernetes: The Four Signals MLOps Tools Don't Capture

In August 2025, a vulnerability chain in NVIDIA Triton Inference Server was found that allowed an unauthenticated remote attacker to send a single crafted inference request, leak the name of an internal shared memory region, register that region for subsequent requests, gain read-write primitives into the Triton Python backend’s private memory, and achieve full remote code execution. The exploit chain ran entirely through Triton’s standard inference API. No anomalous traffic volume.

Runtime Observability for MCP Servers: A Security Guide

Your security team sees an MCP tool server throw an error. Your APM dashboard shows a latency spike. Your logs capture the JSON-RPC request with its method name and parameters. But none of that tells you whether the tool just read a harmless config file or dumped credentials to an external IP. Traditional observability tools—the APM platforms, the OpenTelemetry traces, the centralized logging pipelines—track performance across your Model Context Protocol deployments.

Accelerating AI Discovery & Governance with the Falcon Platform

As AI adoption accelerates, so does shadow AI. Without a complete inventory of AI tools, agents, and activity, organizations are exposed to unapproved usage and data risk. In this video, you will see how the Falcon platform helps teams: Discover AI tools, models, and services in seconds Identify unapproved and risky usage See where AI is running and what it can access across endpoints Take action and enforce governance at scale.

The Research Behind Of Detecting And Attributing LLM-Generated Passwords - Gäetan Ferry

GitGuardian Senior Cybersecurity Researcher Gaetan Ferry’s latest research shows that AI-generated passwords are leaving fingerprints in the wild. In this interview, he explains how he used Markov chains, a century-old statistical model, to detect patterns in passwords generated by modern LLMs, attribute them to model families, and identify 28,000 likely LLM-generated passwords across public GitHub. The findings are a warning for teams adopting AI coding agents.