Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

OpenMatter Network Joins HOL Initiative to Help Define Standards for Verifiable AI Collaboration and Security

OpenMatter Network today announced that it has joined the founding group of organizations participating in the Hashgraph Online (HOL) Partner Program, where the company will help develop standards, policies and verification frameworks for secure autonomous AI systems and agentic computing environments.

WatchGuard Appoints Vincent Hwang as Chief Product Officer to Accelerate Platform Strategy and AI-Driven Innovation

Former Fortinet, Cisco, and Bitdefender leader brings proven track record in scaling cybersecurity platforms, strengthening partner-driven growth, and shaping category-defining product narratives.

Shadow AI has officially entered the enterprise

AI tools have become a workplace staple, but their unsanctioned use has given rise to shadow AI. It refers to the untracked usage of any AI tools or applications without approval or overview of the information technology (IT) or security team. This is substantiated by the Verizon 2026 Data Breach Investigations Report (DBIR) which shows how rapidly the shadow AI trend is growing.

Hybrid Cloud Security: A CISO's Guide for 2026

A hybrid breach now costs an average of $5.05 million per incident, and that's 26% more expensive than breaches in traditional on-premises-only environments according to AppSecure's 2025 cloud security statistics. That number changes the conversation. Hybrid cloud security isn't a side project for infrastructure teams. It's a board-level risk issue with direct impact on resilience, audit readiness, and operating cost.

Secure AI Workflows: The Identity and Access Management (IAM) Checklist

AI agents and LLMs are already building, analyzing, and deploying code across your software development lifecycle. As software supply chains become increasingly AI-driven, proactive security and access controls are your only path to success. To effectively govern authentication and permissions without sacrificing development speed, you must update your access management strategies.

5 Common AI Governance Mistakes Enterprises Make

Enterprise AI adoption has outpaced enterprise AI governance. Seventy-eight percent of organizations now use AI in at least one business function, up from 55% the year before, and most of that adoption happened before governance teams finished drafting their first policy. The result is a familiar pattern: leadership approves a rollout, security builds guardrails around the tools it knows about, and sensitive data keeps moving through channels nobody mapped.

20 Questions Every Security Leader Should Ask Before Buying an AI SOC

Most “AI SOC” demos out there can look great. The polished dashboard, the confident verdict, the slide that says “autonomous.” A demo is built to show the platform at its best, on clean data, in a controlled environment, answering a question the vendor already knew was coming. The differences only show up after you’ve signed, when the platform meets your real stack, alert volume, and compliance requirements.

Certificate deployments just got an easy mode

The old deployment flow expected a lot from you. You had to know what format your certificate needed to be in. You had to know where it should be stored on the target system. Then you had to review and customize a deployment script in a code editor before anything ran. It turns out most of you don’t want to do that. And fair enough, staring at a script editor when you just want a certificate on your Exchange server is a little intimidating.

When AI Agents Call AWS, Who Does AWS Think They Are?

In Part 1, Your AI Agent Needs to Know Who You Are, we showed how Teleport JWTs give MCP tools a verified identity for every request. This post extends that pattern to AWS, specifically to Amazon Bedrock AgentCore, where the same identity gap exists but requires a different solution stack. You ask an AI agent to list your S3 buckets. The agent calls an MCP tool. The tool reaches out to AWS. However, CloudTrail records the action under something like agentcore-bot, but not your identity.

From days of training to three better rules in a minute

A few years ago, I was part of a team responding to a high-profile security incident. After the incident was resolved, I was given a list of NDR rules to add to my firewalls. The issue was that the rules were not made for Suricata, the IDS I was using in this position at that time, so they generated false positives. With all that extra noise, I made it my goal to eliminate that excess noise.