Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft 365 E7 and the Rise of AI Agents: What Security Leaders Need to Know

For years, enterprise security focused on protecting users, endpoints, applications and data. Today another identity is entering the enterprise. AI agents. Unlike traditional chatbots that simply answer questions, modern AI agents can perform tasks on behalf of users. They can search corporate knowledge, summarize documents, create reports, interact with business applications and, with appropriate permissions, execute multi-step workflows.

After Mythos: What Cyber Insurers Should Actually Be Asking

One issue we keep hearing from insurance underwriters and portfolio managers is some version of the same question: how do you price a risk that can change between bind and the very next day? The steady stream of headlines about Claude Mythos is the latest reason why this question comes up, but it isn’t really all about Mythos. Frontier AI is collapsing the gap between vulnerability disclosure and weaponized exploit, and the numbers are no longer subtle.

What Is SOAR? a Practical Guide for Modern SOCs

Your SOC probably already has good tools. A SIEM collects logs. An EDR agent watches endpoints. Threat intel feeds add context. Ticketing systems track work. Yet the team still feels slow, overloaded, and inconsistent. That gap is where most leaders start asking what is SOAR. Not because they want another acronym, but because they need a way to make the tools they already own work together, reduce manual effort, and respond with less chaos.

Zero Trust for AI Agents Starts After Login

Zero Trust was built to fix an older assumption: if you were inside the network, you were trusted. Then, Cloud, SaaS and remote work broke that, so security moved toward identity, device checks, MFA, least privilege, and continuous verification. But now, with agents, the messy bit starts after access. The agent reads a prompt, pulls context, chooses a tool, calls an API, and may trigger a workflow. The login tells you the agent is “trusted”.

Access to Your Systems No Longer Has Borders: Take Control of Who Gets In

It's 4 p.m. and a client calls. It's an employee's last day, and you need to make sure they no longer have access to company environments, applications, systems, sensitive information—or even the corporate laptop. You remove VPN access. Then remote desktop access. Then access to applications and internal systems. Multiple locations, multiple consoles, and it only takes missing one of them to leave a door open. Now multiply that by the number of clients you manage.

Kubernetes for Agentic AI: Best Practices for Identity and Access

In Part 1 of this series, we addressed 18 Kubernetes best practices spanning across container hardening, observability, availability, and fault tolerance. Those practices secure the containers that agents run in. But the CNCF AI Technical Community Group's cloud-native agentic standards go further, establishing that securing containers is only the beginning.

Identifying and detecting ScoutC2 malware

At Corelight Labs, our mission is to help organizations stay a step ahead of evolving threats. When our researchers came across Censys' detailed write-up on ScoutC2, a rapidly growing open-source command-and-control (C2) framework favored by threat actors, we knew we needed to bolster community defenses quickly.