Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft 365 E7 and the Rise of AI Agents: What Security Leaders Need to Know

For years, enterprise security focused on protecting users, endpoints, applications and data. Today another identity is entering the enterprise. AI agents. Unlike traditional chatbots that simply answer questions, modern AI agents can perform tasks on behalf of users. They can search corporate knowledge, summarize documents, create reports, interact with business applications and, with appropriate permissions, execute multi-step workflows.

EU AI Act vs ISO 42001: What's the Difference - and Do You Need Both?

If your business builds or uses artificial intelligence, two names often come up. They are the EU AI Act and ISO/IEC 42001. They are easy to confuse, and getting the relationship wrong either wastes budget or leaves you exposed. This guide explains what each one requires, where they overlap, and how they work together.It shows how compliance leaders, CISOs, and AI product owners can use them without repeating work.It also helps you avoid gaps that could lead to an audit failure. Contents.

Server Hardening Checklist: 8 Weekly Checks to Reduce Configuration Drift

Summer is a good time to catch up on hardening work that gets postponed the rest of the year. Change freezes ease up, project calendars thin out, and the servers that quietly drifted out of spec during Q1 and Q2 finally get some attention. Over the next eight weeks, we’re publishing one practical hardening review each week. None of these require a project plan or a change advisory board meeting.

Endpoint protection for industrial systems: securing HMIs and SCADA servers

Why generic IT endpoint tools fail on the plant floor, what HMI and SCADA workstations actually need and how to build OT-appropriate endpoint protection. For plant security leads, OT engineers and industrial CISOs. OT endpoint protection combines anti-ransomware, antivirus, EDR, vulnerability assessment and patch management deployed on the PC-class endpoints inside an industrial environment, primarily HMI workstations, SCADA servers, engineering workstations and historians.

Acronis extends Microsoft 365 protection with Entra ID Backup

Attackers have long focused on email and endpoints, but now they are increasingly targeting the identity layer that controls access to those resources. The new approach is subversive and highly effective: By compromising identities, threat actors can gain access to Microsoft 365, SaaS applications, devices and administrative functions without tripping the same alarms that traditional attacks trigger.

Introducing Apex Discovery to secure every domain you actually own

Most tools will only test the domains you already know about. We’ve decided that’s not enough. TLDR: Detectify’s new Apex Discovery automatically identifies root domains likely to belong to your organization (from M&A, subsidiaries, and shadow IT) for complete security coverage. Review and confirm our curated suggestions in a click, and instantly start protecting them with the same continuous discovery and vulnerability assessment as the rest of your attack surface.

When AI agents look like attackers: what behavioral telemetry tells us

An X-Ops analysis of how AI coding agents trigger endpoint detection rules designed for adversaries AI coding agents (Claude Code, Cursor, Codex, and others built on skill packs such as GStack) are showing up in customer environments. They write code, install dependencies, automate browser tasks, and troubleshoot failures by trying alternative approaches.

Static DLP Is Leaving You in the Dark: Why It's Time for Intelligent, Self-Serve Outbound DLP and Misdirected Content Analysis

When we think about email security, our minds almost always jump to the inbound threats: the sophisticated phishing lures, the AI-generated business email compromise (BEC) attacks, and the malicious attachments knocking at the perimeter. But there is a silent, internal crisis happening on the way out of your organization. And chances are, you’re flying completely blind to it.

2026 Phishing by Industry Benchmarking Report: Findings on Human Risk

Every year, KnowBe4 analyzes millions of simulated phishing tests to measure one thing: how likely is your workforce to fall for a phishing attack? The results, published in the 2026 Phishing by Industry Benchmarking Report, paint a clear picture of where human risk concentrates — and what organizations can do about it. Here are the key findings security leaders need to know.