Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Choosing the wrong AST (Application Security Testing) platform doesn't just waste your budget. It leads to: In its latest research, “How to Avoid Common Pitfalls in Selecting Application Security Testing Tools,” Gartner highlights the five most common mistakes security leaders make when evaluating AST platforms. In this blog, we break down Gartner’s key insights and share what teams should look for when choosing a tool that works in the real world.

Today we’re excited to announce the launch of Apono’s new AI-powered Access Assistant, now live across the Apono Cloud Access Management Platform. As AI continues to transform engineering and security workflows, this assistant brings natural language interaction to access management. Helping teams move faster while staying secure. By eliminating the guesswork from access requests, Apono’s Access Assistant gives engineers a powerful new way to get exactly the access they need.

Azure CSPM (Cloud Security Posture Management) helps users maintain secure cloud setups. This post covers the basics, including the role of scanning virtual machines, various scan methods, and methods for viewing results.

Let’s be honest — nobody wakes up excited to read documentation. You’ve been there. You’re configuring a tricky workflow, testing an API, troubleshooting a weird corner case. And instead of finding the answer fast, you’re 12 tabs deep, elbows in a PDF appendix, hoping for a miracle. That’s not how it should be.

Everyone’s racing to build copilots right now. But making an agentic AI that feels like a trusted teammate—one that understands context, acts safely, and simplifies complex workflows—is harder than it looks. While building Nyx, our agentic AI copilot for security teams, our team spent a lot of time thinking about how to make her an effective team member - skilled and trustworthy.

Netskope Threat Labs is pleased to announce the release of a new open-source tool that detects supply chain attacks. Our new tool, Behavioral Evaluation of Application Metrics (BEAM), requires no endpoint agent deployment and will analyze the network traffic you are already capturing in your organization to determine if your applications are communicating with unusual hosts that could be part of an attack. This tool is the subject of a 2025 Black Hat USA briefing.

Enterprises deploying AI agents and LLMs often look to prompt scanning as their first line of defense against privacy and security breaches. The idea is simple: analyze the text of the user’s prompt before it reaches the model, detect it for sensitive keywords or patterns, and block the sensitive words that may trigger a security or compliance issue. Enterprises thought this was a safe around, till they walked into unexpected issues.

Artificial intelligence (AI) is not a new concept or technology in the world of cybersecurity. It’s been iterated and utilized by security professionals for decades. But as both cybersecurity technology and cyber threats continue to advance, AI is being adopted by organizations at a rapid pace, all of whom seek to harness AI’s power to automate, advance, and empower their security.

AI is transforming the way we work. There are immense opportunities for automation, intelligent decision-making, and productivity gains. This transformation is a tremendous opportunity, but it also comes with tremendous responsibility, especially when security is involved. For example, AI systems can now act on behalf of users, access sensitive data across tools, and make decisions without oversight, all of which have security implications.