Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In an era of unprecedented advancements in AI, the National Institute of Standards and Technology (NIST) has released its "strategic vision for AI," focusing on three primary goals: advancing the science of AI safety, demonstrating and disseminating AI safety practices, and supporting institutions and communities in AI safety coordination.

We are over the moon to share that BlueVoyant has been awarded the Microsoft Worldwide Security Partner of the Year, demonstrating our leading-edge cyber defense capabilities and our strong partnership with Microsoft. We have also been recognized as the Microsoft United States Security Partner of the Year for the third time, and the Microsoft Canada Security Partner of the Year for the first time.

Modern organizations know that protecting their data is absolutely critical. That’s where cloud security compliance comes in. Satisfying regulatory standards helps organizations protect against unauthorized access and data breaches, as well as other security incidents. Beyond protecting data, compliance also protects organizations from the legal implications and financial effects of attacks.

As developers, we often have to work with REST APIs when we integrate with third-party systems or connect between frontend and backend systems at work. APIs, and REST APIs in particular, are a fundamental part of modern web applications, allowing us to create, read, update, and delete data over HTTP. However, as with any technology, they come with their own set of security challenges. Let's break these challenges down and understand how to secure REST API applications.

In the rapidly evolving fields of large language models (LLMs) and machine learning, new frameworks and applications emerge daily, pushing the boundaries of these technologies. While exploring libraries and frameworks that leverage LLMs for user-facing applications, we came across the Vanna.AI library – which offers a text-to-SQL interface for users – where we discovered CVE-2024-5565, a remote code execution vulnerability via prompt injection techniques.

OpenAI has reported launching its latest flagship model, GPT-4o, alongside a suite of advanced tools now available to free ChatGPT users. This move aligns with OpenAI's mission to advance AI technology and make it accessible and beneficial to everyone.

From chatbots like ChatGPT to the large language models (LLMs) that power them, managing and mitigating potential AI vulnerabilities is an increasingly important aspect of effective cybersecurity. Kroll’s new AI insights hub explores some of the key AI security challenges informed by our expertise in helping businesses of all sizes, in a wide range of sectors. Some of the topics covered on the Kroll AI insights hub are outlined below.

Managing dynamic cloud environments is an ongoing challenge for organizations as they scale and innovate. Protecting assets, data, and reputations is more important than ever, yet detecting insider threats, compromised accounts, and unusual behavior in an environment remains complex. Traditional SIEM solutions often focus on reactive, event-driven insights, but to meet today’s evolving needs, many teams are embracing proactive approaches like user and entity behavior analytics (UEBA).