Artificial Intelligence | Breaking Cybersecurity News | The Hacker News

You invested in a new AI-SOC because you want your organization to be safe. You also don't want your SOC team to burn out from the flood of alerts they're receiving.  It's good at first. At deployment, the detections are lined up with your environment. Your SOC team reports it's going to be a learning curve, but it seems to be working. It's going well until a few months later, when it's not, at least not as well.  The problem is that the agent isn't processing alerts the way your team needs it to. It keeps flagging the CEO's logins as threats because it doesn't understand that he's traveling. It's also let a few real threats slip through the cracks. Threats that should have been easily caught. What's happening?  Pre-trained AI was built to recognize the familiar, and it does. It's trained on old data, old attack paths, and assumptions that made sense in the lab based on what's been observed before. What it can't do is understand the small, real-world details that an...

The proliferation of AI agents in the enterprise has moved from theoretical to practical at a remarkable pace. These agents, whether developed internally or licensed, are increasingly integrated into core business workflows. While they promise substantial gains in automation and productivity, they also introduce a new and complex class of security risks that demand immediate attention.  The core challenge is not whether to adopt AI agents, but how to govern them effectively. A disciplined approach to balancing innovation with security is essential for any organization looking to leverage AI without exposing itself to unacceptable risk.  Recent research highlights the urgency of this issue. A comprehensive study found that 82% of companies are already using AI agents, with 53% acknowledging they access sensitive information daily . This rapid adoption, often occurring without adequate oversight, creates significant vulnerabilities. The imperative is clear: organizations must...

AI SOC Agents are going through a hype cycle. If we're going by Gartner's Hype Cycle for Security Operations, 2025 , this technology is still an "Innovation Trigger", but it's at the cusp of "Peak of Inflated Expectations". Every vendor claims their solution will revolutionize security operations. Every conference features another keynote promising autonomous defense. And every CISO is being asked whether AI will replace their security team. At Redis, implementing AI in the SOC has been more of a measured journey. The model is more of a hybrid SOC, so there's a combination of external service providers as well as internal resources. In this case, Prophet Security is currently proving themselves alongside a more traditional MDR provider.  But let's take a step back.  The Tipping Point for AI Adoption within the SOC Considering an AI solution for Redis' SOC came down to the confluence of three drivers.  On an individual level, there was more value from AI tools an...

The browser has quietly become the most critical application in the enterprise — and the most targeted. With SaaS, cloud, and hybrid work redefining IT boundaries, browsers now handle proprietary data, credentials, and business workflows. Yet legacy security tools like firewalls, antivirus, and EDR were never designed to defend this new digital front line. The shift from being an ancillary tool to becoming the main location of work means legacy security solutions, such as firewalls, antivirus, VDI, etc., are not equipped to provide the necessary level of protection needed to secure today's organizations. The browser, once an afterthought, is now the weak link that legacy defenses simply can't secure.  This article examines the modern browser exploitation playbook and details why legacy tools alone are no match for today's cybercriminals. By adopting a Secure Enterprise Browser (SEB), enterprises can complement their existing security tools, shore up their weak link, and future-p...

For nearly two decades, managed-security models have defined how most organizations handle detection and response. Faced with alert overload, chronic staffing shortages, and the high cost of 24/7 coverage, many teams turned to Managed Security Service Providers (MSSPs) and later to Managed Detection and Response (MDR) vendors to fill the gap. Beyond staffing and capacity, many also lacked in-house expertise in building detection systems. It was a rational choice. MSSPs and MDRs provided 24/7 monitoring, experienced analysts, and predictable coverage. They gave companies without an in-house SOC a viable way to maintain security coverage in an increasingly complex threat landscape. But the ground has shifted. AI-driven SOC platforms are now automating large parts of what human analysts once did: triaging alerts, correlating signals, enriching incidents, and recommending or even executing responses. That raises a simple but profound question: what happens to the managed-security m...

In a matter of months, AI became a tool relied on for daily critical tasks. Now, we are seeing it used just as easily to attack systems, deceive users, or even manipulate data. While full capabilities are still being explored, the most significant threats posed by AI are yet unknown. Even without knowing exactly what's coming, organizations can take meaningful steps now and develop identity security strategies to defend against AI-driven threats to avoid being an easy target. Suggestion 1: Start with the basics In the face of unknown AI-driven threats, one of the best places to start is with an identity security strategy that addresses the fundamentals.  When it comes to identity and access management, solutions that offer 'Preemptive Defense' (a term coined by Gartner) allow detection and protection before a user even authenticates to your systems. Think IP reputation checks, web application firewalls, machine learning-based risk scoring, user policies and app policies. Risky...

For most of its history, the Security Operations Center (SOC) has been a privilege of the few. Building one meant millions in technology spend and round-the-clock analyst coverage. Unsurprisingly, for years, SOCs were a privilege of the few -  large enterprises and organizations with high-risk profiles, where budgets and scale justified the investment. Everyone else was left with partial coverage or had to outsource. That reality is changing. AI has flipped the SOC equation. What was once out of reach for all but the largest enterprises is now accessible and affordable for nearly every company that needs one. The risk every company faces By now, almost any 9-year-old knows that cyberattacks threaten every company . It's no longer just banks and financial giants in the crosshairs. Over the past decade, cyberattacks have expanded into every sector, from e-commerce sites to research institutes to local hospitals. Recent data from the 'VikingCloud 2025 SMB Threat Landscape' repo...