Risk management | Breaking Cybersecurity News | The Hacker News

The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager. From Hype to High Stakes Generative AI has moved beyond the hype cycle. Enterprises are: Deploying LLM copilots to accelerate software development Automating customer service workflows with AI agents Integrating AI into financial operations and decision-making Whether building with open-source models or plugging into platforms like OpenAI or Anthropic, the goal is speed and scale. But what most teams miss is this: Every LLM access point or website is a new identity edge. And every integration adds risk unless identity and device posture are enforced. What Is the AI Build vs. Buy Dilemma? Most enterprises face a pivotal decision: Build : Create in-house agents tailored to internal systems and workflows Buy : Adopt commercial AI tools and SaaS integ...

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can't easily see. These "invisible" non-human identities (NHIs) now outnumber human accounts in most cloud environments, and they have become one of the ripest targets for attackers. Astrix's Field CTO Jonathan Sander put it bluntly in a recent Hacker News webinar : "One dangerous habit we've had for a long time is trusting application logic to act as the guardrails. That doesn't work when your AI agent is powered by LLMs that don't stop and think when they're about to do something wrong. They just do it." Why AI Agents Redefine Identity Risk Autonomy changes everything: An AI agent can chain multiple API calls and modify data without a human in the loop. If the underlying credential is exposed or overprivileged, each addit...

While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systems Git is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping code, developers may inadvertently leave behind API keys, tokens, or passwords in configuration files and code files, effectively handing attackers the keys to the kingdom. This isn't just about poor hygiene; it's a systemic and growing supply chain risk. As cyber threats become more sophisticated, so do compliance requirements. Security frameworks like NIS2, SOC2, and ISO 27001 now demand proof that software delivery pipelines are hardened and third-party risk is controlled. The message is clear: securing your Git repositories is no longer optional, it's essential. Below, we look at the ris...

I had the honor of hosting the first episode of the Xposure Podcast live from Xposure Summit 2025. And I couldn't have asked for a better kickoff panel: three cybersecurity leaders who don't just talk security, they live it. Let me introduce them. Alex Delay , CISO at IDB Bank, knows what it means to defend a highly regulated environment. Ben Mead , Director of Cybersecurity at Avidity Biosciences, brings a forward-thinking security perspective that reflects the innovation behind Avidity's targeted RNA therapeutics. Last but not least, Michael Francess , Director of Cybersecurity Advanced Threat at Wyndham Hotels and Resorts, leads the charge in protecting the franchise. Each brought a unique vantage point to a common challenge: applying Continuous Threat Exposure Management (CTEM) to complex production environments. Gartner made waves in 2023 with a bold prediction: organizations that prioritize CTEM will be three times less likely to be breached by 2026. But here's the kicker -...

For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is reserved for the well-resourced enterprise. But that's changing. In this post, we break down how fast-moving startups can realistically achieve FedRAMP Moderate authorization without derailing product velocity, drawing from real-world lessons, technical insights, and the bruises earned along the way from a cybersecurity startup that just went through the process. Why It Matters Winning in the federal space starts with trust—and that trust begins with FedRAMP. But pursuing authorization is not a simple compliance checkbox. It's a company-wide shift that requires intentional strategy, deep security investment, and a willingness to move differently than most startups. Let's get into what that actually looks like. Keys to a Successful FedRAMP Authorization 1. Align to NIST 800-53 fro...

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle to move beyond tactical services like one-off assessments or compliance checklists, and demonstrate long-term security value.  To stay competitive and drive lasting impact, leading service providers are repositioning cybersecurity as a strategic business enabler, and transitioning from reactive, risk-based services to ongoing cybersecurity management aligned with business goals. For service providers, this shift opens a clear opportunity to move beyond tactical projects and become long-term security partners, while unlocking new streams of recurring revenue.  Many MSPs, MSSPs, and consultancies already provide valuable point solutions, from identifying vulnerabilities to supporting audi...

Introduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today's threat landscape doesn't play by those rules. The sheer volume of telemetry, overlapping tools, and automated alerts has pushed traditional SOCs to the edge. Security teams are overwhelmed, chasing indicators that often lead nowhere, while real risks go unnoticed in the noise. We're not dealing with a visibility problem. We're dealing with a relevance problem. That's where Continuous Threat Exposure Management (CTEM) comes in. Unlike detection-centric operations that react to what's already happened, CTEM shifts the focus from what could happen to "why it matters." It's a move away from reacting to alerts and toward managing risk with targeted, evidence-based actions. The Problem with Alert-Centric Security At its core, the SOC is a monitoring engine. It digests input from f...

Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies and yet also going rogue in the Dark Web. Defining technical policies and also profiling attacker behavior. Security teams cannot be focused on just ticking boxes, they need to inhabit the attacker's mindset. This is where AEV comes in. AEV (Adversarial Exposure Validation) is an advanced offense technology that mimics how adversaries will attack your system, while providing remediation strategies. It lets you discover and address how your environment can be exploited and what the impact of the exploitation could be, in a dynamic and ongoing way. In this article, we'll share everything you need to know about AEV, and how your team can leverage it to build continuous resilience against attacks. What is AEV? According to the Gartner® Market Guide for Adversarial Exposure Validation (March 2025), AEV is defined as "technologies that deliver consistent, continuous, and automated ...

Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts – but executives want to understand risk in terms of financial exposure, operational impact, and avoiding loss. The disconnect has become difficult to ignore. The average cost of a breach has reached $4.88 million, according to recent IBM data . That figure reflects not just incident response but also downtime, lost productivity, customer attrition, and the extended effort required to restore operations and trust. The fallout is rarely confined to security. Security leaders need a model that brings those consequences into view before they surface. A Business Value Assessment (BVA) offers that model. It links exposures to cost, prioritization to return, and prevention to tangible value. This article will explain ...

Artificial intelligence is driving a massive shift in enterprise productivity, from GitHub Copilot's code completions to chatbots that mine internal knowledge bases for instant answers. Each new agent must authenticate to other services, quietly swelling the population of non‑human identities (NHIs) across corporate clouds. That population is already overwhelming the enterprise: many companies now juggle at least 45 machine identities for every human user . Service accounts, CI/CD bots, containers, and AI agents all need secrets, most commonly in the form of API keys, tokens, or certificates, to connect securely to other systems to do their work. GitGuardian's State of Secrets Sprawl 2025 report reveals the cost of this sprawl: over 23.7 million secrets surfaced on public GitHub in 2024 alone. And instead of making the situation better, repositories with Copilot enabled the leak of secrets 40 percent more often .  NHIs Are Not People Unlike human beings logging into systems, ...

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO's guide provides a practical roadmap for continuous web privacy validation that's aligned with real-world practices. – Download the full guide here . Web Privacy: From Legal Requirement to Business Essential As regulators ramp up enforcement and users grow more privacy-aware, CISOs face a mounting challenge: ensuring that what their organization says about privacy matches what their digital assets are doing . 70% of top US websites still drop advertising cookies even when users opt out, a clear contradiction of privacy claims. This gap exposes organizations to compliance failures, reputational damage, and user distrust. A Practical Approach to Web Privacy Validation Drawing from real-world incidents and regulatory trends, this guide outlines how CISOs can integrate continuous privacy validation into their security operations and explains why it's becoming a foundational practice....