Cisco Secure Access extends SSE and identity controls to agentic AI, helping organizations govern agent actions across models, MCP tools, APIs, and web.
Tag: controls
Compliance, Global Security News
JupiterOne launches continuous controls monitoring for security and compliance
JupiterOne Inc. has launched JupiterOne Continuous Controls Monitoring (CCM), a new product designed to test the effectiveness of security and compliance controls across cloud, SaaS, and hybrid environments.
AI, Cloud Security, Compliance, Cybersecurity, Global Security News, privacy, Risk Management
Spring 2026 SOC 1, 2, and 3 reports are now available with 188 services in scope
Amazon Web Services (AWS) is pleased to announce that the Spring 2026 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover 188 services over the 12-month period from April 1, 2025–March 31, 2026, giving customers a full year of assurance. These reports demonstrate our continuous commitment to adhering…
AI, Global Security News
npm Adds 2FA-Gated Publishing and Package Install Controls Against Supply Chain Attacks
GitHub has rolled out new controls for npm to improve the security of the software supply chain, giving maintainers the ability to explicitly approve a release prior to the packages becoming publicly available for installation. Called staged publishing, the feature is now generally available on npm. It mandates that a human maintainer pass a two-factor…
AI, Compliance, Global Security News
AI infrastructure is cracking under sovereignty demands
AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple providers, platforms, and computing environments while managing governance, security, and compliance obligations within defined boundaries. NTT DATA’s 2026 Global AI Report A Playbook for Private and Sovereign AI examined these conditions in more…
AI, Cybersecurity, Global Security News
The Next Cybersecurity Challenge May Be Verifying AI Agents
AI agents are reshaping cybersecurity. Learn why verification, trusted identity standards, and runtime controls are now essential.
Global Security News
Tech Can’t Stop These Threats — Your People Can
Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.
AI, Apps, Endpoint, Global Security News, Risk Management
AI Is Reshaping Software Supply Chain Risk
Artificial intelligence is rapidly transforming how developers build software, but security controls are struggling to keep pace. According to Willem Delbare, co-founder and CEO of Aikido Security, AI-assisted development is fundamentally changing the software supply chain threat model by increasing automation around code generation, dependency selection, and tool installation. “As of 2025, 84% of developers…
AI, Global Security News
The Browser Is Breaking Your DLP: How Data Slips Past Modern Controls
Your security controls aren’t failing, they’re missing where most of today’s work actually happens. Keep Aware shows how browser activity like copy/paste and AI prompts bypass traditional protections. […]
AI, Global Security News, Risk Management
Why Outdated Maintenance Software Is a Growing Ransomware Risk
Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers.
Global Security News
The “Juice” Factor: Designing Game Feel
Designing game feel requires responsive controls, hit-stop, sound, animation, and feedback systems that make gameplay satisfying.
Data Breaches, Global Security News
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Info is scant, but such breaches can reveal where a security product’s controls are located and how detections are designed, giving attackers a leg up.
AI, Apps, Cybersecurity, Global Security News, privacy, Risk Management
Microsoft, Google push AI agent governance into enterprise IT mainstream
Microsoft and Google are adding new controls for AI agents, as enterprise IT teams try to keep up with tools that can access corporate data and act across business applications. Microsoft’s Agent 365, made generally available for commercial customers on May 1, is designed to help organizations discover, govern, and secure AI agents, including those…
Compliance, Global Security News
Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations
Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks.
AI, Global Security News
Ping Identity Wins 2026 Google Cloud Security Partner of the Year Award for Identity & Access Management
COMPANY NEWS: Award highlights joint leadership in modernising and extending identity controls into real-time AI-driven environments
AI, Cloud Security, Compliance, Cybersecurity, Global Security News, privacy, Risk Management
Winter 2025 SOC 1 report is now available with 184 services in scope
Amazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 184 services over the 12-month period from January 1, 2025 – December 31, 2025, giving customers a full year of assurance. This report demonstrates our continuous commitment to adhering to…
AI, Global Security News
Review: The Psychology of Information Security
Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change management, and usability research. About the author Leron Zinatullin is the CISO…
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Docker Flaw (CVE-2026-34040) Lets Attackers Bypass Security Controls and Take Over Hosts
A vulnerability in Docker Engine allows attackers to bypass authorization controls and potentially gain full access to host systems. Cyera researchers found that the flaw affects a core security mechanism relied on by organizations to enforce container policies. “This research shows that a lot of foundational infrastructure is still carrying old bug classes in places…
AI, Global Security News
Mimecast makes enterprise email security deployable in minutes
Most organizations running Microsoft 365 rely on native email controls as their primary line of defense. According to Mimecast research, 38% of organizations depend exclusively on those native controls for collaboration security, and 64% say those controls are insufficient against the threat landscape. Ranjan Singh, Chief Product and Technology Officer at Mimecast, outlines how the…
AI, APAC, Apps, Compliance, Cybersecurity, Global Security News, Risk Management
Preparing for agentic AI: A financial services approach
Deploying agentic AI in financial services requires additional security controls that address AI-specific risks. This post walks you through comprehensive observability and fine-grained access controls—two critical capabilities for maintaining explainability and accountability in AI systems. You will learn seven design principles and get implementation guidance for meeting regulatory requirements while deploying secure AI solutions. Financial…
AI, Global Security News
Microsoft Proposes Better Identity, Guardrails for AI Agents
Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.
AI, Exploits, Global Security News
Qualys Debuts Industry’s First AI Agent for Safe Exploit Validation and Autonomous Remediation
Agent Val exploits, mitigates and revalidates exposures against compensating controls continuously, dramatically reducing the average window of exposure
AI, Global Security News
How Ceros Gives Security Teams Visibility and Control in Claude Code
Security teams have spent years building identity and access controls for human users and service accounts. But a new category of actor has quietly entered most enterprise environments, and it operates entirely outside those controls. Claude Code, Anthropic’s AI coding agent, is now running across engineering organizations at scale. It reads files, executes shell commands,…
AI, Global Security News, privacy
WhatsApp is giving parents peace of mind over their kids’ privacy
WhatsApp has introduced parent-managed accounts designed for pre-teens, giving parents and guardians new controls over contacts, group participation, and how the app is used. These accounts are limited to messaging and calling and do not include access to features such as Meta AI, location sharing, or disappearing messages in individual chats. Parents must have the…
AI, Compliance, Endpoint, Global Security News, Risk Management
SurePath AI Announces New MCP Policy Controls
Security and governance platform SurePath AI recently announced MCP Policy Controls to provide real-time controls over which MCP servers and tools are allowed to be used. MCP presents a new attack surface and security challenges These new controls are designed to assist organizations in adopting MCP, ensuring safety, visibility, and safeguards from day one. MCP…
AI, Global Security News
Gain web control with browser isolation
RBI advanced isolation controls extend how Cisco Secure Access secures internet access with fine-grained control over how users interact with web-based content.
Compliance, Global Security News, Risk Management
Forescout replaces manual audits with automated, always-on compliance validation
Forescout Technologies has announced Automated Security Controls Assessment, a new Forescout 4D Platform capability that continuously evaluates trust, control effectiveness and compliance posture across an organization’s attack surface. Replacing manual, static and error-prone spreadsheet-driven audits with real-time, automated evidence-based collection and reporting, the Automated Security Controls Assessment feature gives security and governance, risk, and compliance…
AI, Compliance, Cybersecurity, Global Security News, Risk Management
AI Is Moving Faster Than Security Controls
AI is entering organisations faster than the security controls designed to govern it. Artificial intelligence is rapidly becoming embedded across organisations. AI assistants are now writing code, summarising documents, analysing data, and supporting operational decisions. What began as experimentation is quickly becoming operational dependency. For security teams, the challenge is not simply adopting AI. The…
AI, Global Security News
Microsoft adds Copilot data controls to all storage locations
Microsoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel, and PowerPoint documents, regardless of their location. […]
AI, APAC, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Apache Tomcat Vulnerability Circumvents Access Rules
A vulnerability in Apache Tomcat enables users to bypass certain access controls by leveraging legacy HTTP/0.9 requests. Under specific configurations, the issue could allow attackers to circumvent defined security constraints. “If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET…
agentic ai, AI, Artificial Intelligence, Cloud Security, Global Security News, News
AI agents behave like users, but don’t follow the same rules
Security and governance approaches to autonomous AI agents rely on static credentials, inconsistent controls, and limited visibility. Securing these agents requires the same rigor and traceability applied to human users, according to Cloud Security Alliance’s Securing Autonomous AI Agents report. Agents scale faster than governance frameworks Autonomous AI agents act on behalf of humans, accessing…