Tag: governance
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
The Promise and Perils of Agentic AI: Autonomy at Scale
7 min readExplore the profound shift to agentic AI, its unprecedented automation capabilities, and the critical security and governance challenges it introduces. Learn how to secure autonomous systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-promise-and-perils-of-agentic-ai-autonomy-at-scale/
-
The Promise and Perils of Agentic AI: Autonomy at Scale
7 min readExplore the profound shift to agentic AI, its unprecedented automation capabilities, and the critical security and governance challenges it introduces. Learn how to secure autonomous systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-promise-and-perils-of-agentic-ai-autonomy-at-scale/
-
Dutch boardroom cyber security knowledge gap exposed
Cyber security governance professor warns that executives lack the capability to assess cyber threats in implementation approaches First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633901/Dutch-boardroom-cyber-security-knowledge-gap-exposed
-
Mit der Übernahme des Sicherheitspionier SPLX will Zscaler den KI-Lebenszyklus absichern
Zscaler übernimmt den Pionier von KI-Sicherheit SPLX und baut damit sein Serviceportfolio um die Absicherung von KI-Anwendungen aus. Die Zscaler-Zero-Trust-Exchange-Plattform wird um Shift-Left-KI-Asset-Discovery, automatisiertes Red-Teaming und Governance erweitert, sodass Unternehmen ihre KI-Investitionen von der Entwicklung bis zur Bereitstellung sichern können, ‘Die Übernahme ist ein wichtiger Schritt, um die Rolle von Zscaler als vertrauenswürdigen Partner zu…
-
Kommentar von Franz Kögl, Intrafind – Data Governance: Man kann nur steuern, was man kennt
First seen on security-insider.de Jump to article: www.security-insider.de/effektive-data-governance-und-die-rolle-von-enterprise-search-a-4bfd68271688d238a02aaad9f326d487/
-
Hackerparagraf: BSI-Chefin fordert Straffreiheit für ethische Hacker
Die Reform des Hackerparagrafen ist seit Jahren geplant. Die neue Regierung prüft das Thema noch. First seen on golem.de Jump to article: www.golem.de/news/hackerparagraf-bsi-chefin-fordert-straffreiheit-fuer-ethische-hacker-2511-201852.html
-
Centraleyes AI Framework (CAIF)
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
-
Louvre-Raubzug offenbart jahrzehntelanges Security-Versagen
Windows-Sicherheitsprobleme haben beim Louvre-Museum scheinbar Tradition.Shutterstock / Phil PasquiniDas Louvre-Museum in Paris wurde im Oktober 2025 bekanntlich von Einbrechern heimgesucht und auf ziemlich dreiste Art und Weise um Juwelen im Wert von circa 88 Millionen Euro erleichtert. Die Diebe nutzten für ihren Raubzug einen Möbelaufzug (made in Germany), um durch ein Fenster im zweiten Stock…
-
Centraleyes AI Framework (CAIF)
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
-
Louvre-Raubzug offenbart jahrzehntelanges Security-Versagen
Windows-Sicherheitsprobleme haben beim Louvre-Museum scheinbar Tradition.Shutterstock / Phil PasquiniDas Louvre-Museum in Paris wurde im Oktober 2025 bekanntlich von Einbrechern heimgesucht und auf ziemlich dreiste Art und Weise um Juwelen im Wert von circa 88 Millionen Euro erleichtert. Die Diebe nutzten für ihren Raubzug einen Möbelaufzug (made in Germany), um durch ein Fenster im zweiten Stock…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
Zensar and Saviynt forge global alliance to elevate identity governance and privilege management
Zensar Technologies, a leading experience, engineering, and engagement technology solutions company, announced the expansion of its strategic partnership with Saviynt, a global leader in AI-based identity security and governance solutions. This collaboration is aimed at helping organizations manage growing identity and governance-related challenges without adding operational risk. Zensar’s global delivery capabilities are supported by a growing…
-
AI Agents Mark the End of Traditional GRC
AI agents are transforming governance and compliance from slow, manual processes into real-time, autonomous systems. By eliminating data silos, automating risk assessments, and enabling multi-modal collaboration, enterprises can achieve governance at Mach speed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/ai-agents-mark-the-end-of-traditional-grc/
-
AI Agents Mark the End of Traditional GRC
AI agents are transforming governance and compliance from slow, manual processes into real-time, autonomous systems. By eliminating data silos, automating risk assessments, and enabling multi-modal collaboration, enterprises can achieve governance at Mach speed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/ai-agents-mark-the-end-of-traditional-grc/
-
Zscaler Acquires SPLX to Strengthen AI-Powered Zero Trust Security
Zscaler, a leading cloud security company, has acquired SPLX, an innovative AI security pioneer, to enhance its Zero Trust Exchange platform with advanced AI protection capabilities. The acquisition will integrate shift-left AI asset discovery, automated red teaming, and governance features that enable organizations to secure their AI investments throughout the entire lifecycle from development to…
-
Zscaler Acquires SPLX to Strengthen AI-Powered Zero Trust Security
Zscaler, a leading cloud security company, has acquired SPLX, an innovative AI security pioneer, to enhance its Zero Trust Exchange platform with advanced AI protection capabilities. The acquisition will integrate shift-left AI asset discovery, automated red teaming, and governance features that enable organizations to secure their AI investments throughout the entire lifecycle from development to…
-
Dynamische Datensperren Wie KI und Blockchain Governance neu definieren
www.pexels.com/de-de/foto/abstrakt-technologie-forschung-digital-17485707/ Die klassische Welt der Datenhaltung kennt zentrale Datenbanken, Sperr- oder Negativlisten und manuelle Prozesse für Widerruf oder Löschung. Doch im Zeitalter von künstlicher Intelligenz und Blockchain- bzw. Distributed-Ledger-Technologien verändert sich das Fundament von Speicherung, Nutzung und Kontrolle personenbezogener Daten grundlegend. Statt rein zentral gesteuerter Sperrmechanismen entstehen Architekturen aus dezentraler, kryptografisch gestützter Zugriffskontrolle, ergänzt durch……
-
Dynamische Datensperren Wie KI und Blockchain Governance neu definieren
www.pexels.com/de-de/foto/abstrakt-technologie-forschung-digital-17485707/ Die klassische Welt der Datenhaltung kennt zentrale Datenbanken, Sperr- oder Negativlisten und manuelle Prozesse für Widerruf oder Löschung. Doch im Zeitalter von künstlicher Intelligenz und Blockchain- bzw. Distributed-Ledger-Technologien verändert sich das Fundament von Speicherung, Nutzung und Kontrolle personenbezogener Daten grundlegend. Statt rein zentral gesteuerter Sperrmechanismen entstehen Architekturen aus dezentraler, kryptografisch gestützter Zugriffskontrolle, ergänzt durch……
-
Zscaler Purchases SPLX to Strengthen GenAI Model Protection
Acquisition Boosts AI Defense from Red-Teaming, Risk Scoring to Compliance Tracking. The SPLX acquisition gives Zscaler new tools for red-teaming, AI governance and pre-deployment risk analysis. The deal will strengthen Zscaler’s push to provide comprehensive GenAI protection, from cloud model discovery to runtime guardrails and ongoing compliance reporting. First seen on govinfosecurity.com Jump to article:…
-
Security leaders say AI can help with governance, threat detection, SOC automation
Executives and technical leaders differ on AI priorities, according to a report from Amazon. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/amazon-ai-security-cloud-migration-report/804502/
-
Zscaler Acquires SPLX To Boost AI Security, Governance
Zscaler announced Monday it has acquired AI security startup SPLX as the zero-trust security vendor expands ts platform for protecting GenAI and agentic adoption. First seen on crn.com Jump to article: www.crn.com/news/security/2025/zscaler-acquires-splx-to-boost-ai-security-governance
-
Why API Security Is Central to AI Governance
APIs are now the action layer of AI that make up your API fabric. Every LLM workflow, agent, and MCP tool call rides on an API. This makes API governance the working heart of AI governance, especially with the arrival of landmark frameworks like the EU AI Act and ISO/IEC 42001. These new regulations turn…
-
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness
Tags: access, ai, api, attack, awareness, breach, business, ceo, cloud, compliance, computer, control, corporate, crime, cryptography, cyber, cybersecurity, data, data-breach, encryption, exploit, finance, framework, germany, google, governance, guide, hacking, ibm, identity, india, infrastructure, intelligence, jobs, law, leak, metric, microsoft, network, penetration-testing, privacy, risk, risk-management, scam, security-incident, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-managementMany organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, managing and governing AI cyber risks. Key takeaways Most organizations’ AI adoption is dangerously outpacing their security strategies and…
-
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness
Tags: access, ai, api, attack, awareness, breach, business, ceo, cloud, compliance, computer, control, corporate, crime, cryptography, cyber, cybersecurity, data, data-breach, encryption, exploit, finance, framework, germany, google, governance, guide, hacking, ibm, identity, india, infrastructure, intelligence, jobs, law, leak, metric, microsoft, network, penetration-testing, privacy, risk, risk-management, scam, security-incident, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-managementMany organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, managing and governing AI cyber risks. Key takeaways Most organizations’ AI adoption is dangerously outpacing their security strategies and…
-
Malicious packages in npm evade dependency detection through invisible URL links: Report
Tags: ai, application-security, attack, control, detection, edr, endpoint, exploit, flaw, github, governance, hacker, malicious, malware, microsoft, open-source, programming, service, software, supply-chain, threat, tool, trainingCampaign also exploits AI: The names of packages uploaded to npm aren’t typosquats of common packages, a popular tactic of threat actors. Instead the hackers exploit AI hallucinations. When developers ask AI assistants for package recommendations, the chatbots sometimes suggest plausible-sounding names that are close to those of legitimate packages, but that don’t actually exist.…