Broadcom announced Symantec CBX (Carbon Black XDR), a cloud-based platform that combines Symantec and Carbon Black technologies in one intuitive solution. CBX addresses the needs of the industry’s largest and historically underserved market: organizations that lack the resources and training…
Category: Help Net Security
Top must-visit companies at RSAC 2026
RSAC 2026 Conference is taking place at the Moscone Center in San Francisco March 23 – 26. With hundreds of booths, countless product demos, and nonstop buzz, navigating RSAC can be overwhelming. That’s why we’ve done the legwork to highlight…
New device categories enter top enterprise risk rankings
Enterprise networks keep adding connected devices, expanding the attack surface as threat actors target a wider range of systems, many of which are difficult to inventory, secure, and patch consistently. (Source: Forescout) Forescout’s 2026 Riskiest Devices research maps that shift…
Apiiro introduces AI Threat Modeling to identify risks before code exists
Apiiro has announced AI Threat Modeling, a new capability within Apiiro Guardian Agent that automatically generates architecture-aware threat models to identify security and compliance risks before code exists. AI Threat Modeling allows enterprises to prevent risks at the speed of…
Straiker enables visibility and runtime protection for enterprise AI agents
Straiker has launched Discover AI and expanded Defend AI to secure coding agents, productivity agents, and custom-built agent platforms. Agents are operating across enterprise systems with broad access, growing autonomy, and zero security oversight. That’s why Straiker built Discover AI…
Astrix advances AI agent security platform to govern shadow and enterprise agents
Astrix Security has revealed a major expansion of its AI agent security platform, covering every layer where AI agents operate in the enterprise: from managed AI platforms to shadow deployments running on managed devices, detecting both agent existence and unauthorized…
Anvilogic’s Blueprints replaces SOAR complexity with natural language security automation
Anvilogic has launched Blueprints, a workflow automation capability that captures expert analyst practices and turns them into scalable, repeatable workflows across security teams. Instead of requiring specialized engineers to build and maintain code, Blueprints lets analysts author automation in natural…
Rubrik SAGE enables semantic governance for enterprise AI agents at scale
Rubrik has unveiled its Semantic AI Governance Engine (SAGE), designed to secure and control autonomous agents in real time. SAGE powers Rubrik Agent Cloud, replacing static, manual oversight with intent-driven governance to safely scale the enterprise AI workforce while maintaining…
Black Duck Signal secures AI-generated code with agentic application security
Black Duck has announced the general availability of Black Duck Signal, an agentic AI application security solution purpose-built to secure AI-generated code in autonomous development workflows. As agentic AI coding assistants increasingly design, code and deliver production software, organizations face…
ESET introduces Cloud Workload Protection, bringing XDR visibility to cloud environments
ESET has launched ESET Cloud Workload Protection as part of a comprehensive update for its ESET PROTECT Platform. The new module extends security beyond endpoints and servers to cover cloud workloads, enriching telemetry for detection and response while unifying security…
AppGate delivers identity-based ZTNA for secure access across OT systems
AppGate has announced the launch of its Operational Technology (OT) ZTNA solution. Designed to secure industrial control systems, manufacturing plants, energy facilities, and other critical infrastructure, the offering extends AppGate’s direct-routed ZTNA architecture into OT environments. It enables secure remote…
Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
Oracle has released an out-of-band patch for a critical and easily exploitable vulnerability (CVE-2026-21992) in Oracle Identity Manager and Oracle Web Services Manager. The company did not say whether the vulnerability has been exploited as a zero-day, but has urged…
Proofpoint unifies email, data, and AI security to reduce enterprise blind spots
Proofpoint has unveiled innovations across its Collaboration Security and Data Security portfolios, strengthening protection for the agentic workspace, where people and AI agents interact across communication and data environments to execute business-critical work. As organizations deploy AI assistants and autonomous…
Zero Networks Kubernetes Access Matrix exposes hidden access paths and blast radius
Zero Networks has announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters. The new capability enables security and DevOps teams to see, understand, and control Kubernetes access at scale,…
Russian hackers go after high-value targets through Signal
Russian intelligence-linked hackers are targeting commercial messaging platforms, with Signal a primary focus, the FBI and CISA warn. The campaign is aimed at individuals of intelligence interest, including government personnel, journalists, and others with access to sensitive communications. It is…
Zluri addresses expanding identity attack surface across SaaS, cloud, and AI
Enterprise identity is undergoing a fundamental shift. Employees are no longer the only identities operating inside organizations. Service accounts, machine identities, application integrations, and AI agents now interact with enterprise systems at scale, accelerating the growth of non-human identities and…
Booz Allen’s Vellox brings AI vs. AI defense to protect critical infrastructure and national security
Booz Allen Hamilton’s new Vellox suite showcases how AI-native cyber defense can counter growing threats to U.S. national security and critical infrastructure. The company’s new threat report, When Cyberattacks Happen at AI Speed, shows that AI is widening the gap…
Your AI agents are moving sensitive data. Do you know where?
In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry focuses on prompt injection and model behavior, Cohen argues the deeper…
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of those…
NIST updates its DNS security guidance for the first time in over a decade
DNS infrastructure underpins nearly every network connection an organization makes, yet security configurations for it have gone largely unrevised at the federal guidance level for more than twelve years. NIST published SP 800-81r3, the Secure Domain Name System Deployment Guide,…