Category: Help Net Security

Postman announced several updates bringing key enterprise features to its platform, so customers can build AI-ready APIs that meet the most critical enterprise specifications. As software increasingly shifts from applications to AI agents, the enterprise challenge has become clear: these…

Read more →

October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (EOL). This included 116 CVEs…

Read more →

Tufin announced Tufin Orchestration Suite (TOS) R25-2. The R25-2 release delivers expanded visibility, automation, and stronger security controls, enabling organizations to strengthen their security posture while simplifying operations across their hybrid environments. Security and network teams are forced to manage…

Read more →

In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations and why early collaboration between IT and security…

Read more →

Businesses are increasingly being pulled into lawsuits over how they collect and share user data online. What was once the domain of large tech firms is now a widespread legal risk for companies of all sizes. The latest analysis from…

Read more →

When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as likely…

Read more →

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience Survey by EY. The study, based on responses from 100 healthcare executives, outlines six areas where…

Read more →

Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Barracuda Networks, Bitdefender, Forescout, and Komodor. Bitdefender GravityZone Security Data Lake unifies telemetry from multiple tools Security Data Lake empowers both in-house security teams…

Read more →

Cisco has fixed two critical vulnerabilities (CVE-2025-20358, CVE-2025-20354) affecting Unified Contact Center Express (UCCX), which may allow attackers to bypass authentication, compromise vulnerable installations, and elevate privileges to root. The good news is that there is currently no evidence of…

Read more →

Ping Identity announced “Identity for AI,” a new solution designed to secure the world of AI agents. As organizations embrace agentic AI to boost productivity and commerce, Ping Identity is redefining how enterprises enable this new class of autonomous digital…

Read more →

Team Cymru announced RADAR, a new real-time discovery module designed to give threat analysts visibility into all internet-facing infrastructure, whether known or unknown, without waiting on asset inventories, third-party scans, or compliance-oriented tools. “Our RADAR solution is about giving defenders…

Read more →

Incident responders from Mandiant have wrapped up their investigation into the SonicWall cloud backup service hack, and the verdict is in: the culprit is a state-sponsored threat actor (though the specific nation wasn’t disclosed). “[The incident] was isolated to the…

Read more →

Prowler launched Prowler Lighthouse AI, an intelligent security assistant and MCP Server, that brings autonomous AI directly into DevSecOps workflows. Available immediately, Prowler’s AI innovations combine agentic reasoning with automation to accelerate risk analysis, streamline compliance and guide teams through…

Read more →

State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity Report covering April through September 2025. The research highlights how operations linked to Russia, China, Iran,…

Read more →

1touch.io unveils Kontxtual, an AI-driven data platform engineered for the AI era. Built to accelerate enterprise innovation without compromising control, Kontxtual harnesses the power of AI and LLMs to deliver real-time data, identity, usage, and risk insights, assuring sovereignty and…

Read more →

MajorKey Technologies announced IDProof+, a high-assurance identity verification solution leveraging biometric technology. Developed in collaboration with identity verification innovator authID, IDProof+ is designed to help enterprises combat AI-driven fraud and streamline remote workforce onboarding. Key benefits of IDProof+ include: Integration…

Read more →

Aptori announced Code-Q (Code Quick Fix), a new agent in its AI-powered security platform that automatically generates, validates and applies code-level remediations for confirmed vulnerabilities. Building on Aptori’s AI Triage, which delivers deterministic vulnerability validation, Code-Q extends that intelligence into…

Read more →

Hypori announced the expansion of its platform with the launch of the Hypori Secure Workspace Ecosystem, a suite of next-generation products designed to give organizations flexibility, scalability, and control over secure mobile access. The new portfolio introduces Hypori Mobile and…

Read more →

Binarly released the Binarly Transparency Platform 3.5 with Java ecosystem support, enterprise-grade YARA integration, and operational upgrades. With this update, Binarly’s cryptographic algorithm identification engine now supports Java archives (JARs) and JVM bytecode, scanning both standalone and embedded files inside…

Read more →

When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful content? That question is…

Read more →