Technology

In brief <ul><li>In court last week, billionaire crypto investor and entrepreneur Tim Heath shared his experience of being attacked in a failed kidnapping attempt last year.</li><li>Attackers tracke… [+4405 chars]

The traditional password that generations of computer users have come to love and hate may soon be replaced by something called a "passkey." You've likely even been prompted to create one. While many… [+144 chars]

Starting this month, you'll no longer be able to use Microsoft Authenticator's autofill password function, a move the company is making to transition from passwords to passkeys. Last month, Microsoft… [+3505 chars]

Companies are increasingly looking for ways to give more control to users and to protect their privacy. This is especially the case with the telecommunication service providers who are taking more in… [+2301 chars]

The cryptography that protects our privacy and security online relies on the fact that even the strongest computers will take essentially forever to do certain tasks, like factoring prime numbers and… [+33998 chars]

Qantas Airways has confirmed that a cyberattack on one of its customer call centers has exposed the personal data of up to six million customers, potentially becoming one of Australias most significa… [+2649 chars]

In today's digital landscape, email scams continue to evolve with alarming sophistication. According to recent studies, over 55% of internet users encounter phishing attempts on a monthly basis. What… [+6355 chars]

Eight months after Georgias rigged parliamentary elections, the government in Tbilisi is reaching new milestones of democratic backsliding. It has begun to censor opposition TV channels for using ter… [+8963 chars]

Storing files in the cloud helps you keep backups of your files, sync data across devices, and have better peace of mind when it comes to images, documents, and videos. It can be an expensive endeavo… [+2753 chars]

The Bill C-2 lawful access focus has thus far primarily centred on the creation of a new warrantless information demand power and the expansion of production orders to access information. Those provi… [+1050 chars]

Encoded reasoning occurs when a language model (LM) agent hides its true reasoning inside its chain-of-thought (CoT). It is one of the three types of unfaithful reasoning[1] and the most dangerous on… [+23850 chars]

<div class="entry" morss_own_score="5.647473560517039" morss_score="61.05706057945836"> <img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/SH_FYI_logo-sepia-1850px-960x462.jpg"> <p>Palo Alto, Calif., Jun. 30, 2025, CyberNewswire–Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case.</p> <p><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/SquareX-logo.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/SquareX-logo.png"></a><a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease">SquareX</a>’s research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to look out for.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p>Browser AI Agents are software applications that act on behalf of users to access and interact with web content. Users can instruct these agents to automate browser-based tasks such as flight bookings, scheduling meetings, sending emails, and even simple research tasks.</p> <p>The productivity gains that Browser AI Agents provide make them an extremely compelling tool for employees and organizations alike. Indeed, a survey from PWC found that 79% of organizations have already adopted browser agents today.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="200296caa7466fe31f69f1e9-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="200296caa7466fe31f69f1e9-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> <p>Yet, Browser AI Agents expose organizations to a massive security risk. These agents are trained to complete the tasks they are instructed to do, with little to no understanding of the security implications of their actions.</p> <p>Unlike human employees, Browser AI Agents are not subject to regular security awareness training. They cannot recognize visual warning signs like suspicious URLs, excessive permission requests, or unusual website designs that typically alert employees of a malicious site. Consequently, Browser AI Agents are more likely to fall prey to browser-based attacks than even a regular employee.</p> <p>Even if it is possible for users to add these guardrails, the overhead required to extensively write the security risk of every task performed by the agent in every prompt would probably outweigh the productivity gains. More importantly, employees using Browser AI Agents are unlikely to have enough security expertise to be able to write such a prompt in the first place.</p> <p><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/250630_SquareX-graphic-1.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/250630_SquareX-graphic-1-520x232.png"></a>With the popular open-source Browser Use framework used by thousands of organizations, SquareX demonstrated how the Browser AI Agent, instructed to find and register for a file-sharing tool, succumbed to an OAuth attack. In the process of completing its task, it granted a malicious app complete access to the user’s email despite multiple suspicious signals – irrelevant permissions, unfamiliar brands, suspicious URLs – that likely would have stopped most employees from granting these permissions.</p> <p>In other scenarios, these agents might expose the user’s credit card information to a phishing site while trying to purchase groceries or disclose sensitive data when responding to emails from an impersonation attack.</p> <p>Unfortunately, neither browsers nor traditional security tools can differentiate between actions performed by users and these agents. Thus, it is critical for enterprises working with Browser AI Agents to provide browser-native guardrails that will prevent agents and employees alike from falling prey to these attacks.</p> <div><a href="https://www.lastwatchdog.com/wp/wp-content/uploads/Vivek-Ramachandran.png"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/uploads/Vivek-Ramachandran-100x135.png"></a> Ramachandran</div> <p><a href="https://www.linkedin.com/in/vivekramachandran/">Vivek Ramachandran</a>, Founder &amp; CEO of <a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease">SquareX</a>, warns, “The arrival of Browser AI Agents have dethroned employees as the weakest link within organizations. Optimistically, these agents have the security awareness of an average employee, making them vulnerable to even the most basic attacks, let alone bleeding-edge ones.</p> <p>Critically, these Browser AI Agents are running on behalf of the user, with the same privilege level to access enterprise resources. Until the day browsers develop native guardrails for Browser AI Agents, enterprises must incorporate browser-native solutions like Browser Detection and Response to prevent these agents from being tricked into performing malicious tasks.</p> <p>Eventually, the new generation of identity and access management tools will also have to take into account Browser AI Agent identities to implement granular access controls on agentic workflows.”</p> <p>To learn more about this security research, users can visit <a href="http://sqrx.com/browser-ai-agents">http://sqrx.com/browser-ai-agents</a> .</p> <p>SquareX’s research team is also holding a webinar on <strong>July 11, 10am PT/1pm ET</strong> to dive deeper into the research findings. To register, users can click <a href="https://getstarted.sqrx.com/browser-ai-agents-webinar">here</a>.</p> <p><strong><em>About SquareX: </em></strong><a href="https://sqrx.com/?utm_campaign=15399438-YOBB%20-%20June%202025&amp;utm_source=pressrelease&amp;utm_medium=pressrelease"><em>SquareX</em></a><em>’s browser extension turns any browser on any device into an enterprise-grade secure browser. SquareX’s industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users’ existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector – the browser. Find out more on </em><a href="http://www.sqrx.com/"><em>www.sqrx.com</em></a><em>.</em></p> <p><em> <strong>Media contact: </strong>Junice Liew, Head of PR, SquareX, </em><a href="/cdn-cgi/l/email-protection#59332c37303a3c192a282b21773a3634"><em><span class="__cf_email__" data-cfemail="462c33282f2523063537343e6825292b">[email protected]</span></em></a></p> <p><strong><em>Editor’s note:</em></strong><em> This press release was provided by </em><a href="https://cybernewswire.com/">CyberNewswire</a><em> as part of its press release syndication service. The views and claims expressed belong to the issuing organization.</em></p> <p> <a href="https://www.facebook.com/sharer.php?u=https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/facebook.png" title="Facebook"></a><a href="https://plus.google.com/share?url=https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/google.png" title="Google+"></a><a href="/cdn-cgi/l/email-protection#b18ec2c4d3dbd4d2c58cffd4c6c2948381d0ddd4c3c58b948381e2c0c4d0c3d4e9948381c3d4c2d4d0c3d2d9948381d7d8dfd5c2948381d3c3dec6c2d4c3948381f0f8948381d0d6d4dfc5c2948381d0c3d4948381c1c3dec7d8dfd6948381c3d8c2dad8d4c3948381c5d9d0df948381d9c4dcd0df948381d4dcc1dddec8d4d4c297d0dcc18ad3ded5c88c948381d9c5c5c1c28b9e9ec6c6c69fddd0c2c5c6d0c5d2d9d5ded69fd2dedc9edfd4c6c29cd0ddd4c3c59cc2c0c4d0c3d4c99cc3d4c2d4d0c3d2d99cd7d8dfd5c29cd3c3dec6c2d4c39cd0d89cd0d6d4dfc5c29cd0c3d49cc1c3dec7d8dfd69cc3d8c2dad8d4c39cc5d9d0df9cd9c4dcd0df9cd4dcc1dddec8d4d4c29e"><img decoding="async" src="https://www.lastwatchdog.com/wp/wp-content/plugins/simple-share-buttons-adder/buttons/somacro/email.png" title="Email"></a></p> <p>June 30th, 2025 <span> | <a href="https://www.lastwatchdog.com/category/news-alerts/">News Alerts</a> | <a href="https://www.lastwatchdog.com/category/top-stories/">Top Stories</a></span></p> <p> </p></div><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.lastwatchdog.com">The Last Watchdog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by bacohido">bacohido</a>. Read the original post at: <a href="https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/">https://www.lastwatchdog.com/news-alert-squarex-research-finds-browser-ai-agents-are-proving-riskier-than-human-employees/</a> </p>

<p>In our <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">first post</a>, we introduced the world of AI web agents – defining what they are, outlining their core capabilities, and surveying the leading frameworks that make them possible. Now, we’re shifting gears to look at the other side of the coin: the vulnerabilities and attack surfaces that arise when autonomous agents browse, click, and act on our behalf.</p><p>From startups to tech giants, everyone is racing to embed these agentic capabilities into their products and services, making AI agents central to modern operations. But as adoption accelerates, a harsh truth emerges: their power comes with exposure. In this post, we’ll explore how vulnerabilities in AI web agents are emerging as critical security risks, especially when these tools are embedded into larger agentic workflows and systems.</p><h2>Web Agents Recap</h2><p>Before we dive into specific threats, it helps to recap how AI web agents operate under the hood. At a high level, AI web agents are software tools powered by large language models (LLMs) with an automation engine, typically a headless browser or API client, to turn natural-language instructions into concrete web actions. They’ll navigate to a page, authenticate or fill out forms, invoke API endpoints, parse responses, and even manage cookies or session state to complete each step. These agents can break down complex prompts into discrete actions and carry them out via a browser or even the underlying operating system.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>Frameworks like <strong>Browser-Use</strong> and <strong>Skyvern </strong>focus on browser automation, while tools like <strong>ACE (by General Agents)</strong>, <strong>OpenAI’s Operator</strong>, or <strong>Claude’s Computer Use</strong> extend control to desktop environments. In practice, an agent may fetch live data, maintain context in an internal memory, and coordinate with other specialized agents to execute multi-stage workflows.</p><p>This blend of LLM logic, automation layers, and external integrations not only creates a rich functionality and advanced capabilities but also, as we’ll see, exposes new attack surfaces in modern AI web agents.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="00daac404f7bae23fed02e19-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="00daac404f7bae23fed02e19-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h2>Risks &amp; Vulnerabilities in AI Web Agents</h2><p>Despite their impressive capabilities, AI web agents have clear weak points that attackers can exploit. Although this field is still in its early days, researchers have already started mapping out risks and vulnerabilities affecting AI agents.</p><p>In this blog, we’ll dive into one of the pressing threats to AI web agents: <strong>Agent Hijacking.</strong> This occurs when an attacker interferes with how an agent perceives information or makes decisions. By feeding it misleading inputs or tampering its internal logic, attackers can trick the agent to trust false data, leak sensitive information, or take actions that are unsafe, unintended, or even malicious. To keep things simple, let’s split hijacking attacks into two categories:</p><ul> <li><strong>Perception &amp; Interface Hijacking: </strong>Manipulating what the agent “sees” or how it interacts with the web environment.</li> <li><strong>Prompt-Based Hijacking: </strong>Tampering with the agent’s “thought process” by feeding it with misleading or malicious instructions.</li> </ul><p>This two-part breakdown helps clarify where and how agents can be taken over, and why defence strategies must protect both their internal reasoning and their external senses.</p><h3>Perception &amp; Interface Hijacking</h3><p>This type of attack goes after the agent’s “senses” and “actions” in the browser. It focuses on the external layer – the browser, UI, or environment the AI agent interacts with. By messing with what the agent sees or clicks on, attackers can trick it into performing unauthorized actions. Perception hijacking occurs in the following sequence of events:</p><ol> <li><strong>DOM/Page manipulation:</strong> tweaking the page’s HTML to mislead the agent, for instance, replacing a legitimate links or buttons with malicious ones. This can be done with known attack vectors like stored XSS, but also through normally benign tools like markdown formatting within applications.</li> <li><strong>Visual confusion: </strong>these manipulated web elements cause confusion to the web agent, tricking it into taking actions it should not.</li> <li><strong>Actions:</strong> the agent then clicks on manipulated buttons and links within the page, expecting a certain outcome, and are then redirected to potentially malicious locations.</li> </ol><p>In the following video, we show how a simple markdown comment in a standard web forum can hijack the AI web agent Browser-Use. By manipulating how the agent views the site, we can influence its behavior and send it to a malicious destination. For the demo we used a realistic clone of a site, similar to Stack Overflow, to illustrate this behaviour.</p><div style="width: 1650px;" class="wp-video"><!--[if lt IE 9]><script>document.createElement('video');</script><![endif]--><br> <video class="wp-video-shortcode" id="video-20076-1" width="1650" height="972" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4?_=1"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Perception-Hijacking-demo.mp4</a></video></div><p>Demo 1: Browser-Use Perception Hijacking</p><h3>Prompt-Based Hijacking</h3><p>In contrast to perception-based hijacking, instead of manipulating what the agent sees, this type of attack targets the internal reasoning loop of an AI agent by feeding it crafted language inputs hidden in the web elements ingested from web pages. These hijacks are so dangerous because they exploit the very flexibility that makes the LLMs powerful: bending an agent’s reasoning purely through language, without ever touching its underlying code.</p><p>Building on the previous demo video, we demonstrate how a malicious landing page, in this example a fake login, can be designed to include interactive elements embedding hidden prompt injections. Here we override the agent’s prompts and direct it to watch a legendary video.</p><div style="width: 1568px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-2" width="1568" height="968" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4?_=2"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-prompt-injection-demo.mp4</a></video></div><p>Demo 2: Browser-Use Prompt Injection</p><h3>The Interplay Between Prompt and Perception Hijacking</h3><table> <thead> <tr> <td><strong>Category</strong></td> <td><strong>Definition</strong></td> <td><strong>Targets</strong></td> <td><strong>Example Techniques</strong></td> <td><strong>Goal</strong></td> </tr> </thead> <tbody> <tr> <td><strong>Perception &amp; Interface Hijacking</strong></td> <td>Exploits how the agent perceives or interacts with its environment to mislead or trap it.</td> <td>UI, DOM, browser actions, context</td> <td>DOM injection, tooltip poisoning, spoofed buttons or domains</td> <td>Force incorrect actions, leak data, misdirect flow</td> </tr> <tr> <td><strong>Prompt-Based Hijacking</strong></td> <td>Manipulates the agent’s internal reasoning by injecting or modifying natural language input.</td> <td>Prompts, memory, task objectives</td> <td>Prompt injection, memory poisoning, goal redirection</td> <td>Subvert agent behaviour, bypass safeguards</td> </tr> </tbody> </table><p>Think of it like this: <strong>p</strong><strong>rompt-based injection messes with the agent’s “</strong><em>thoughts”</em>,<br> while <strong>perception &amp; interface hijacking</strong> targets its “<strong>senses” and actions.</strong></p><p>In browser<strong>-based agents</strong>, you rarely see <strong>prompt injection on its own.</strong> Unlike chatbots that take direct text input, browser agents rely on scraping<strong> and interpreting </strong>page content. This means that for an attacker to inject prompts, they must first manipulate what the agent sees: through the DOM, hidden elements, tooltips, or spoofed content.</p><p>Here, <strong>the web interface becomes the true injection surface</strong>. Malicious instructions are smuggled into page content that the agent is likely to scrape or summarize, turning perception manipulation into a delivery mechanism for hijacking the agent’s internal reasoning. As a result, even though prompt injection and perception hijacking are conceptually distinct, <strong>they are tightly coupled in web environments</strong>, with interface control often being a <strong>prerequisite</strong> for successful prompt-level compromise.</p><h3>Real-World Consequences of Agents Hijacks</h3><p>Here is what can happen when attackers take over an AI web agent:</p><h4>Cross-Site Manipulation</h4><p>When an agent loads a page containing hidden scripts or cleverly crafted content, that page can influence the agent’s behaviour on other websites – much like XSS (Cross-Site Scripting) or CSRF in traditional web security, but here, the “scripting” is done via content that influences the agent’s decision logic.</p><p>In the demo video below, we show how injecting a prompt into the fake login page can manipulate the browser agent into visiting an online shopping site with a pre-authenticated session. We illustrate how the agent can perform malicious actions on the site, including making purchases.</p><div style="width: 1570px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-3" width="1570" height="978" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4?_=3"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Browser-Use-Prompt-hijacking-demo.mp4</a></video></div><p>Demo 3: Browser-Use Malicious Purchases</p><h4>Unchecked System Commands</h4><p>Many agents can execute code or simulate mouse and keyboard events- powerful features that demand strong sandboxing. “Sandboxing” means restricting what the agent can do, to contain any damage. Without it, a hijacked agent could wreak havoc on your PC: deleting files, installing malware, or altering critical configurations. Imagine an attacker slipping a malicious instruction into a tool like General Agents ACE, or Claude Computer Use, since they control the Operating System I/O, they effectively have full system access. Various case studies have shown attacks like these in action, demonstrating how OS’s controlled by LLMs can be compromised in this way ^{<a href="https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/" rel="noopener">[1]</a><a href="https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb" rel="noopener">[2]</a>}.</p><h4>Context Leakage and Unauthorized Data Access</h4><p>AI agents constantly handle sensitive context: web page content, user prompts, intermediate reasoning, API keys, and session tokens. Context leakage refers to sensitive data slipping out where it shouldn’t, often due to an attack. An agent might carry private info from one step to the next and accidentally reveal it. For example, if an agent logs into a user’s accounts (email, banking, etc.), it will handle credentials or session tokens. Those need to be protected. Multi-agent setups amplify this risk: one compromised agent can become the weak link that exposes the entire chain of tasks. Bellow, we’ll show an example of how hidden context in an agent’s prompt can be leaked to an attacker.</p><p>In the final demo video below, we demonstrate how injecting a prompt into the fake login page can force the browser agent to retrieve local secrets and send them to an attacker-controlled server.</p><div style="width: 1570px;" class="wp-video"><video class="wp-video-shortcode" id="video-20076-4" width="1570" height="978" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4?_=4"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Local-secret-theft-demo.mp4</a></video></div><p>Demo 4: Browser-Use Local Secret Theft</p><h2>Cascading Effects in Multi-Agent Workflows</h2><p>When AI agents team up, with one fetching web data, another analysing it, and a third updating databases, everything runs like a finely tuned assembly line. But that same modular setup means a breach in just one link can quietly infect the rest. A compromised agent—whether through prompt injection, poisoned memory, or tampered outputs—can hand off malicious instructions or poisoned data to its peers, propagating a silent “infection” down the chain. Recent research shows how a single hijacked agent can undermine downstream systems, even when each agent seems isolated ^{<a href="https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems" rel="noopener">[3]</a>}.</p><p>This risk only grows as agents talk to each other using standardized protocols such as <strong>Agent-to-Agent (A2A)</strong> and <strong>Anthropic’s Model Context Protocol (MCP)</strong>. These frameworks make it easy to build and connect multi-agent workflows by defining shared message formats, memory interfaces, and secure context-passing mechanisms. While this standardization lowers the barrier for developers to build complex agentic architectures, it also means that a vulnerability in one agent or protocol implementation can have a far-reaching impact. For example, a malicious instructions hidden in one agent’s JSON context (via MCP) can slip through to other agents without setting off alarms. In effect, while protocols like A2A and MCP are essential enablers of scale and interoperability, they also emphasize the need for <strong>robust validation, filtering, and isolation mechanisms</strong> between agents to prevent the systemic spread of compromised inputs or behaviour.</p><p>As multi-agent ecosystems become the norm, the importance of treating every agent-to-agent interaction as a potential security boundary becomes paramount. Without solid validation, filtering, and isolation at each step, the benefits of composability and reuse can quickly turn into vectors for exploitation.</p><h2>Wrapping Up: Innovate with Caution</h2><p>AI web agents like ACE, Browser-Use, Skyvern (and others such as Auto-GPT style bots or OpenAI’s Operator) herald a future of hands-free automation. But as we’ve seen, attackers are also eyeing these agents. A hijacked agent can turn your helpful AI assistant into a weapon against you (or against others). From prompt injection attacks that quietly insert the hacker’s agenda, to cross-site exploits that piggyback on an agent’s browsing, to multi-agent “infection” that spreads through an entire swarm of bots, the security challenges are real and pressing.</p><p>The good news is that we are not powerless, as the AI community is actively working on defences. Researchers are studying robust prompting techniques and content filters to catch malicious instructions. Companies are exploring constitutional AI and policy-driven agents that refuse risky actions. And the old rules still apply: run agents with the least-privileges they need, sandbox them tightly, and monitor their activity for anomalies.</p><p>In the meantime, if you’re experimenting with AI web agents, stay vigilant. Treat them as you would a new intern with extraordinary powers: supervise closely and train them before fully trusting them on their own. Use test environments, double-check critical steps, and keep humans in the loop for high-risk steps like spending money or deleting data. As we’ve illustrated, a single well-placed attack can make an AI agent go from helpful to harmful in a flash. By understanding these failure modes (prompt injections, cross-site manipulations, sandbox escapes, context leakage, and cascade effects) we can design safer agent systems that boost efficiency, without opening the door for attackers.</p><p> </p><a href="https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/" rel="noopener">https://hiddenlayer.com/innovation-hub/indirect-prompt-injection-of-claude-computer-use/</a><a href="https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb" rel="noopener">https://www.prompt.security/blog/claude-computer-use-a-ticking-time-bomb</a><a href="https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems" rel="noopener">https://splx.ai/blog/exploiting-agentic-workflows-prompt-injections-in-multi-agent-ai-systems</a><p>The post <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">The Rise of Agentic AI: Uncovering Security Risks in AI Web Agents</a> appeared first on <a href="https://www.imperva.com/blog">Blog</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.imperva.com/blog/">Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Sarit Yerushalmi">Sarit Yerushalmi</a>. Read the original post at: <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/</a> </p>

<p>Disclaimer: This post isn’t our usual security-focused content – today we’re taking a quick detour to explore the fascinating world of AI agents with the focus of AI web agents. Enjoy this educational dive as a warm-up before we get into the juicy details of AI web agents in our follow-up post where we will <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">Uncover Security Risks in AI Web Agents</a>.</p><h2>Introduction</h2><p>Artificial Intelligence has evolved far beyond simple chatbots. Today’s AI agents are dynamic systems that can plan, interact with digital tools, and execute tasks with minimal human intervention. Unlike traditional applications, these agents can autonomously gather information, make decisions and take actions to achieve their goals. In this post, we’ll define what an AI agent is, with a special focus on AI web agents. We’ll also explore their core capabilities and show how they fit into modern multi‑agent systems. This foundational guide will equip you with the essential knowledge needed to appreciate the fast-evolving landscape of agentic AI and set the stage for our next deep dive into AI web agent vulnerabilities. Let’s dive in!</p><h2>What is an AI Agent?</h2><p>Before we can focus on AI web agents, let’s first understand what an AI agent is.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>In simple terms, an <strong>AI agent</strong> is a software system that can <strong>autonomously perform tasks</strong> for a user or another system. Unlike a regular chatbot that only responses to inputs, an AI agent can make decisions, call APIs or databases, control software, and generally <strong>act</strong> in an environment to achieve a goal. These agents often leverage advanced <strong>large language models (LLMs)</strong> for understanding instructions and reasoning, but crucially they are not limited to their training data – they can reach out to tools and data sources to get things done.</p><p>Think of an AI agent as a tireless digital helper: you give it an objective, and it figures out the steps, finds the information or tools needed, and executes actions step by step (with minimal or no human intervention). It can remember context (with an internal memory) and adjust its plan on the fly.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="01f735a6126d0655869c82e3-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="01f735a6126d0655869c82e3-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h2>What are AI Web Agents?</h2><p>Now let’s turn our attention to the main topic: <strong>AI Web Agents</strong>. These agents are built specifically to interact with the World Wide Web. In simple terms, an AI web agent is an AI-powered system that can <strong>browse websites, understand web content, and perform actions </strong>inside<strong> a web browser,</strong> just like a human would, but entirely on its own.</p><p>In the context of our earlier discussion, a web agent is essentially an AI agent whose environment is the web. Instead of relying only on internal data, it perceives information on web pages (via HTML, text, and sometimes visuals), and can click links, fill forms, or trigger other web-based actions via a browser interface.</p><p>Behind the scenes, web agents often utilize a headless browser or APIs to fetch web pages, process their content (using natural language understanding or even computer vision to grasp layouts), and interact with the web elements. In doing so, they translate messy, human-oriented web interfaces into structured information that AI models can reason about and act upon, effectively making the web LLM-friendly.</p><h3>Core Capabilities</h3><p>AI web agents are powered by a set of essential skills. Below, we’ll break down each one and demonstrate how it works in real‑world scenarios.</p><h4>1. Web Navigation</h4><p>At the most basic level, a web agent must be able to move through the internet just like a human using a browser. This includes:</p><ul> <li><strong>Clicking links</strong> to explore menus, follow search results, or drill down into subpages.</li> <li><strong>Filling out forms</strong> with text inputs, dropdowns, radio buttons, and checkboxes- whether it’s logging into a portal, submitting a search, or registering for an event.</li> <li><strong>Handling dialogs</strong> <strong>like</strong> cookie consents or pop‑ups, allowing the agent to continue navigating without stumbling over unexpected prompts.</li> </ul><p>Example: An invoice‑download bot logs into your vendor portal, navigates to the billing page, selects last month’s date range, and clicks “Download PDF”.</p><h4>2. Data Retrieval</h4><p>Once the Agent reaches its target page, it needs to pull the precise information you’re looking for. This Includes:</p><ul> <li><strong>Scraping HTML</strong> to parse page structure and extract tables, lists, or headlines, even when the layout shifts unexpectedly.</li> <li><strong>Calling JSON APIs</strong> to retrieve structured data (like stock prices or weather forecasts) and process the responses.</li> <li><strong>Normalizing content</strong> by cleaning and reformatting text (stripping ads, collapsing whitespace) or converting image‑based charts into usable data.</li> </ul><p>Example: A daily briefing agent fetches the front pages of three tech blogs, scrapes the top five headlines and summaries from each, and consolidates them into a single daily email.</p><h4>3. Task Execution</h4><p>Beyond reading, AI agents can take meaningful action on your behalf:</p><ul> <li><strong>Posting content</strong> to social platforms, internal wikis, or CMS dashboards.</li> <li><strong>Sending messages</strong> via email (SMTP), Slack/GitHub bots, or other communication channels.</li> <li><strong>Triggering workflows</strong> in external systems (like launching a CI/CD pipeline, creating a Jira ticket, or starting a data‑backup job).</li> </ul><p>Example: After analyzing incoming customer feedback, an agent automatically drafts and sends personalized “thank you” emails to anyone who gave a 5‑star rating.</p><h4>4. Workflow Chaining</h4><p>The real magic happens when you link individual steps into a seamless pipeline:</p><ul> <li><strong>Detecting triggers</strong> by monitoring for new spreadsheet rows, incoming emails, or scheduled times.</li> <li><strong>Gathering data</strong> through authentication, web navigation, scraping, or APIs calls.</li> <li><strong>Processing information</strong> by summarizing text, performing calculations, and applying business logic.</li> <li><strong>Acting on results</strong> by posting reports, updating dashboards, or sending notifications to stakeholders.</li> <li><strong>Looping or branching</strong> based on outcomes: retry on failures, escalate errors, or split into parallel sub‑tasks.</li> </ul><p>Example: A “sales ops” agent watches your CRM for new leads, scrapes LinkedIn profiles for additional context, scores each lead via a simple formula, then creates a follow‑up task in your project management tool.</p><p>By mastering these four core capabilities, AI web agents can automate virtually any routine web‑based workflow, freeing you to focus on strategy, creativity, and problem‑solving. In the next section, we’ll explore the tools and architectures that make this possible.</p><h3>AI Web Agents Implementations</h3><p>AI web agents have 2 popular implementations you might encounter in the wild:</p><ul> <li><strong>Browser Automation Frameworks: </strong>These frameworks can navigate websites, click buttons, fill forms, and scrape content autonomously, like we just mentioned in the core capabilities. These frameworks provide the low-level browser hooks agents need to interact with virtually any page element.</li> <li><strong>Desktop &amp; Integrated AI Systems:</strong> These frameworks use features that merge web and local automation. Agents built on these platforms can manipulate both web content and native applications, allowing them to glance at your screen, open files, move windows, and perform hybrid tasks that span the browser and desktop environment.</li> </ul><h4>AI Web Agents Frameworks</h4><p>Instead of building every component from scratch, modern frameworks and services can handle the heavy lifting and accelerate agent development. Below are notable frameworks and services categorized by the two aforementioned implementation types:</p><h5>Browser Automation Frameworks</h5><ul> <li><strong>Browser‑Use </strong>is an open‑source toolkit that combines a headless browser (Playwright) with an LLM interface into a single, unified API. It offers built‑in actions for navigating pages, filling forms, clicking buttons, and scraping content, plus utilities for managing session state and capturing screenshots.</li> <li><strong>Skyvern</strong> is an open-source AI agent platform designed to automate browser-based workflows using LLMs and computer vision. It replaces brittle scripts or manual processes with an AI that can handle web tasks on many different sites. Skyvern provides a simple API endpoint where you can describe a task, and it will execute it through a browser.</li> </ul><p>To illustrate these capabilities in action, here’s a demo where Browser-Use automates a Skyscanner search to find the cheapest flights from Belfast to London.</p><div style="width: 1568px;" class="wp-video"><video class="wp-video-shortcode" id="video-20072-5" width="1568" height="972" preload="metadata" controls="controls"><source type="video/mp4" src="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4?_=5"></source><a href="https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4">https://www.imperva.com/blog/wp-content/uploads/sites/9/2025/06/Automating-Skyscanner-Searches-via-Browser-Use-demo.mp4</a></video></div><p>Demo 1: Automating Skyscanner Searches via Browser-Use</p><p>In the demo video Browser-Use performs the following steps:</p><ol> <li><strong>Navigate</strong> to <a href="https://www.skyscanner.net/" rel="noopener">https://www.skyscanner.net</a></li> <li><strong>Fill</strong> the “From” field with Belfast and the “To” field with London</li> <li><strong>Select</strong> departure and return dates</li> <li><strong>Click</strong> the search button and wait for the results page to load</li> <li><strong>Scrape</strong> each flight’s price, airline name and departure time</li> <li><strong>Compare</strong> all prices and identify the cheapest flight option</li> <li><strong>Return</strong> a summary containing airline, price, departure time and a direct booking link</li> </ol><p>This simple end-to-end example shows how Browser-Use can handle complex page interactions, dynamic content loading and data extraction—all with a few high-level commands that mirror what a human user would do in a browser.</p><h5>Desktop &amp; Integrated AI Systems</h5><ul> <li><strong>OpenAI’s Operator</strong> is a service that integrates LLM intelligence with both web browser and desktop automation. It can navigate websites, edit and send documents through native applications, run local scripts and interact with operating system functions using natural language prompts.</li> <li><strong>Claude’s Computer Use</strong> is an extension of Anthropic’s Claude designed for hybrid web and desktop workflows. It can click through native application menus, adjust system settings, open files and browse the web with full desktop context while leveraging safety filters to catch risky commands.</li> </ul><p>Both Browser-Use and Skyvern highlight that AI web agents are no longer futuristic ideas and they’re accessible today. Browser-Use lowers the barrier for connecting an AI’s thought processes to real-world browser actions, offering cloud services and an open-source library, while Skyvern tackles the challenge of variability by giving agents eyes through computer vision. On the desktop side, OpenAI’s Operator and Claude’s Computer Use demonstrate that hybrid web and local automation is likewise within reach, enabling agents to navigate your system as easily as they browse the web. Taken together, these implementations and frameworks put powerful automation tools at your fingertips – and they underscore the importance of building robust security measures to prevent malicious uses of agentic capabilities.</p><h2>Conclusion</h2><p>To wrap up, <b>AI web agents greatly expand</b> the reach of agentic AI systems, by unlocking the door to the internet’s information and services. They transform the web into an extended memory and action space for AI. When combined with other specialized agents (for coding, math, interacting with local systems, etc.), they form a powerful ensemble that can autonomously tackle complex, open-ended tasks.</p><p>For general tech readers, the takeaway is simple: <strong>AI agents are no longer confined to answering questions, they can now take meaningful actions. <span style="font-weight: normal !msorm;">N</span>owhere is this more evident than on the web</strong>. As this technology matures, we can expect AI assistants to do more and more: comparing products across sites and automatically ordering the best one, or performing an online task that we logged as a reminder to do later. It’s an exciting moment where the line between a human browsing the web and an AI doing it for us is starting to blur. The agentic AI landscape, with web agents as a key component, promises more automation, efficiency, and connectivity in our digital lives, ushering in a future where “going online to get something done” might just mean telling your AI agent and letting it handle the rest.</p><p>However, these powerful capabilities also open new attack vectors and security concerns, such as prompt injection, unauthorized automation and data leakage, which we will explore in depth in our follow-up blog.</p><p><strong><a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-uncovering-security-risks-in-ai-web-agents/">Click here to continue reading about agentic AI risks in our next post!</a></strong></p><p>The post <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">The Rise of Agentic AI: From Chatbots to Web Agents</a> appeared first on <a href="https://www.imperva.com/blog">Blog</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.imperva.com/blog/">Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Sarit Yerushalmi">Sarit Yerushalmi</a>. Read the original post at: <a href="https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/">https://www.imperva.com/blog/the-rise-of-agentic-ai-from-chatbots-to-web-agents/</a> </p>

<h2 class="wp-block-heading"><strong>What you need to know about SCA tools</strong></h2><p><strong>Quick Answer</strong>: The top SCA tools in 2025 are Mend.io (best for automated remediation and proactive SCA), Sonatype Lifecycle (known for enterprise policy management), Snyk (known for developer experience), and Checkmarx SCA (known for comprehensive coverage). According to industry reports, organizations using SCA tools can reduce vulnerability<a href="http://www.mend.io/"> remediation time by up to 80%</a>.</p><p><strong>Key Statistics</strong>:</p><ul class="wp-block-list"> <li><a href="https://www.mend.io/wp-content/uploads/2022/02/Mend_SBOM.pdf?">96% of applications</a> contain open-source components</li> <li><a href="https://www.mend.io/newsroom/whitesource-announces-proactive-alerts-on-security-vulnerabilities/">85% of software projects</a> contain at least one outdated open source component </li> <li>Codebases contain at least one known vulnerability</li> <li>Supply chain attacks have become a significant threat to organizations</li> <li>According to Gartner, <a href="https://www.gartner.com/en/documents/4893131" rel="noopener">61% of businesses were</a> affected by supply chain attacks in the last year</li> </ul><p>This is a reality check that your applications are built on a foundation you likely don’t fully understand. Today’s applications rely heavily on open-source code, and increasingly AI developed code, and each of those components could potentially introduce security vulnerabilities, license violations, or operational risks into your environment.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>Software Composition Analysis (SCA) tools exist to solve this problem. They give you visibility into what’s actually running in your applications and help you manage the risks that come with all that borrowed code.</p><h2 class="wp-block-heading"><strong>What Are Software Composition Analysis (SCA) Tools?</strong></h2><p>Software Composition Analysis (SCA) is one type of application security testing (AST) tool that deals with managing the risk of open source component use. SCA tools perform automated scans of an application’s code base, including related artifacts such as container images and registries, to identify all open source components, their license compliance data, and any known security vulnerabilities.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="32416ddf075a78d0c326c939-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="32416ddf075a78d0c326c939-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>Think of SCA tools as your risk management tool for open source dependencies. They automatically scan your codebase to create a comprehensive list of every open source dependency you’re using – both the ones you know about and the ones you don’t. Then they provide all the risk information you need to know on each dependency and apply your policies on it to ensure you are not using dependencies that may increase your application’s risk.</p><h2 class="wp-block-heading"><strong>Core Features of SCA Tools That Matter</strong></h2><h3 class="wp-block-heading"><strong>Components Detection and Inventory</strong></h3><p>The foundation of any good SCA tool is its ability to create accurate inventories. Software Composition Analysis tools typically start with a scan to generate an inventory report of all the open source components in your products, including all direct and transitive dependencies.</p><p>This matters because transitive dependencies – dependencies of your dependencies – often fly under the radar during manual reviews. Your application might use Library A, which depends on Library B, which depends on vulnerable Library C. An SCA tool maps these entire dependency chains automatically.</p><h3 class="wp-block-heading"><strong>Vulnerability Detection and Prioritization</strong></h3><p>Here’s where SCA tools really earn their keep. Good software composition analysis solutions will not only tell you what open source libraries have known vulnerabilities, but they will also tell you whether your code calls the affected library and suggest a fix when applicable.</p><p><strong>Reachability analysis</strong> has become crucial. Mend SCA evaluates vulnerabilities for objective and contextual factors, including reachability, exploit maturity, and EPSS/CVSS scores. For example, Mend SCA utilizes CVSS 4.0 severity ratings to gauge the potential impact of vulnerabilities and incorporates EPSS exploitability data to assess the likelihood each vulnerability will be exploited. This means you focus on vulnerabilities that actually affect your running code, not just theoretical risks.</p><p>However, some vendors are also able to analyze the code and pinpoint vulnerabilities that are truly in use by the application. Through reachability analysis, showing whether your code interacts with specific vulnerable functions in both direct and transitive dependencies, it can reduce the noise by 50%.</p><h3 class="wp-block-heading"><strong>License Compliance Management</strong></h3><p>Open source licenses can be legal landmines. When Mend SCA detects license types that violate company policy, it issues real-time alerts with automatic remediation capabilities and can even block license violations before they become part of your code base.</p><p>Different open source licenses have different requirements. Some require you to make your code open source if you distribute it. Others have specific attribution requirements. SCA tools help you understand these obligations before they become legal problems.</p><h3 class="wp-block-heading"><strong>Automated Dependency Updates</strong></h3><p>This is where tools like Mend Renovate shine. Mend Renovate helps developers automate dependency updates by detecting newer package versions and providing updates directly to the application code. The tool creates pull requests (PRs) and issues directly in the repository where updates are scanned. PRs include detailed information about updates, including age, adoption, passing rates, and complete change logs.</p><p>Furthermore, Mend Renovate leverages its vast user base of millions of open-source version users to provide commercial users with invaluable insights into the potential impact of each dependency update on their applications through crowd-sourcing. This innovative approach yields ‘Merge Confidence’ ratings, which significantly mitigate the risk of updates causing unexpected issues. By offering a clear likelihood of an update successfully integrating without breaking the application, and by intelligently grouping related updates, Mend Renovate streamlines the update process, preventing unnecessary rework and ensuring smoother, more reliable software development cycles.</p><h3 class="wp-block-heading"><strong>SBOM Generation and Management</strong></h3><p>Software Bill of Materials (SBOM) generation has become increasingly important. Any SCA tool must do this well. Mend SCA generates a precise inventory of a software’s open source components, detailing all libraries and dependencies. Easily export your SBOM in standardized formats (SPDX, CycloneDX) and import third-party SBOMs while leveraging VEX data to meet government and customer requirements. Snyk, Sonatype, and Checkmarx have similar tools. </p><h3 class="wp-block-heading"><strong>Reporting and Analytics</strong></h3><p>SCA tools should also provide comprehensive dashboards and reports that help different stakeholders understand risk. Fast feedback loops enable developers to respond rapidly to any vulnerability or license issues. </p><h2 class="wp-block-heading"><strong>SCA Tools Comparison: Which Is Right for Your Organization?</strong></h2><figure class="wp-block-table"> <table class="has-fixed-layout"> <tbody> <tr> <td><strong>Tool</strong></td> <td><strong>Known For</strong></td> <td><strong>Pricing Model</strong></td> <td><strong>Key Strengths</strong></td> <td><strong>Ideal Organization Size</strong></td> </tr> <tr> <td><strong>Mend.io</strong></td> <td>Automated remediation &amp; dependency updates</td> <td>All-in-one subscription</td> <td>AI security, 80% faster remediation, </td> <td>Mid to Enterprise</td> </tr> <tr> <td><strong>Sonatype Lifecycle</strong></td> <td>Enterprise policy management</td> <td>Per-application licensing</td> <td>AI-powered analysis, comprehensive SBOM</td> <td>Mid to Enterprise</td> </tr> <tr> <td><strong>Snyk</strong></td> <td>Developer-first workflows</td> <td>Per-developer seat</td> <td>IDE integration, real-time scanning</td> <td>Startups to Enterprise</td> </tr> <tr> <td><strong>Checkmarx SCA</strong></td> <td>Comprehensive coverage</td> <td>Platform licensing</td> <td>73% more true positives, broad language support</td> <td>Enterprise</td> </tr> <tr> <td><strong>Black Duck</strong></td> <td>Governance &amp; compliance</td> <td>Enterprise licensing</td> <td>Deep policy controls, C/C++ support</td> <td>Large Enterprise</td> </tr> </tbody> </table> </figure><h2 class="wp-block-heading"><strong>Notable Software Composition Analysis Tools</strong></h2><ol class="wp-block-list"> <li><strong>Mend.io: Best for Automated Remediation and Proactive SCA</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img decoding="async" width="210" height="210" src="https://www.mend.io/wp-content/uploads/2024/11/Mend-io-favicon-outline-200px.svg" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - Mend io favicon outline" class="wp-image-13096" style="width:135px;height:auto"></figure><p><strong>Pricing</strong>: Unified platform pricing starting at enterprise levels <strong>Implementation Time</strong>: 2-4 weeks for initial setup <strong>Best For</strong>: Teams who are looking for an AI native application security platform to secure AI powered apps, AI generated code and full visibility over their entire codebase. </p><p>Mend.io stands out for its comprehensive AI security solution and  its approach to application security with a unique pricing model that offers one price for all 5 products, including SCA, dependency updates, SAST, container security, and AI security. This reflects the vision that customers need a holistic view of the application stack.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>AI security solution: </strong>Mend AI detects all AI components in your code, provides risk information, applies policies, improves system prompts and also offers AI red teaming.</li> <li><strong>Automated Dependency Updates</strong>: Mend Renovate creates pull requests automatically</li> <li><strong>Fast Remediation</strong>: One of our most indicative KPIs is the amount of time for us to remediate vulnerabilities and also the amount of time developers spend fixing vulnerabilities in our code base, which has reduced significantly. We’re talking about at least 80% reduction in time.</li> <li><strong>Comprehensive Coverage</strong>: SCA, SAST, container security, and AI security in one platform</li> </ul><p><strong>ROI</strong>: Organizations typically see 70-80% reduction in security risks and save $21M+ annually through process automation.</p><ol start="2" class="wp-block-list"> <li><strong>Sonatype Lifecycle: Known for Enterprise Policy Management</strong></li> </ol><figure class="wp-block-image size-full is-resized"><img fetchpriority="high" decoding="async" width="801" height="693" src="https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color.jpg" alt="Sonatype logo" class="wp-image-16627" style="width:138px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color.jpg 801w, https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color-300x260.jpg 300w, https://www.mend.io/wp-content/uploads/2025/06/Sonatype_stacked_logo_full_color-768x664.jpg 768w" sizes="(max-width: 801px) 100vw, 801px"></figure><p><strong>Pricing</strong>: Per-application licensing model <strong>Implementation Time</strong>: 4-8 weeks for enterprise rollout <strong>Best For</strong>: Large enterprises with complex policy management and governance</p><p>Sonatype Lifecycle’s Software Composition Analysis (SCA) capabilities combine automated dependency management and SBOM management, helping teams manage their open source software security risks effectively.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>AI-Powered Analysis</strong>: Detection of AI components in Sonatype Nexus, providing risk information and applying policies automatically</li> <li><strong>Policy Automation</strong>: Sonatype Lifecycle sets policies that govern what types of libraries [and] licenses can be used. Those policies are then managed throughout the development lifecycle, automatically.</li> <li><strong>Build Integration</strong>: Extended of the Sonatype Nexus platform, making it an optimal choice for Nexus users who do not need an advanced AppSec solution.</li> <li><strong>Enterprise Scale</strong>: Handles thousands of applications with centralized governance</li> </ul><p><strong>Use Cases</strong>: Financial services, healthcare, government contractors requiring strict compliance.</p><ol start="3" class="wp-block-list"> <li><strong>Snyk: Known for Developer Experience</strong></li> </ol><figure class="wp-block-image size-medium is-resized"><img decoding="async" width="184" height="300" src="https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-184x300.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - snyk logo" class="wp-image-16628" style="width:100px" srcset="https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-184x300.png 184w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-627x1024.png 627w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-768x1255.png 768w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo-940x1536.png 940w, https://www.mend.io/wp-content/uploads/2025/06/snyk-logo.png 979w" sizes="(max-width: 184px) 100vw, 184px"></figure><p><strong>Pricing</strong>: Per-developer seat model, free tier available <strong>Implementation Time</strong>: 1-2 weeks for basic setup <strong>Best For</strong>: Development teams wanting security integrated into daily workflows</p><p>Snyk Open Source integrates right into IDEs and SCMs and creates workflows, automated scans, and actionable security intelligence to help them remediate vulnerabilities.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Developer-First Design</strong>: IDE plugins and real-time feedback</li> <li><strong>Comprehensive Platform</strong>: SCA, SAST, container, and IaC security</li> <li><strong>Risk Prioritization</strong>: Snyk’s prioritization is based on the severity of a vulnerability but also by creating a Risk Score, by dynamically evaluating vulns for over a dozen objective and contextual factors</li> <li><strong>Easy Adoption</strong>: Snyk’s real-time SAST and SCA vulnerability scanning and automated fix suggestions in the IDE and PR workflows ensure security from the start</li> </ul><p><strong>Best For</strong>: Agile teams, DevOps environments, organizations with distributed development teams.</p><ol start="4" class="wp-block-list"> <li><strong>Checkmarx SCA: Known for Comprehensive Coverage</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img loading="lazy" decoding="async" width="1024" height="133" src="https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1024x133.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - checkmarx logo" class="wp-image-16629" style="width:216px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1024x133.png 1024w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-300x39.png 300w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-768x100.png 768w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo-1536x200.png 1536w, https://www.mend.io/wp-content/uploads/2025/06/checkmarx-logo.png 1600w" sizes="auto, (max-width: 1024px) 100vw, 1024px"></figure><p><strong>Pricing</strong>: Platform licensing with enterprise focus <strong>Implementation Time</strong>: 6-12 weeks for full platform deployment <strong>Best For</strong>: Organizations needing comprehensive security coverage</p><p>Checkmarx has positioned itself as a comprehensive application security platform. Checkmax SAST identifies 73% more true positives and Checkmarx SCA identifies 11% more than Snyk. according to third-party testing.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Accuracy</strong>: Higher true positive rates with fewer false positives</li> <li><strong>Language Support</strong>: Checkmarx solutions have the breadth and depth for enterprise coverage across the entire SDLC, integrates seamlessly into developers’ workflows, and supports over 75 languages and 100 frameworks.</li> <li><strong>Malicious Package Detection</strong>: Checkmarx claims to have the largest repository of malicious packages </li> <li><strong>Enterprise Support</strong>: 24/7 technical support with dedicated customer success</li> </ul><p><strong>ROI</strong>: Organizations report 75% reduction in security workload and faster time-to-remediation.</p><ol start="5" class="wp-block-list"> <li><strong>Black Duck: Known for Governance and Compliance</strong></li> </ol><figure class="wp-block-image size-large is-resized"><img loading="lazy" decoding="async" width="1024" height="160" src="https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1024x160.png" alt="Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 - BlackDuckLogo" class="wp-image-16630" style="width:237px;height:auto" srcset="https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1024x160.png 1024w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-300x47.png 300w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-768x120.png 768w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-1536x240.png 1536w, https://www.mend.io/wp-content/uploads/2025/06/BlackDuckLogo-2048x320.png 2048w" sizes="auto, (max-width: 1024px) 100vw, 1024px"></figure><p><strong>Pricing</strong>: Enterprise licensing model </p><p><strong>Implementation Time</strong>: 8-16 weeks for full enterprise deployment </p><p><strong>Best For</strong>: Large enterprises with complex governance requirements</p><p>Black Duck Software, formerly part of the Synopsys Software Integrity Group, offers a comprehensive portfolio of application security testing solutions. The company recently became independent again in 2024.</p><p><strong>Key Differentiators</strong>:</p><ul class="wp-block-list"> <li><strong>Mature Governance</strong>: Comprehensive policy management and enforcement</li> <li><strong>Deep Analysis</strong>: Black Duck software composition analysis (SCA) helps teams manage the security, quality, and license compliance risks that come from the use of open source and third-party code in applications and containers</li> <li><strong>Enterprise Focus</strong>: Built for large-scale, complex environments</li> <li><strong>Compliance Ready</strong>: Strong audit trails and reporting for regulatory requirements</li> </ul><h3 class="wp-block-heading"><strong>Quick Comparison: Snyk vs Checkmarx vs Sonatype vs Mend.io</strong></h3><p><strong>For Startups/Small Teams</strong>: Snyk offers the easiest entry point with free tiers and simple setup. </p><p><strong>For Mid-Market and Enterprises</strong>: Mend.io provides the best balance of automation, comprehensive coverage and proactive SCA. </p><p><strong>For Enterprise</strong>: Sonatype Lifecycle offers sophisticated policy management and Checkmarx provides the highest accuracy and broadest language support. </p><p><strong>For Compliance-Heavy Industries</strong>: Black Duck has mature governance features.</p><h3 class="wp-block-heading"><strong>Other Notable Players</strong></h3><ul class="wp-block-list"> <li><strong>Veracode</strong>: Strong in enterprise environments with comprehensive security programs</li> <li><strong>JFrog X-Ray</strong>: Integrated with JFrog’s DevOps platform for artifact management</li> <li><strong>OWASP Dependency-Track</strong>: Open-source option for organizations wanting full control</li> <li><strong>FOSSA</strong>: Focused on license compliance and policy management</li> </ul><h2 class="wp-block-heading"><strong>Best Practices for Implementing SCA Tools</strong></h2><h3 class="wp-block-heading"><strong>Adopt a Remediation-First Approach</strong></h3><p>SCA solutions now bridge the gap between detection and remediation. Prioritization. A mature software composition analysis tool should include technologies that prioritize open source vulnerabilities.</p><p>The key is moving beyond just finding problems to actually fixing them. This means:</p><ul class="wp-block-list"> <li><strong>Prioritizing based on reachability</strong>: Focus on vulnerabilities in code paths your application actually uses</li> <li><strong>Automating dependency updates</strong>: Tools like Mend Renovate and GitHub Dependabot can handle routine updates automatically</li> <li><strong>Integrating into developer workflows</strong>: Security findings should appear where developers already work</li> <li><strong>Providing actionable remediation</strong>: Don’t just say “vulnerable library found” – suggest specific versions to upgrade to</li> </ul><h3 class="wp-block-heading"><strong>Build Visibility into Software Supply Chain Risk</strong></h3><p>SCA helps enterprises manage and control the security and compliance risks that come with using open source libraries.</p><p>This involves:</p><ul class="wp-block-list"> <li><strong>Comprehensive SBOM generation</strong>: Generate early, and update regularly. It is essential that SBOMs are generated as early in the SDLC as possible so that every added dependency can be recorded from early on.</li> <li><strong>License compliance monitoring</strong>: Track license obligations and ensure they align with your business model</li> <li><strong>Dependency health management</strong>: Monitor for outdated or abandoned dependencies</li> <li><strong>Continuous monitoring</strong>: Continuous vulnerability scanning should trigger a scan on all projects where either container scanning, dependency scanning, or both, are enabled independent of a pipeline.</li> </ul><h3 class="wp-block-heading"><strong>Detect and Prevent Emerging Threats</strong></h3><p>Further, SCA tools need to go beyond traditional vulnerability databases.</p><p>This includes:</p><ul class="wp-block-list"> <li><strong>Malicious package detection</strong>: Identify packages that contain intentionally malicious code</li> <li><strong>Container security scanning</strong>: Extend SCA analysis to container images and base layers</li> <li><strong>Infrastructure as Code (IaC) security</strong>: Scan infrastructure configurations for security misconfigurations</li> <li><strong>AI model security</strong>: As AI becomes more prevalent, scan for vulnerabilities in AI models and training data</li> </ul><h2 class="wp-block-heading"><strong>Implementing SCA Tools: A Practical Roadmap</strong></h2><h3 class="wp-block-heading"><strong>Step 1: Build Your Team and Define Goals</strong></h3><p>SCA should be an organizational initiative, not a one-person solution. If you want your implementation to be successful, the first thing you should do is assemble a cross-functional team of internal stakeholders.</p><p>Your team should include:</p><ul class="wp-block-list"> <li><strong>Developers</strong>: They’ll use the tools day-to-day</li> <li><strong>Security team</strong>: They’ll define policies and handle escalations</li> <li><strong>Legal team</strong>: They’ll help with license compliance requirements</li> <li><strong>DevOps team</strong>: They’ll integrate tools into CI/CD pipelines</li> </ul><h3 class="wp-block-heading"><strong>Step 2: Start Small and Scale Up</strong></h3><p>When you’re finally ready to scan, starting with your entire code base is going to be overwhelming.</p><p>Begin with:</p><ul class="wp-block-list"> <li>One or two critical applications</li> <li>Clear policies for handling findings</li> <li>Automated remediation for low-risk updates</li> <li>Gradual expansion to additional projects</li> </ul><h3 class="wp-block-heading"><strong>Step 3: Integrate into Development Workflows</strong></h3><p>The most successful SCA implementations integrate seamlessly into existing development processes. This means:</p><ul class="wp-block-list"> <li><strong>IDE plugins</strong>: Developers get feedback as they code</li> <li><strong>Pull request automation</strong>: Security checks happen before code merges</li> <li><strong>CI/CD integration</strong>: Builds fail if they introduce high-risk vulnerabilities</li> <li><strong>Dashboard integration</strong>: Security teams get visibility across all projects</li> </ul><h2 class="wp-block-heading"><strong>The Future of Software Composition Analysis</strong></h2><p>SCA tools continue evolving rapidly. Key trends include:</p><ul class="wp-block-list"> <li><strong>AI-powered analysis</strong>: More intelligent vulnerability prioritization and false positive reduction</li> <li><strong>Supply chain attack detection</strong>: Better identification of compromised packages and suspicious maintainer activity</li> <li><strong>Compliance automation</strong>: Automated generation of compliance reports and attestations</li> <li><strong>Real-time monitoring</strong>: Continuous analysis of production environments, not just build-time scanning</li> </ul><h2 class="wp-block-heading"><strong>Making the Business Case for SCA Tools</strong></h2><p>When evaluating SCA tools, consider these business benefits:</p><p><strong>Risk Reduction</strong>: According to a Gartner report, <a href="https://www.gartner.com/en/documents/4893131" rel="noopener">61% of businesses have been affected</a> by a supply chain threat in the last year. SCA tools help prevent your organization from becoming part of that statistic.</p><p><strong>Compliance Requirements</strong>: Government regulations increasingly require SBOMs and supply chain transparency. Having robust SCA processes positions you ahead of these requirements.</p><p><strong>Developer Productivity</strong>:  The right SCA tool helps developers move faster while maintaining security.</p><p><strong>Cost Savings</strong>: Automated dependency management and vulnerability remediation save significant time and resources.</p><h2 class="wp-block-heading"><strong>Building a Secure Software Supply Chain</strong></h2><p>SCA tools have evolved from simple vulnerability scanners to comprehensive supply chain security platforms. The best implementations combine automated discovery, intelligent prioritization, and seamless remediation workflows. They’re vital as a security and governance tool, as there isn’t there are nearly zero applications being developed without open source components.</p><p>The question isn’t whether you need SCA tools – it’s which ones will best fit your organization’s specific needs and how quickly you can implement them effectively. Start with clear goals, build the right team, and choose tools that integrate well with your existing development workflows.</p><p>Your software supply chain is only as strong as its weakest link. SCA tools help you identify those weak links and strengthen them before they become security incidents.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.mend.io">Mend</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Mend.io Team">Mend.io Team</a>. Read the original post at: <a href="https://www.mend.io/blog/best-software-composition-analysis-sca-tools-top-6-solutions-in-2025/">https://www.mend.io/blog/best-software-composition-analysis-sca-tools-top-6-solutions-in-2025/</a> </p>

<h2>Is Your Organization Harnessing the Full Power of Non-Human Identities?</h2><p>The increasing reliance on automation and cloud computing in industries such as healthcare, financial services, and travel, has led to a surge in Non-Human Identities (NHIs). Deployed effectively, these machine identities can significantly streamline operations. However, their management presents a new layer of complexity in cybersecurity strategy. So how can organizations realize the benefits of NHIs without falling prey to the security risks?</p><h3>The Importance of NHIs Management</h3><p>Often, the disconnect between security and R&amp;D teams can leave vulnerabilities unaddressed. These gaps can become doors for potential threats, making it crucial to manage NHIs effectively.</p><p>NHIs are unique identifiers created by coupling a “secret” (a distinctive key mimicking a passport) with the permissions assigned by a destination server (akin to a visa). Just like tourists, these identities need secured credentials (the “passport”) to traverse the digital landscape and require monitoring to ensure system compliance.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h2>Unlocking the Full Potential of NHIs Management</h2><p>NHIs management presents a comprehensive approach to safeguard machine identities and secrets. This method ensures security is maintained at all stages of the lifecycle, from identification and classification to threat detection and resolution. Unlike point solutions like secret scanners, which provide limited protection, NHIs management platforms offer valuable insights into ownership, permissions, utilization patterns, and potential vulnerabilities. This data-driven approach allows for security based on context.</p><p>The benefits of an effective NHIs management strategy include:</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="f452c2393d7649d34664dbb6-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="f452c2393d7649d34664dbb6-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>– <b>Reduced Risk</b>: Proactively identifying and mitigating security risks to decrease the chances of breaches and data leaks.<br> – <b>Improved Compliance</b>: Ensuring policy enforcement and providing audit trails to meet regulatory requirements.<br> – <b>Increased Efficiency</b>: Automation of NHIs and secrets management allows security teams to focus on strategic initiatives.<br> – <b>Enhanced Visibility and Control</b>: Centralized management of access grants better oversight and governance.<br> – <b>Cost Savings</b>: Operational expenses are diminished by automating secrets rotation and NHIs decommissioning.</p><h3>Improving NHIs: A Catalyst for Better Identity Management</h3><p>Data-driven strategies are integral to better identity management. A study by the Federal Highway Administration demonstrates this. They successfully used data to identify, manage, and solve performance issues, highlighting the importance of such insights.</p><p>Similarly, effective NHIs management entails utilizing data to understand how NHIs operate within your system. For instance, recognizing changes in usage patterns can be critical for timely intervention against potential threats. This approach is not just about improving NHIs but transforming them into a catalyst for better identity management.</p><h3>Towards a Secure Digital Environment</h3><p>NHIs management is a cornerstone in building a secure digital infrastructure – a fact underscored by the <a href="https://www.lsohc.mn.gov/materials/22_Mtg/05_25_2022/(R)DNR_Heritage_Forest_Project_Presentation.pdf" rel="noopener">LSOHC</a> in their project to protect their digital resources. Similarly, this case illustrates the importance of a holistic approach to cybersecurity, encompassing both human and non-human identities.</p><p>By effectively managing NHIs, organizations can secure their digital environment and utilize the full potential of these identities. It allows for swift adjustments to any changes, ensuring that security is not just responsive, but proactive. Through NHIs management, organizations can not only achieve better identity management but also improve their overall security infrastructure.</p><p>For a deeper dive into NHIs and data security in financial services, visit this <a href="https://entro.security/blog/non-human-identities-and-data-security-in-financial-services/">post</a>. Also, to understand more about secrets security and SOC2 compliance, this <a href="https://entro.security/blog/secrets-security-and-soc2-compliance/">article</a> can provide more insights.</p><p>It becomes ever more critical to remain one step ahead of potential threats. Efficient NHIs management is, therefore, not just an option – it is a necessity.</p><h3>Embracing the Necessity of NHIs Management</h3><p>An effective NHIs management strategy forms the bedrock of robust cybersecurity within any organization. When we transition towards where digital transactions are the norm, managing automated identities – the NHIs – has become a crucial aspect of maintaining a secure digital framework.</p><p>NHIs management does not merely represent the securitization of identities alone, but embodies the essence of end-to-end protection across a variety of sectors. Whether it is the healthcare industry, dealing with sensitive patient information, or the financial sector, where monetary transactions occur round the clock, NHIs prove to be invaluable resources. Proper management can help identify vulnerabilities, mitigate potential threats, and ensure the safe and efficient operation of independent digital identities.</p><h3>Navigating the Complex Landscape of NHIs</h3><p>Safeguarding thousands of NHIs within a complex network of encrypted passwords, keys, and access permissions can often be a daunting task. This process involves crucial components like identifying and classifying potential threats, tracking NHIs usage patterns, providing visibility into ownership details, and monitoring access permissions. An effective NHIs management platform can cover all these elements, in addition to offering potential vulnerability insights.</p><p>A recent study highlights how a data-driven approach to identity management can ultimately help stem potential security breaches. This method addresses vulnerabilities proactively and prevents them from evolving into significant threats.</p><h3>The Path to Streamlined Management: Automation and Efficiency</h3><p>The automation offered by NHIs and secrets management enables security teams to focus on strategic initiatives instead of being hindered by routine tasks. Utilizing an automated system minimizes manual errors during the secrets rotation and NHIs decommissioning stages. This, in turn, paves the way for improvement in security compliance and an efficient, holistic approach to cyber risk mitigation.</p><p>Moreover, the adoption of NHIs management strategies cuts down on operational costs, as noted in a recent report. Automation ultimately enhances efficiency, making cyber operations more streamlined and cost-effective.</p><h3>The Importance of Context-Sensitive Security</h3><p>The key to understanding and leveraging NHIs is in their usage patterns. More than just a figure or a set of encrypted codes, these identities follow unique operational patterns that provide a wealth of insight into different aspects, such as peak usage times or possible abnormalities hinting at misuse.</p><p>These insights can be instrumental in ensuring context-aware security, which would not only anticipate and respond to potential threats but also optimize system performance. According to the NASA Operational Data Information Systems (NODIS), employing a management system that understands the variant behaviors of NHIs allows for better governance, control, and enhanced cybersecurity posture.</p><h3>Enabling Business Growth with Secure NHIs Management</h3><p>Securing NHIs is not only about protecting an organization’s assets but also about enabling business growth. A breach or a data leak can result in financial loss, damaged reputation, and business disruption. But with a comprehensive NHIs management strategy, organizations can ensure that while they tap into the incredible potential of automation and cloud technologies, they also steer clear of potential security pitfalls.</p><p>If you are interested in exploring further the complexities of secrets security in the development stage, you can check out this <a href="https://entro.security/blog/best-practices-maintaining-secrets-security-in-development-stage/">article</a>. For insights on common secrets security misconfigurations, follow this <a href="https://entro.security/blog/common-secrets-security-misconfigurations-that-create-vulnerabilities/">link</a>.</p><p>To sum up, the effective management of NHIs should form an integral part of any modern organization’s cybersecurity strategy to remain ahead of the curve.</p><p>The post <a href="https://entro.security/improving-nhis-management-in-your-organization/">Improving NHIs Management in Your Organization</a> appeared first on <a href="https://entro.security/">Entro</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://entro.security/">Entro</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Alison Mack">Alison Mack</a>. Read the original post at: <a href="https://entro.security/improving-nhis-management-in-your-organization/">https://entro.security/improving-nhis-management-in-your-organization/</a> </p>

<p></p><center data-preserve-html-node="true">Author/Presenter: Chris Beckman (Principal Security Engineer At Taxbit) <p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe> <p>Our sincere appreciation to <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb <strong><a href="https://www.youtube.com/playlist?list=PLjDc7gDlIASRAcG0cxWYOnNGwFnykUMNZ">LinuxFest Northwest 2025</a></strong> video content. Originating from the conference’s events located at the <strong><a href="https://www.btc.edu/">Bellingham Technical College in Bellingham, Washington</a></strong>; and via the organizations <strong><a href="https://www.youtube.com/@LinuxFestNorthwest">YouTube</a></strong> channel. </p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p>Thanks and a Tip O’ The Hat to <strong><a href="https://www.verificationlabs.com/trey.html">Verification Labs</a></strong> :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending and appearing as speaker at the <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> conference.</p> <p></p></center></center><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="48e7ddc94f085503e3b72b8e-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="48e7ddc94f085503e3b72b8e-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p><a href="https://www.infosecurity.us/blog/2025/6/30/linuxfest-northwest-building-an-auto-updating-containerized-self-hosted-identity-aware-reverse-proxy">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9">https://www.youtube-nocookie.com/embed/WtgrbA9R2I0?si=ZDulFA_PQNTeWDL9</a> </p>

<h5 style="text-align: center;"><a href="#sbbwis"><img decoding="async" class="alignright size-full" title="Chris Linnett (Unsplash license)" src="https://securityboulevard.com/wp-content/uploads/2025/06/facial-recognition-ice-richixbw-chris-linnett-CkzZjuQB0hM-unsplash-130x90.png" alt="The face of the Statue Of Liberty" width="130" height="90"></a><strong>Liberty’s existential threat, or sensible way to ID illegal  immigrants?</strong></h5><p><strong>U.S. Immigration and Customs Enforcement (ICE) agents are using a new phone app:</strong> <i>Mobile Fortify</i> puts “instant, AI powered” facial recognition in their hands. What could possibly go wrong?<br><!--br--><br><strong>A major risk is inaccurate recognition.</strong> In today’s <a href="https://securityboulevard.com/tag/sb-blogwatch/" target="_blank" rel="noopener">SB  Blogwatch</a>, the French want their statue back.<br><!--br--><br><a title="Richi Jennings" href="https://www.richi.uk/" target="_blank" rel="noopener">Your humble blog­watcher</a> curated these bloggy bits for your enter­tain­ment. Not to mention:  <i>Dua Weeknd</i>.<br><!--br--></p><h2>MDCCLXXVI</h2><p id="sbbw1"><strong>What’s the craic?</strong> Joseph Cox reports: <a title="read the full text" href="https://www.404media.co/ice-is-using-a-new-facial-recognition-app-to-identify-people-leaked-emails-show/" target="_blank" rel="ugc noopener">ICE Is Using a New Facial Recognition App to Identify People</a></p><p style="padding-left: 40px;"><strong>“<tt>Constant fear and critique</tt>”</strong><br>ICE is using a new mobile phone app that can identify someone based on their fingerprints or face by simply pointing a smartphone camera at them, according to internal ICE emails, [which] say Mobile Fortify is using two government systems. The first is Customs and Border Protection’s (CBP) Traveler Verification Service, [where] CBP takes photos of peoples’ faces when they enter the U.S. … The second is the Seizure and Apprehension Work­flow, … bring­ing together information related to searches and seizures.<br>…<br>Now, that system is being used inside the U.S. by ICE to identify people in the field. [It] shows how biometric systems built for one reason can be repurposed for another, a constant fear and critique … of facial recognition.<br>…<br>ICE did not respond to a request for comment. CBP declined to comment.<br><!-----------------------------------------------------------------------------></p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p id="sbbw2"><strong>Is it <em>necessarily</em> a bad thing?</strong> Anthony Kimery has concerns: <a title="read the full text" href="https://www.biometricupdate.com/202506/new-ice-mobile-app-pushes-biometric-policing-onto-american-streets" target="_blank" rel="ugc noopener">App pushes biometric policing onto American streets</a></p><p style="padding-left: 40px;"><strong>“<tt>Raises fundamental questions about due process</tt>”</strong><br>Mobile Fortify marks a profound shift in ICE’s operational methodology of using traditional fingerprint-based stationary checks to using mobile, on-the-go biometric profiling that echoes the type of border surveillance previously confined to airports and ports of entry. … Facial recognition, though, [is] notably less reliable than fingerprints.<br>…<br>Agents using ICE-issued mobile devices can now photograph a subject’s face or fingerprint, triggering a near-instant biometric match against data sources that include … DHS’s broader Automated Biometric Identification System (IDENT) database, which contains biometric records on over 270 million individuals. [It] suggests a capability that is poised to extend biometric surveillance far beyond designated checkpoints and into neighborhoods, local transport hubs, and any environment in which ICE officers operate.<br>…<br>[It] fits into a broader ICE strategy of integrating AI-driven biometric data mining with field operations [and] raises fundamental questions about due process and constitutional protections. … Oversight, meanwhile, remains minimal. DHS has yet to issue formal rules clarifying who may use Mobile Fortify, which populations it targets, how long biometric data may be stored, what legal authorities justify its use, or what audit controls apply. … ICE is hurtling toward a frontier that its current policy and oversight structures appear unprepared to regulate.<br><!-----------------------------------------------------------------------------></p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="62ebcb669465b84bd25e62ab-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="62ebcb669465b84bd25e62ab-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p id="sbbw3"><strong>Hurtling? Oh, please.</strong> Here’s Jake Laperruque, from the Center for Democracy and Technology, via Autumn Billings: <a title="read the full text" href="https://reason.com/2025/06/27/how-dhs-facial-recognition-tech-spread-to-ice-enforcement/" target="_blank" rel="ugc noopener">More government agencies are using facial recognition</a></p><p style="padding-left: 40px;"><strong>“<tt>Dangerous to use facial recognition in this manner</tt>”</strong><br>Facial recognition isn’t a magic all-purpose tool, and as ICE itself acknowledged, is less reliable than traditional identification methods. It’s bound to produce errors.<br>…<br>With this AI surveillance tool deployed on our streets, American citizens are going to end up improperly targeted, arrested, and detained in ICE detention centers. … It’s dangerous to use facial recognition in this manner.<br><!-----------------------------------------------------------------------------></p><p id="sbbw4"><strong>Dangerous?</strong> <a title="read the full text" href="https://slashdot.org/comments.pl?sid=23719145&amp;cid=65451919" target="_blank" rel="ugc noopener">cowdung</a> argues it’s “not a problem with the tech:”</p><p style="padding-left: 40px;">This is not a problem with facial recognition, but rather a problem with how it is used. Facial recognition gives you some “best matches” and then the user is supposed to look at the photos and decide if this is the same person or not. (Systems used for police say “this doesn’t constitute probable cause”) But users can be lazy and let the machine do the thinking for them. That’s on the user, not the tech.<br><!-----------------------------------------------------------------------------></p><p id="sbbw5"><strong>Fair point, I guess.</strong> But <a title="read the full text" href="https://www.reddit.com/r/technology/comments/1ll5vrv/ice_is_using_a_new_facial_recognition_app_to/mzxod6a/" target="_blank" rel="ugc noopener">u/Charming_Motor_919</a> thinks the problem is broader than that:</p><p style="padding-left: 40px;">The problem with things like facial recognition in law enforcement is that whether it’s accurate or inaccurate, it still poses ethical and philosophical concerns:<br>— If it’s inaccurate, there’s the likelihood of falsely identifying someone for persecution.<br>— If it’s accurate, it’s another cog in the machine that is a surveillance state.<br>Neither is good.<br><!-----------------------------------------------------------------------------></p><p id="sbbw6"><strong>Too much?</strong> <a title="read the full text" href="https://news.ycombinator.com/item?id=44393150" target="_blank" rel="ugc noopener">amy_petrik</a> reminds us why it might be important:</p><p style="padding-left: 40px;">Here’s the thing: If I flew to Japan, overstayed the visa, took a job under the table, just hung out living there, … have a Japan anchor baby, live there without any … immigration paperwork whatsoever, and enjoy the free healthcare, … I would not be surprised that, … I would naturally be deported.<br><!-----------------------------------------------------------------------------></p><p id="sbbw7"><strong>But they’re using the immigration desk photos!</strong> <a title="read the full text" href="https://www.newsweek.com/ice-face-recognition-app-deportations-phone-immigration-2091619#:~:text=duh.%20What%20do%20you%20think%20they%20do%20with%20those%20photos%20every%20time%20you%20go%20through%20customs%2C%20or%20in%20the%20case%20of%20these%20illegals%2C%20get%20caught%20crossing%20illegally." target="_blank" rel="ugc noopener">Spidey Craig</a> eyerolls furiously:</p><p style="padding-left: 40px;">Duh. What do you think they do with those photos every time you go through customs?<br><!-----------------------------------------------------------------------------></p><p id="sbbw8"><strong>Zoom out.</strong> <a title="read the full text" href="https://reason.com/2025/06/27/how-dhs-facial-recognition-tech-spread-to-ice-enforcement/?comments=true#comments:~:text=So%20facial%20recognition%20is%20only%20a%20problem%20when%20used%20by%20ICE%3F%20It%27s%20not%20like%20every%20single%20one%20of%20us%20was%20already%20under%20surveillance%20on%20every%20street%20corner%20and%20highway%20every%20day.%20I%27d%20like%20to%20feel%20your%20pain%20but%20the%20paste%20is%20out%20and%20the%20tube%20is%20empty." target="_blank" rel="ugc noopener">Gaear Grimsrud</a> offers this colorful metaphor:</p><p style="padding-left: 40px;">So facial recognition is only a problem when used by ICE? It’s not like every single one of us was already under surveillance on every street corner and highway every day. … The paste is out and the tube is empty.<br><!-----------------------------------------------------------------------------></p><p id="sbbw12"><strong>Meanwhile,</strong> <a title="read the full text" href="https://slashdot.org/comments.pl?sid=23719145&amp;cid=65453119" target="_blank" rel="ugc noopener">mspohr</a> sounds <i>slightly</i> cynical:</p><p style="padding-left: 40px;">Cops aren’t particularly concerned if they identify the “right” person. As long as they have <em>someone</em> identified as a criminal, they are happy.<br><!-----------------------------------------------------------------------------></p><p><b><a title="And Finally" href="https://www.youtube.com/watch?v=9DIg0ii0ywQ&amp;list=PL9zSC5i495YMjIuJjxToNGU8Ve7Gd5Rvj" target="_blank" rel="noopener">Falling hearts, open forever</a></b><script async defer src="https://scripts.withcabin.com/hello.js" type="62ebcb669465b84bd25e62ab-text/javascript"></script><!-- zero-cookie analytics privacy: https://withcabin.com/privacy/securityboulevard.com --></p><p><a href="https://www.youtube.com/watch?v=6X3B1nDbnzw&amp;list=PL9zSC5i495YMjIuJjxToNGU8Ve7Gd5Rvj" target="_blank" rel="noopener">Previously in <em>And Finally</em></a></p><hr><p><em>You have been reading <i>SB Blogwatch</i> by <a href="https://www.richi.uk/" target="_blank" rel="noopener">Richi Jennings</a>. Richi curates the best bloggy bits, finest forums, and weird­est web­sites—so you don’t have to. Hate mail may be directed to  <a href="https://twitter.com/richi" target="_blank" rel="ugc noopener">@RiCHi</a>, <a href="https://threads.net/@richij" target="_blank" rel="ugc noopener">@richij</a>, <a href="https://vmst.io/@richi" target="_blank" rel="ugc noopener">@<span class="__cf_email__" data-cfemail="76041f151e1f36001b0502581f19">[email protected]</span></a>, <a href="https://bsky.app/profile/richi.bsky.social" target="_blank" rel="ugc noopener">@richi.bsky.social</a> or <a href="/cdn-cgi/l/email-protection#2e5d4c4c596e5c474d4647004d41005b45115d5b4c444b4d5a13035d4c4c5903"><span class="__cf_email__" data-cfemail="5a2938382d1a2833393233742f31">[email protected]</span></a>. Ask your doctor before reading. Your mileage may vary. Past per­formance is no guar­antee of future results. Do not stare into laser with re­maining eye. E&amp;OE. 30.</em></p><p>Image sauce: <a href="https://unsplash.com/photos/the-statue-of-liberty-is-shown-against-a-blue-sky-CkzZjuQB0hM" target="_blank" rel="noopener" name="sbbwis">Chris Linnett</a> (via <a title="Some rights reserved" href="https://unsplash.com/license" target="_blank" rel="ugc noopener">Unsplash</a>; leveled and cropped)</p><div class="spu-placeholder" style="display:none"></div>

<p></p><center data-preserve-html-node="true">Authors/Presenters: Carl Richell (CEO And Founder, System76) <p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/cIAtdL00fZI?si=wjOfpiYYV_NaVfAk" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe> <p>Our sincere appreciation to <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb <strong><a href="https://www.youtube.com/playlist?list=PLjDc7gDlIASRAcG0cxWYOnNGwFnykUMNZ">LinuxFest Northwest 2025</a></strong> video content. Originating from the conference’s events located at the <strong><a href="https://www.btc.edu/">Bellingham Technical College in Bellingham, Washington</a></strong>; and via the organizations <strong><a href="https://www.youtube.com/@LinuxFestNorthwest">YouTube</a></strong> channel. </p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div> <p>Thanks and a Tip O’ The Hat to <strong><a href="https://www.verificationlabs.com/trey.html">Verification Labs</a></strong> :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending and appearing as speaker at the <strong><a href="https://www.linuxfestnorthwest.org/">LinuxFest Northwest</a></strong> conference.</p> <p></p></center></center><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="28e4dd804094d1b6986a73a4-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="28e4dd804094d1b6986a73a4-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p><a href="https://www.infosecurity.us/blog/2025/6/30/linuxfest-northwest-see-how-far-cosmic-has-come-this-year">Permalink</a></p><p> </p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/cIAtdL00fZI?si=wjOfpiYYV_NaVfAk">https://www.youtube-nocookie.com/embed/cIAtdL00fZI?si=wjOfpiYYV_NaVfAk</a> </p>

<h2>Why Should Businesses Prioritize NHIs Management?</h2><p>While human identities have consistently held the limelight in cybersecurity, a lesser-known, yet equally consequential, aspect is the management of non-human identities (NHIs). Of late, the importance of effective NHIs management has started piercing the corporate consciousness, but why is it so vital?</p><h2>Navigating the Terrain of Non-Human Identities</h2><p>Strategically speaking, effective NHI management holds the key to secure, scalable and efficient operations, especially in organizations leveraging cloud services. NHIs are machine identities, offering secure access to organizational resources. They are essentially a blend of a ‘Secret’ which is a unique, encrypted key, password or token akin to a passport and the permissions that a server grants to this Secret, comparable to a visa based on your passport. Managing NHIs and Secrets then, involves safeguarding both – the identities (or the ‘tourists’) and their access credentials (the ‘passports’) while concurrently monitoring their activities.</p><h3>Understanding the Importance of a Holistic Approach</h3><p>Effective NHI management emphasizes a comprehensive approach, securing machine identities and secrets across all stages of their lifecycle. From the discovery and classification phases to threat detection and remediation, every step carries significant weight. This holistic strategy stands in sharp contrast to limited protection measures like secret scanners. Platforms that concentrate on NHI management offer actionable insights into permissions, ownership, usage patterns, and potential vulnerabilities, paving the way for context-aware security.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h2>Unpacking the Benefits of Effective NHIs Management</h2><p>When executed correctly, NHI management unfolds an array of advantages. Let’s delve into the most prominent ones:</p><ul> <li><strong>Reduced Risk:</strong> Proactively identifying and mitigating cybersecurity risks can reduce the likelihood of security breaches and data leaks, ensuring more secure operations.</li> <li><strong>Improved Compliance:</strong> Policing and implementing regulatory requirements become smoother with NHI management, which also provides audit trails for increased transparency.</li> <li><strong>Increased Efficiency:</strong> Automating the management of NHIs and Secrets liberates security teams to concentrate on strategic initiatives, thus boosting overall productivity.</li> <li><strong>Enhanced Visibility And Control:</strong> Offering a centralized access management and governance view disables unauthorized access and maintains a secure environment.</li> <li><strong>Cost Savings:</strong> By streamlining processes and automating Secrets’ rotation and NHIs’ decommissioning, NHI management helps in reducing operational costs.</li> </ul><h3>Fostering a Transformative Shift</h3><p>The fact that NHIs management is no longer an option but a necessity is gradually becoming evident. By empowering teams with the tools and knowledge required for effective NHI management, organizations can secure their digital assets, reduce risks, and drive operational efficiency. With resources like <a href="https://entro.security/blog/secrets-security-and-soc2-compliance/">Secrets Security and SOC2 Compliance</a>, <a href="https://entro.security/blog/non-human-identities-and-data-security-in-financial-services/">Non-Human Identities and Data Security in Financial Services</a>, and <a href="https://entro.security/blog/challenges-and-best-practices-in-iac-secrets-security/">Challenges and Best Practices in IaC Secrets Security</a>, organizations can gain valuable insights, and pave the way for an empowered, secure digital future.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="5a09225a479a8e192212fb3d-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="5a09225a479a8e192212fb3d-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h3>Navigating NHIs Management in Different Industries</h3><p>Many industries including healthcare, finance, travel, and the software development sector, are experiencing a dramatic increase in their NHI usage. Moreover, teams responsible for Security Operations Centers (SOCs) are also realizing the importance of robust NHIs management practices, primarily driven by the shift towards a cloud-based operations model.</p><p>In healthcare for example, numerous entities need access to critical systems and protected health information, from clinical applications, imaging systems and more. Often, these are machine-based identities requiring robust NHIs and secrets management practices.</p><p>Similarly, financial institutions have long led the charge in using machine-to-machine interactions for daily transactions. The increasing use of artificial intelligence and machine learning in financial services has further grown the need for effective NHIs management. These institutions require sophisticated NHIs management strategies to support governance, risk management, and compliance initiatives, and to protect against fraud.</p><p>For travel organizations, NHIs are crucial as large portions of booking and ticketing actions are increasingly automated. Robust management of these identities helps ensure the smooth functioning of these critical systems while maintaining the high security standards needed in this industry.</p><p>While these industries differ in many respects, they all share the need to manage NHIs effectively. From managing remote assets or supporting audit trails, to maintaining a constantly evolving permissions structure, NHI management addresses multiple security aspects vital to the functioning of these sectors.</p><h3>Future of NHIs Management</h3><p>The future landscape of NHIs management is relying highly on automation and orchestration. There is an increasing need for automated NHIs discovery, classification, and management along with orchestration platforms that integrate various security and IT systems. Efficient automation reduces the chance of human error, increases security, and boosts operational efficiency.</p><p>Automation can remove the burden of manual rotations and provisioning, make the NHIs decommissioning process more streamlined, and eliminate the potential for ‘orphaned’ non-human identities that can become a considerable security risk. Also, orchestrating NHIs management with other IT systems will ensure that changes are reflected and synchronized across different platforms, reducing inconsistencies and improving overall security.</p><p>Moreover, zero-trust architecture is increasingly being adapted into NHI security strategies. With this approach, each interaction is verified and never implicitly trusted, reducing the potential for security breaches.</p><h2>Embracing NHIs Management</h2><p>It’s time that organizations began to treat NHIs with the same level of attention and security rigor traditionally applied to human identities. With the exponential growth of machine identities and the increasingly complex and hybrid IT environment, effective management of NHIs has never been more critical.</p><p>Embracing NHI management is not about replacing human workforce or making an enterprise entirely machine-operated. Instead, it’s a strategic move to create a more secure, efficient digital, capable of supporting both human and machine identities in harmony. It’s a move that ensures high-level security, governance, and control, and creates a foundation for efficient operational workflow and risk mitigation.</p><p>By taking proactive steps and incorporating NHI management into their cybersecurity strategy, businesses can ensure that they are well-armed to deal with the security challenges of the modern and future digital environment. MI-managing machine identities can be daunting, but with the right tools, the right knowledge, and a holistic approach, organizations can successfully navigate the complexities and reap the benefits offered by effective NHIs management.</p><p>Remember, as the number of non-human identities continues to grow, so too does the potential for security risks. Therefore, proactive planning for non-human identities’ management is just as critical as defenses against traditional cybersecurity threats. Effective NHI management is not an option; it is a necessity to ensure that your organization’s digital assets remain protected and continue to provide value to your business. Your endeavor in effective NHIs management will pave the way towards a secure, optimized, and cost-effective digital future.</p><h3>Further Learning</h3><p>NHIs management is a vast field, intersecting various areas of modern digital infrastructure. Following are some additional resources for your further reading:<br> <a href="https://entro.security/blog/use-case-secure-non-human-identities/">Secure Non-Human Identities – A use case</a><br> <a href="https://entro.security/blog/best-practices-maintaining-secrets-security-in-development-stage/">Best practices for maintaining Secrets Security in the development stage</a><br> <a href="https://entro.security/blog/common-secrets-security-misconfigurations-that-create-vulnerabilities/">Common Secrets Security misconfigurations that create vulnerabilities</a></p><p>Remember, security is an ongoing quest and there is always more to learn in the fight against cyber threats.</p><p>The post <a href="https://entro.security/empower-your-team-through-efficient-nhis-management/">Empower Your Team Through Efficient NHIs Management</a> appeared first on <a href="https://entro.security/">Entro</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://entro.security/">Entro</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Alison Mack">Alison Mack</a>. Read the original post at: <a href="https://entro.security/empower-your-team-through-efficient-nhis-management/">https://entro.security/empower-your-team-through-efficient-nhis-management/</a> </p>

<p>The cybersecurity industry is increasingly exploring AI-driven solutions to enhance Security Operations Centers (SOCs). Among these, agentic AI, comprising multiple autonomous agents handling specific tasks, has gained attention. However, this approach introduces several challenges:</p><ul class="wp-block-list"> <li><strong>Operational Complexity</strong>: Managing numerous agents can lead to coordination issues and increased overhead.</li> <li><strong>Security Risks</strong>: Each agent represents a potential attack vector, expanding the threat surface.</li> <li><strong>Auditability Concerns</strong>: Tracking decisions and actions across multiple agents complicates compliance and forensic investigations.</li> </ul><p>Recent studies highlight these concerns. For instance, a <a href="https://www.sailpoint.com/identity-library/ai-agents-attack-surface" rel="noreferrer noopener">recent survey revealed</a> that 80% of companies experienced unintended actions by AI agents, including unauthorized access and data sharing. Moreover, only 52% of professionals had full visibility into the data their agents could access, underscoring the governance challenges associated with agentic AI.</p><figure class="wp-block-image size-large"><img fetchpriority="high" decoding="async" width="1024" height="1007" src="https://d3security.com/wp-content/uploads/2025/06/MYX-2-1-1024x1007.png" alt="Morpheus AI interface showing playbook generation with horizontal and vertical threat hunting logic running on integrated security tools" class="wp-image-56023" srcset="https://d3security.com/wp-content/uploads/2025/06/MYX-2-1-1024x1007.png 1024w, https://d3security.com/wp-content/uploads/2025/06/MYX-2-1-300x295.png 300w, https://d3security.com/wp-content/uploads/2025/06/MYX-2-1-768x756.png 768w, https://d3security.com/wp-content/uploads/2025/06/MYX-2-1-1536x1511.png 1536w, https://d3security.com/wp-content/uploads/2025/06/MYX-2-1.png 1920w" sizes="(max-width: 1024px) 100vw, 1024px"></figure><h2 class="wp-block-heading">Morpheus: A Unified Approach to Autonomous Security</h2><p><a href="https://d3security.com/morpheus/">Morpheus offers</a> a different path: combining the adaptability of AI with the structured governance of traditional playbooks. As a centralized, persistent <a href="https://d3security.com/whats-an-autonomous-soc/">Autonomous SOC</a> engine, Morpheus provides:</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><ul class="wp-block-list"> <li><strong>Dynamic Workflow Generation</strong>: Instead of relying on static playbooks, Morpheus autonomously generates workflows based on real-time context, ensuring that responses are tailored to the specifics of each incident.</li> <li><strong>Centralized Control and Visibility</strong>: All actions and decisions are logged within a single platform, facilitating easy auditing and compliance reporting.</li> <li><strong>Scalable and Resilient Operations</strong>: Morpheus can handle a high volume of alerts across diverse environments without the need for multiple, specialized agents.</li> </ul><p>This unified approach addresses the shortcomings of both traditional playbooks and agentic AI, delivering a more robust and manageable solution for modern security operations.</p><figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"> <div class="wp-block-embed__wrapper"> <iframe title="Morpheus AI's Incident Response Priority Score" width="500" height="281" src="https://www.youtube.com/embed/tMGJa7AdOA4?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe> </div> </figure><h2 class="wp-block-heading">Key Considerations When Evaluating AI Solutions for the SOC</h2><p>When assessing AI-driven security solutions, consider the following factors:</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="ef7b074785efed06b27021b6-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="ef7b074785efed06b27021b6-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><ol class="wp-block-list"> <li><strong>Integration Capabilities</strong>: Ensure the solution can seamlessly integrate with your existing security infrastructure, including SIEMs, EDRs, and cloud platforms.</li> <li><strong>Policy Alignment</strong>: The AI should operate within the bounds of your organization’s security policies, ensuring consistent and compliant responses.</li> <li><strong>Transparency and Auditability</strong>: Look for solutions that provide clear, documented reasoning for their actions, facilitating trust and compliance.</li> <li><strong>Scalability</strong>: The solution should be able to handle increasing volumes of alerts without degradation in performance.</li> <li><strong>Operational Efficiency</strong>: Evaluate how the solution reduces manual workloads, accelerates response times, and enhances overall SOC efficiency.</li> </ol><figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"> <div class="wp-block-embed__wrapper"> <iframe title="Morpheus: The AI-Powered Analyst Workspace" width="500" height="281" src="https://www.youtube.com/embed/vicWaah3EDY?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe> </div> </figure><h2 class="wp-block-heading">Embracing Centralized Autonomy for Effective Security Operations</h2><p>While agentic AI offers the allure of modular automation, it often introduces complexities and vulnerabilities that can undermine security operations. By adopting a centralized, persistent Autonomous SOC engine like Morpheus, organizations can achieve scalable, reliable, and secure automation, ensuring that security operations are both efficient and trustworthy.</p><p>Discover how Morpheus can transform your SOC operations<strong>.</strong> <a href="https://d3security.com/demo">Request a demo</a> today.</p><p>The post <a href="https://d3security.com/blog/centralized-autonomy-vs-agentic-ai-soc-solutions/">Evaluating AI Solutions for the SOC: Why Centralized Autonomy Outperforms Agentic AI</a> appeared first on <a href="https://d3security.com/">D3 Security</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://d3security.com/">D3 Security</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Alex MacLachlan">Alex MacLachlan</a>. Read the original post at: <a href="https://d3security.com/blog/centralized-autonomy-vs-agentic-ai-soc-solutions/">https://d3security.com/blog/centralized-autonomy-vs-agentic-ai-soc-solutions/</a> </p>

<p>The Digital Personal Data Protection Act (DPDPA) marks a turning point for data privacy in India. Passed in 2023, the Act establishes a clear framework for the collection, processing, storage, and protection of personal data. For enterprises, it signals a deeper shift in how data responsibilities are assigned, and how businesses must be structured to protect personal information by design.</p><p>At its core, the DPDPA is about empowering individuals to have more control over their personal data. It introduces concepts like consent-based processing, purpose limitation, data minimization, and the role of a Data Protection Officer. It also places strict obligations on Data Fiduciaries (entities that collect personal data) to protect it using reasonable safeguards.</p><p>More importantly, the Act empowers the Data Protection Board to impose penalties. This is not symbolic. It’s enforcement ready. And that makes DPDPA a business risk as much as it is a legal mandate.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h2 class="wp-block-heading" id="h-what-does-your-organization-need-to-comply-to-dpdpa">What Does Your Organization Need to Comply to DPDPA?</h2><p>You need evidence to ensure that:</p><ul class="wp-block-list"> <li>Personal data of all data principals is processed only with the individual’s free, informed, and unambiguous consent, unless a lawful exemption applies.</li> <li>Personal data of all data principals is collected only for specified, lawful purposes and is not used beyond that scope.</li> <li>Only the personal data necessary for the intended purpose is collected and processed.</li> <li>Clear, itemized notices in simple language about the collection, usage, and rights related to personal data are provided to all data principals.</li> </ul><p>And you will need more than just policy documents. You need systems that can adapt to the dynamic nature of data flow. Consent must be recorded, revocable, and auditable. Data must be stored securely and deleted when no longer required. Your employees must be trained to avoid violations. And you need a team of competent professionals, people who are not only skilled and experienced, but also capable of keeping everyone informed about changes in the law.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="0ddaf4b25d2e9754781a5c22-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="0ddaf4b25d2e9754781a5c22-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>Then there are Data Fiduciary responsibilities.</p><p>Data Fiduciaries must:</p><ul class="wp-block-list"> <li>Inform all data principals about the purpose of data processing, their rights, and the process for filing complaints.</li> <li>Obtain verifiable parental consent and avoid behavioral tracking or targeted advertising for children.</li> <li>Establish mechanisms for individuals to raise concerns and seek redress.</li> <li>Implement reasonable safeguards to prevent data breaches and unauthorized access.</li> </ul><p>But preparing for DPDPA goes beyond legal interpretation and complex operational processes for data privacy and consent management. The harsh reality behind the hype is that all this effort can be undone, and your reputation will be at stake, if you are breached. It takes more than a policy and a firewall to implement reasonable safeguards that make you breach ready.</p><h2 class="wp-block-heading" id="h-the-hidden-hazards-of-a-breach">The Hidden Hazards of a Breach</h2><p>The consequences of failure are severe. Penalties of up to ₹250 crore per instance of non-compliance, ₹200 crore for failure to notify breaches, and an individual penalty of ₹10,000 for breach of duties that lead to a violation.</p><p>In a world where increasing investment in cybersecurity tools is not slowing down breaches, organizations preparing for DPDPA must invest in foundational capabilities to ensure breaches are defended against in the most proactive ways. It requires a mindset shift, from compliance to resilience. From ticking boxes to ensuring that entities are prepared for the next breach, have the necessary technology and operational processes to contain and withstand it if it happens, and possess a mechanism to continuously improve these capabilities.</p><p>The law is clear about obligations. But it remains silent on how organizations are expected to design systems that can withstand real-world testing. That’s where readiness, and the investments you make now, become critical.</p><h3 class="wp-block-heading" id="h-breach-exposure-poses-a-significant-risk-to-compliance">Breach exposure poses a significant risk to compliance.</h3><p>When attackers get in, they don’t just steal data, they halt operations. And that impact is hard to quantify until it happens. Studies show the average downtime after a ransomware incident is around 24 days. The recovery cost? About $5 million per event. These are becoming the norm.</p><p>If there is another breach at Air India, Domino’s India, Star Health, or AngelOne after DPDPA becomes law, the organizations—and their leadership—will face a very different impact than what they’ve experienced before. The DPDPA doesn’t just ask organizations to protect data; it assumes that breaches will happen and asks how you’ll respond. It mandates breach reporting and timely intimation to affected individuals. That means you need visibility, containment, and recovery processes already in place.</p><p>While the DPDPA centers on consent, purpose, and transparency, the ability to enforce these principles rests on the security of your systems. That’s why enterprises must view DPDPA through the lens of a <a href="https://colortokens.com/breach-ready/" rel="noreferrer noopener">breach-ready cyber defense</a> architecture that can lead to digital resilience.</p><p><strong>The questions are changing.</strong></p><p>You now need to know:</p><ul class="wp-block-list"> <li>Should a breach happen, would you be able to prevent it from spreading?</li> <li>Would you be able to accurately identify and isolate affected areas in a timely manner—without negatively impacting your business?</li> <li>Will critical services remain operational even during an attack?</li> </ul><p>That is where breach readiness comes in. And it begins long before an attack happens.</p><p>The question you now need to ask is: <strong>Are you breach ready?</strong></p><p>Breach readiness is the ability to anticipate, withstand, and recover from cyber incidents. It assumes that attackers will get in. Your job is to stop them from moving further.</p><p>The challenge is that traditional security models are too static. They rely on perimeter defenses and detection tools. But modern attacks are stealthy. Once inside, they move laterally, jumping from one system to another, until they find something valuable. If you don’t have controls inside the network, you won’t see it coming.</p><p>That’s why organizations are turning to <a href="https://colortokens.com/microsegmentation/" rel="noreferrer noopener">microsegmentation</a>.</p><p class="p-5 has-background" style="background-color:#e1f4f0"><a href="https://colortokens.com/report/forrester-wave-microsegmentation/" rel="noreferrer noopener">Access Forrester Wave Report</a> | Know Why Forrester Named us a Leader in Microsegmentation</p><h2 class="wp-block-heading" id="h-where-does-microsegmentation-come-in">Where Does Microsegmentation Come In?</h2><p>Microsegmentation is the practice of dividing your infrastructure into smaller, secure zones. Each zone is governed by its own policies, limiting how users and applications interact with each other. It stops lateral movement; the very mechanism attackers use to expand their reach.</p><p>Most tools focus only on network-level controls. They don’t give you the visibility into how attacks propagate. They don’t help you adapt policies based on changing workloads. And they don’t prioritize which assets need protection first.</p><p>To be truly breach-ready, you need microsegmentation that is dynamic, intelligent, and aligned with business risk.</p><h2 class="wp-block-heading" id="h-the-foundational-layer-for-breach-readiness-xshield">The Foundational Layer for Breach Readiness: Xshield</h2><p><a href="https://colortokens.com/products/xshield-microsegmentation-platform/" rel="noreferrer noopener">ColorTokens Xshield</a> is designed for this exact purpose. It takes microsegmentation beyond traditional boundaries. It gives you a live map of your environment, applications, users, dependencies, vulnerabilities, so you can see where the risk is and act fast.</p><p>Instead of static rules, Xshield uses dynamic tags, policy templates, and automation to continuously adapt your defenses. It sets up micro-perimeters around critical assets without disrupting operations. It also allows you to instantly block unauthorized connections, shut down high-risk ports, and isolate infected zones.</p><p>When a breach happens, Xshield helps you quarantine compromised zones and preserve business continuity. You don’t just stop the attack, you keep your services running.</p><p>More importantly, <a href="https://colortokens.com/report-download/be-breach-ready-with-colortokens-xshield/" rel="noreferrer noopener">Xshield helps you prepare</a> in advance. You can simulate attack scenarios, test your segmentation strategies, and close visibility gaps. You know exactly how to respond before the breach even happens.</p><p>That is the level of preparedness DPDPA demands,<strong> </strong>even if it doesn’t say so explicitly.</p><h2 class="wp-block-heading" id="h-planning-for-dpdpa-means-planning-for-breach-readiness">Planning for DPDPA Means Planning for Breach Readiness</h2><p>If your data protection plan ends at compliance documents, you’re not ready. You need systems that respond to evolving threats. You need visibility, control, and the ability to contain damage. You need to make sure your critical services stay up even when attackers break through.</p><p>DPDPA is not the end goal. It is the beginning of a new operating standard— <br> <br><strong>One where data protection is part of your architecture.</strong> <br><strong>One where resilience is your baseline.</strong> </p><p>And foundational capabilities like Xshield are what make that possible.</p><p><em>Explore how Xshield can help you contain threats, reduce downtime, and stay compliant. </em><a href="https://colortokens.com/demo/" rel="noreferrer noopener"><em>Get a demo</em></a><em>.</em></p><p>The post <a href="https://colortokens.com/blogs/dpdpa-breach-ready-microsegmentation/">Going Beyond the Hype of DPDPA Compliance: Are You Breach Ready?</a> appeared first on <a href="https://colortokens.com/">ColorTokens</a>.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://colortokens.com/">ColorTokens</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Tanuj Mitra">Tanuj Mitra</a>. Read the original post at: <a href="https://colortokens.com/blogs/dpdpa-breach-ready-microsegmentation/">https://colortokens.com/blogs/dpdpa-breach-ready-microsegmentation/</a> </p>

<p>As June 2025 wraps up, we’re back with another monthly roundup of AWS privileged permission changes and service updates that could reshape your cloud security posture. Each month brings a wave of new permissions — and with them, potential pathways for unauthorized access, policy evasion, and abuse of trust boundaries. This month’s highlights include sensitive updates across EC2, AWS Backup, Security Hub, and Bedrock, with several permissions impacting automation workflows, restore approvals, and connector integrity. Understanding these changes is critical for proactive privilege management and staying ahead of emerging risks. Dive in below to see what’s new — and why it matters for securing your AWS environment.</p><h3 class="wp-block-heading">New Region</h3><p>Asia Pacific (Taipei)</p><p><strong>API name:</strong> ap-east-2</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p><strong>Availability zones:</strong> 3</p><h2 class="wp-block-heading"><strong>Existing Services with New Privileged Permissions</strong></h2><h3 class="wp-block-heading"><strong><strong>EC2</strong></strong></h3><p><strong>Service Type: Compute Services</strong></p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="47126b1af6bfd513ac61a617-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="47126b1af6bfd513ac61a617-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><h4 class="wp-block-heading">Permission: ec2:CreateMacSystemIntegrityProtectionModificationTask</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create a System Integrity Protection (SIP) modification task for an Amazon EC2 Mac instance</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Enables actions that directly impact the security boundaries of macOS EC2 instances by manipulating System Integrity Protection (SIP).</li> </ul><h3 class="wp-block-heading">AWS Backup</h3><p><strong>Service Type: Archival, Backup and Recovery</strong></p><h4 class="wp-block-heading">Permission: backup:DisassociateBackupVaultMpaApprovalTeam</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to disassociate an MPA approval team from a backup vault</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Disables the restore approval workflow by removing the designated approval team from a backup vault, potentially allowing unauthorized or unapproved restore operations.</li> </ul><h4 class="wp-block-heading">Permission: backup:AssociateBackupVaultMpaApprovalTeam</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to associate an MPA approval team with a backup vault</li> <li><strong>Mitre Tactic:</strong> Privilege Escalation</li> <li><strong>Why it’s privileged: </strong>Overrides the existing approval team on a backup vault, potentially redirecting restore approvals to an unintended or unauthorized team.</li> </ul><h3 class="wp-block-heading">AWS Security Hub</h3><p><strong>Service Type: Security and Compliance</strong></p><h4 class="wp-block-heading">Permission: securityhub:UpdateConnectorV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update a connector V2 in Security Hub based on connector id and input parameters</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Redirects security issues by modifying the JIRA projectKey in the connector configuration without requiring re-registration, potentially causing issues to be sent to an unintended destination.</li> </ul><h4 class="wp-block-heading">Permission: securityhub:DeleteAutomationRuleV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to delete an automation rule V2 in Security Hub</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Deletes an automation rule, potentially disrupting security workflows and preventing expected automatic responses to findings.</li> </ul><h4 class="wp-block-heading">Permission: securityhub:ConnectorRegistrationsV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to complete the OAuth 2.0 authorization code flow based on input parameters</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Authenticates and finalizes connector registration, enabling integration with external systems like Jira and potentially exposing sensitive workflows if misused.</li> </ul><h4 class="wp-block-heading">Permission: securityhub:UpdateAutomationRuleV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to update an automation rule V2 in Security Hub based on rule Amazon Resource Name (ARN) and input parameters</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Modifies automation rules, potentially altering security workflows and allowing unauthorized changes to detection or response behavior.</li> </ul><h4 class="wp-block-heading">Permission: securityhub:DisableSecurityHubV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to disable Security Hub V2</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Disables Security Hub for the account, effectively halting security data aggregation, analysis, and automated response actions.</li> </ul><h4 class="wp-block-heading">Permission: securityhub:CreateAutomationRuleV2</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create an automation rule V2 based on input parameters</li> <li><strong>Mitre Tactic:</strong> Defense Evasion</li> <li><strong>Why it’s privileged: </strong>Creates automation rules that define how Security Hub responds to findings, potentially enabling unauthorized or malicious automated actions.</li> </ul><h3 class="wp-block-heading">Amazon Bedrock</h3><p><strong>Service Type: Artificial Intelligence &amp; Machine Learning</strong></p><h4 class="wp-block-heading">Permission: bedrock:CreateCustomModel</h4><ul class="wp-block-list"> <li><strong>Action:</strong> Grants permission to create a custom model into Bedrock</li> <li><strong>Mitre Tactic:</strong> Resource Development</li> <li><strong>Why it’s privileged: </strong>Creates a custom foundation model, potentially embedding unauthorized data or behaviors that can impact downstream applications and security controls.</li> </ul><h2 class="wp-block-heading">New Services</h2><h3 class="wp-block-heading">Amazon Elastic Virtualization Services</h3><p><strong>Service Type: Compute Services</strong></p><p><em><em>No privileged permissions</em></em></p><h3 class="wp-block-heading">AWS Support Console</h3><p><strong>Service Type: Support and Service Management</strong></p><p><em><em>No privileged permissions</em></em></p><h3 class="wp-block-heading">Multi-Party Approval</h3><p><strong>Service Type: Identity and Access Management</strong></p><p><em><em>No privileged permissions</em></em></p><h2 class="wp-block-heading"><strong>Conclusion</strong></h2><p>As AWS continues to expand its services and deepen integrations, the complexity and impact of new permissions grow with it. This month’s highlights — from altering macOS system protections in EC2 to quietly redirecting Security Hub automation or disabling backup restore approvals — illustrate how privileged access can subtly undermine security workflows and trust boundaries.</p><p>Sonrai Security’s Cloud Permissions Firewall empowers teams to get ahead of these risks by delivering cloud-native Privileged Access Management. We help organizations automatically detect and lock down high-risk permissions, enforce least privilege across identities and resources, and stay secure as AWS evolves. Because in the cloud, privilege is everywhere — and controlling it is everything.</p><figure class="wp-block-image size-full"><a href="https://sonraisecurity.com/cloud-security-platform/cloud-permissions-firewall/"><img fetchpriority="high" decoding="async" width="1584" height="365" src="https://sonraisecurity.com/wp-content/uploads/ad-blog-sensitive-permissions.png" alt="secure sensitive permissions" class="wp-image-28438"></a></figure><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://sonraisecurity.com/">Sonrai | Enterprise Cloud Security Platform</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Adeel Nazar">Adeel Nazar</a>. Read the original post at: <a href="https://sonraisecurity.com/blog/june-recap-new-aws-services-and-privileged-permissions/">https://sonraisecurity.com/blog/june-recap-new-aws-services-and-privileged-permissions/</a> </p>

<p><img decoding="async" src="https://guptadeepak.com/content/images/2025/06/AI-Tools-transforming-Business-Operations.png" alt="AI Tools Transforming Business Operations in 2025"></p><p>The artificial intelligence revolution has reached a critical inflection point for businesses, with 78% of organizations now using AI in at least one business function—<a href="https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai" rel="noreferrer">a dramatic increase from 55% in 2023</a>. The global AI market is projected to explode from <a href="https://www.grandviewresearch.com/industry-analysis/artificial-intelligence-ai-market" rel="noreferrer">$390.90 billion in 2025 to $1.77 trillion by 2032</a>, representing a staggering 29.2% compound annual growth rate. This isn't just about experimental adoption anymore; it's about fundamental business transformation, with companies achieving <a href="https://www.bcg.com/press/24october2024-ai-adoption-in-2024-74-of-companies-struggle-to-achieve-and-scale-value" rel="noreferrer">3.7x ROI on generative AI investments</a> and experiencing 2.5x higher revenue growth compared to non-AI peers.</p><p>While most organizations have begun their AI journey, only <a href="https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/superagency-in-the-workplace-empowering-people-to-unlock-ais-full-potential-at-work" rel="noreferrer">1% describe their deployments as "mature"</a>, revealing a significant gap between adoption and optimization. The winners in this new landscape won't just be early adopters, but organizations that strategically implement AI tools to solve real business problems while building robust governance frameworks. This comprehensive guide examines the most impactful AI tools reshaping business operations in 2025, with special focus on emerging platforms like LogicBalls and GrackerAI that are democratizing AI access across industries.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><h2 id="content-creation-and-marketing-ais-most-mature-application">Content Creation and Marketing: AI's Most Mature Application</h2><p>The content marketing AI space has reached impressive maturity, with <a href="https://blog.hubspot.com/marketing/hubspot-blog-marketing-industry-trends-report" rel="noreferrer"><strong>85% of marketers now using AI tools for content creation</strong></a> and reporting 25% more marketing success compared to non-AI users. Industry leaders have evolved from simple text generation to comprehensive marketing workflow automation.</p><figure class="kg-card kg-image-card"><img decoding="async" src="https://guptadeepak.com/content/images/2025/06/Various-application-for-business-ops.png" class="kg-image" alt="AI Tools Transforming Business Operations in 2025" loading="lazy" width="1024" height="1024" srcset="https://guptadeepak.com/content/images/size/w600/2025/06/Various-application-for-business-ops.png 600w, https://guptadeepak.com/content/images/size/w1000/2025/06/Various-application-for-business-ops.png 1000w, https://guptadeepak.com/content/images/2025/06/Various-application-for-business-ops.png 1024w" sizes="auto, (min-width: 720px) 720px"></figure><h3 id="enterprise-grade-content-orchestration">Enterprise-grade content orchestration</h3><p><a href="https://www.jasper.ai/use-cases/copywriting" rel="noreferrer"><strong>Jasper</strong></a><strong> leads the enterprise content creation market</strong> with 125,000+ active users including Fortune 100 companies. The platform's Brand Voice technology learns and maintains company voice consistency across all content, while advanced workflow automation enables teams to scale content production without proportional team growth. Case studies demonstrate 113% increase in blog output and 40% increase in site traffic, with Harley Davidson reporting a remarkable 2,930% increase in leads.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="9ea368150e3c6ed5479b8875-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="9ea368150e3c6ed5479b8875-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p><a href="https://www.copy.ai/blog/copy-ais-go-to-market-ai-platform-sees-480-revenue-growth-in-2024" rel="noreferrer"><strong>Copy.ai</strong></a><strong> has pivoted beyond content creation</strong> to become a comprehensive Go-to-Market AI platform, automating entire sales and marketing workflows. With 480% revenue growth in 2024 and customers reporting "multi-million dollar ROIs," Copy.ai represents the evolution toward full GTM workflow automation rather than point content solutions.</p><h3 id="visual-and-video-content-automation-reaches-production-quality">Visual and video content automation reaches production quality</h3><p><a href="https://www.canva.com/magic-design/" rel="noreferrer"><strong>Canva's</strong></a><strong> Magic Studio democratizes professional design</strong> with 170 million monthly active users and 90%+ Fortune 500 adoption. The platform's AI capabilities now include Magic Design for automated template creation, Magic Media for text-to-image/video generation, and Magic Switch for instant format conversion. Users report 10x faster content creation compared to traditional methods.</p><p><a href="https://www.synthesia.io/" rel="noreferrer"><strong>Synthesia</strong></a><strong> has captured the AI video market</strong> with 50,000+ customers including 60% of Fortune 100 companies. The platform's 230+ AI avatars in 140+ languages enable businesses to create professional training and communication videos at scale, with customers like Zoom reporting 90% reduction in video production time and BSH achieving 30% increase in engagement versus text-based training.</p><h2 id="productivity-and-automation-the-new-operating-system">Productivity and Automation: The New Operating System</h2><p>The global AI productivity tools market is experiencing explosive growth from $6.95 billion in 2023 to a projected $36.35 billion by 2030. <strong>Organizations are using AI in an average of 3 business functions</strong>, with 92% of executives agreeing their workflows will be digitized and use AI-enabled automation by 2025.</p><h3 id="intelligent-project-management-and-workflow-orchestration">Intelligent project management and workflow orchestration</h3><p><a href="https://monday.com/whats-new" rel="noreferrer"><strong>Monday.com</strong></a><strong> AI transforms project management</strong> through intelligent project planning, risk analysis, and resource allocation. Named a Leader in Gartner's 2024 Magic Quadrant for Adaptive Project Management, the platform serves 225,000+ customers across 200+ industries, enabling 50% reduction in manual work through AI automation.</p><p><a href="https://www.notion.com/" rel="noreferrer"><strong>Notion AI</strong></a><strong> creates unified productivity workspaces</strong> combining notes, databases, and project management with integrated AI capabilities. The platform's AI Q&amp;A searches across workspace content while AI connectors integrate Google Docs, Sheets, Slack, GitHub, and Jira for comprehensive enterprise search and automated content generation.</p><h3 id="meeting-intelligence-becomes-competitive-advantage">Meeting intelligence becomes competitive advantage</h3><p><a href="https://fireflies.ai/" rel="noreferrer"><strong>Fireflies.ai</strong></a><strong> provides 90%+ accuracy transcription in 69+ languages</strong> with AI-generated meeting summaries, sentiment analysis, and CRM integration. The platform's conversation intelligence capabilities enable sales teams to improve performance through detailed call analysis and automated CRM updates.</p><p><a href="https://www.usemotion.com/" rel="noreferrer"><strong>Motion App</strong></a><strong> represents the next generation of AI scheduling</strong>, automatically optimizing daily schedules by intelligently time-blocking tasks based on priorities, deadlines, and availability. Users report saving 30.3 days annually through optimized scheduling while reducing decision fatigue around task prioritization.</p><h2 id="customer-service-ai-agents-take-center-stage">Customer Service: AI Agents Take Center Stage</h2><p>The customer service AI landscape has transformed dramatically, with <strong>95% of AI-powered customer interactions expected by 2025</strong> and the market projected to grow at 34.9% CAGR to potentially reach $7.5 billion by 2024.</p><h3 id="autonomous-agents-achieve-human-level-resolution-rates">Autonomous agents achieve human-level resolution rates</h3><p><a href="https://www.intercom.com/" rel="noreferrer"><strong>Intercom's Fin AI Agent</strong></a><strong> leads the autonomous customer service revolution</strong>, resolving up to 65% of customer conversations end-to-end using GPT-4 technology. The platform works across all channels (email, chat, phone, SMS, social media) with resolution-based pricing at $0.99 per resolution, delivering significant cost savings while maintaining service quality.</p><p><strong>Zendesk AI Agents achieve 80%+ resolution rates</strong> with zero-training deployment and same-day setup. The platform's omnichannel support capabilities combined with proactive agent copilot features enable enterprises to scale operations without proportional staffing increases, with Lyft reporting 87% reduction in resolution times.</p><h3 id="voice-ai-reaches-production-readiness">Voice AI reaches production readiness</h3><p><strong>Synthflow's Voice AI Agents provide human-like conversations</strong> with 500ms latency across 30+ languages and dialects. The platform handles automated call operations for bookings, support, and lead qualification, with customers reporting 70% reduction in booking costs and 60% boost in scheduling efficiency.</p><p><strong>Retell AI focuses on enterprise reliability</strong> with 99.99% uptime and ultra-low latency voice interactions indistinguishable from human agents. The platform's SOC 2, HIPAA, and GDPR compliance makes it suitable for regulated industries requiring reliable, scalable voice AI operations.</p><h2 id="data-analysis-and-business-intelligence-ai-powered-insights">Data Analysis and Business Intelligence: AI-Powered Insights</h2><p>The AI-powered data analysis market is valued at $31.98 billion in 2024 and projected to reach $63.20 billion by 2032, driven by <strong>97% of financial institutions planning increased AI investments</strong> and 86% reporting positive revenue impact from AI.</p><h3 id="natural-language-querying-democratizes-data-access">Natural language querying democratizes data access</h3><p><strong>Tableau AI revolutionizes data visualization</strong> through Ask Data natural language query interface and Einstein AI integration for automated insights. As a Gartner Magic Quadrant Leader with strong Fortune 500 adoption, Tableau enables organizations to reduce time from data to insights by 60% while democratizing data access across non-technical users.</p><p><strong>Microsoft Power BI maintains market leadership</strong> as a Gartner Leader for 17 consecutive years, with Q&amp;A natural language processing and Copilot integration enhancing analytics workflows. The platform delivers 379% ROI according to Forrester studies, with organizations achieving 20-30% productivity gains through AI automation.</p><h3 id="predictive-analytics-becomes-accessible">Predictive analytics becomes accessible</h3><p><strong>DataRobot's automated machine learning platform</strong> enables non-data scientists to build ML models, reducing development time from months to days. The enterprise-focused platform improves forecast accuracy by 15-25% while accelerating time-to-value for predictive projects through 60+ automated algorithms and model explainability features.</p><p><strong>ThoughtSpot's search-driven analytics</strong> with Spotter AI Analyst enables business users to explore data through natural language queries. As a Gartner Leader in 2025 with notable customers including Coca-Cola and T-Mobile, ThoughtSpot reduces time-to-insight by 70% while increasing data engagement across organizations.</p><h2 id="sales-and-lead-generation-ai-transforms-revenue-operations">Sales and Lead Generation: AI Transforms Revenue Operations</h2><p><strong>81% of sales teams are experimenting with or have implemented AI</strong>, with 83% of AI-enabled teams experiencing revenue growth versus 66% without AI. The transformation spans conversation intelligence, lead generation, and revenue forecasting.</p><h3 id="conversation-intelligence-drives-sales-performance">Conversation intelligence drives sales performance</h3><p><a href="https://www.gong.io/" rel="noreferrer"><strong>Gong.io</strong></a><strong> leads conversation intelligence</strong> as a Forrester Wave 2024 Leader for Revenue Orchestration platforms. The platform's AI Smart Trackers identify concepts rather than just keywords in sales calls, enabling 35% higher win rates when using AI functionality and 50% increase in average win rates for deals where representatives completed AI-recommended actions.</p><p><strong>Salesforce Einstein dominates CRM AI integration</strong> as a Gartner Magic Quadrant Leader for 18 consecutive years. With Agentforce autonomous AI agents for sales development and predictive analytics, organizations report 33% faster meeting preparation and 10% increase in win rates with AI implementation.</p><h3 id="end-to-end-sales-intelligence-platforms-emerge">End-to-end sales intelligence platforms emerge</h3><p><strong>Apollo.io provides comprehensive B2B sales capabilities</strong> with access to 275+ million verified contacts and 73 million companies. The platform's AI Research Agent enables 46% more meetings booked and 35% increase in bookings with AI-powered messaging, serving 500,000+ companies with 500% year-over-year growth in AI platform usage.</p><p><strong>Clay revolutionizes data enrichment</strong> through AI-powered research automation and waterfall enrichment across 75+ data providers. With $40 million Series B funding and $1.25 billion valuation, Clay achieves 3x improvement in data enrichment rates while reducing manual research hours by 50%.</p><h2 id="design-and-creative-tools-ai-democratizes-professional-creativity">Design and Creative Tools: AI Democratizes Professional Creativity</h2><p>The AI-powered design tools market is projected to reach $15.06 billion by 2029 with 22.1% CAGR, driven by business adoption surging from 55% in 2023 to 78% in 2024.</p><h3 id="professional-design-capabilities-become-accessible">Professional design capabilities become accessible</h3><p><strong>Adobe Firefly integrates generative AI</strong> across the entire Creative Cloud ecosystem with commercially safe AI trained on licensed content. Custom model training enables brand consistency while API access through Firefly Services provides scalable solutions for high-volume production workflows.</p><p><strong>Midjourney captures premium creative market</strong> with distinctive artistic capabilities and commercial licensing for paid subscribers. The platform eliminates stock photo dependency while creating unique, brand-specific visuals, though it requires higher skill investment for optimal results.</p><h3 id="specialized-creative-workflows-emerge">Specialized creative workflows emerge</h3><p><strong>Runway AI leads professional video generation</strong> with Text-to-video and image-to-video capabilities used in major Hollywood productions. With $3 billion+ valuation and partnerships with Lionsgate, Runway dramatically reduces video production costs while enabling rapid prototyping of video concepts.</p><p><strong>Gamma.app transforms presentation creation</strong> through one-click generation from prompts and smart content structuring. Popular among Fortune 500 companies, the platform eliminates slide design time while providing professional layouts and integrated analytics for presentation optimization.</p><h2 id="development-and-coding-ai-transforms-software-creation">Development and Coding: AI Transforms Software Creation</h2><p>The Generative AI in DevOps market is projected to grow from $942.5 million in 2022 to $22.1 billion by 2032 at 38.20% CAGR, with <strong>75% of organizations expected to use AI-augmented DevOps tools by 2025</strong>.</p><h3 id="code-generation-reaches-production-quality">Code generation reaches production quality</h3><p><strong>GitHub Copilot dominates with over 1 million individual users</strong> and 20,000+ business customers. Named a Gartner Leader in AI Code Assistants, the platform provides 55% faster code completion across 25+ programming languages with enterprise-grade security and compliance features.</p><p><strong>Cursor IDE represents the AI-native development future</strong>, reaching $100 million ARR in 12 months with 40,000+ paying customers including engineers at OpenAI and Shopify. The platform's codebase-aware chat interface and agent mode for end-to-end task completion enable 2x productivity improvement over traditional tools.</p><h3 id="specialized-development-workflows-emerge">Specialized development workflows emerge</h3><p><strong>LambdaTest KaneAI revolutionizes testing</strong> as a GenAI native QA agent-as-a-service platform. Natural language test creation and AI-powered test data generation enable 70% reduction in testing time while improving test coverage and reliability.</p><p><strong>Spacelift with Saturnhead AI transforms DevOps</strong> through AI-powered infrastructure troubleshooting and automated failure resolution. The platform eliminates 1,000+ failed runs per week for enterprises while dramatically reducing mean time to resolution through intelligent log analysis.</p><h2 id="logicballs-democratizing-ai-for-cross-industry-application">LogicBalls: Democratizing AI for Cross-Industry Application</h2><p><strong>LogicBalls represents a significant development in democratized AI technology</strong>, positioning itself as the "world's leading AI research lab" focused on making advanced AI accessible across 25+ industries. Founded in 2023 in San Francisco, the platform has evolved from a simple content generation tool into a comprehensive AI ecosystem offering 200+ specialized tools, with ambitious plans to reach 10,000+ applications by end of 2025.</p><h3 id="core-capabilities-span-multiple-business-functions">Core capabilities span multiple business functions</h3><p>LogicBalls differentiates itself through <strong>breadth rather than depth</strong>, offering specialized AI tools across marketing, healthcare, legal, education, construction, and manufacturing sectors. The platform <a href="https://www.openpr.com/news/4080159/logicballs-shatters-ai-platform-monopoly-becomes-first" rel="noreferrer">integrates 14 leading AI models including GPT-4o, Claude Sonnet, and Gemini 2.5 Pro, wrapped in proprietary templates</a> and best practices that eliminate complex prompt engineering for business users.</p><p><strong>Key features include</strong>:</p><ul> <li>200+ AI tools expanded to 5,000+</li> <li>Multi-language support (15+ languages) with 20+ tone options</li> <li>Industry-specific applications from legal case briefs to medical procedure reports</li> <li>Constitutional AI implementation for ethical, safe outputs</li> <li>Browser extension for seamless workflow integration</li> <li>Real-time grammar checking and plagiarism-free content generation</li> </ul><h3 id="strong-value-proposition-for-smbs-and-specialized-industries">Strong value proposition for SMBs and specialized industries</h3><p>LogicBalls targets small to medium-sized businesses, marketing agencies, and traditional industries lagging in digital transformation. <strong>The platform claims 65% faster AI implementation</strong> compared to traditional approaches, with users reporting 35% cost savings within the first month and 45% improvement in overall efficiency.</p><p><strong>Documented business applications include</strong>:</p><ul> <li>Regional Medical Associates achieved 42% reduction in documentation time across three hospitals</li> <li>Restaurants automated menu description creation, increasing customer appeal</li> <li>Travel agencies expanded global reach through multi-language content creation</li> <li>Small businesses improved website traffic and conversions without dedicated copywriters</li> </ul><p>The company has 72% quarter-over-quarter growth with users spanning 43 countries, though it faces intense competition from established players like Copy.ai and Jasper.</p><h2 id="market-trends-and-strategic-recommendations">Market Trends and Strategic Recommendations</h2><h3 id="critical-success-factors-for-ai-implementation">Critical success factors for AI implementation</h3><p><strong>Organizations achieving the highest AI returns focus on core business processes</strong>, with 62% of AI value concentrated in essential operations rather than experimental use cases. Companies with dedicated AI teams achieve 1.5x higher revenue growth, while leaders invest 70% in people and processes versus 30% in technology.</p><p><strong>Data governance emerges as the primary differentiator</strong>, with 70% of high-performing organizations citing data management as the key obstacle to overcome. Only 21% have established generative AI usage policies, creating significant governance gaps that successful organizations must address proactively.</p><h3 id="portfolio-approach-drives-sustainable-transformation">Portfolio approach drives sustainable transformation</h3><p>The most successful implementations follow a <strong>three-tier portfolio strategy</strong>: ground game focused on small wins and incremental improvements, roofshots targeting attainable transformative projects, and moonshots pursuing high-reward breakthrough initiatives. This balanced approach enables organizations to demonstrate quick value while building capabilities for larger transformations.</p><h2 id="future-outlook-points-toward-agentic-ai-dominance">Future outlook points toward agentic AI dominance</h2><p><strong>Autonomous AI agents represent the </strong><a href="https://www.techtarget.com/searchenterpriseai/tip/9-top-AI-and-machine-learning-trends" rel="noreferrer"><strong>next transformation wave</strong></a>, with 26% of organizations already exploring implementations. These <a href="https://www.deloitte.com/us/en/what-we-do/capabilities/applied-artificial-intelligence/content/state-of-generative-ai-in-enterprise.html" rel="noreferrer">digital workers have the potential to double knowledge workforce</a> capacity while reshaping software demand from infrastructure investments to <a href="https://www.pwc.com/us/en/tech-effect/ai-analytics/ai-predictions.html" rel="noreferrer">tailored AI solutions</a>. Organizations must prepare for this shift by building governance frameworks and developing human-AI collaboration capabilities.</p><p>The <a href="https://www.pwc.com/us/en/tech-effect/ai-analytics/ai-predictions.html" rel="noreferrer">AI tools landscape in 2024-2025</a> represents a watershed moment where competitive advantage increasingly depends on AI maturity rather than mere adoption. While most organizations have begun their AI journey, the gap between leaders and laggards widens rapidly. Success requires strategic vision, systematic implementation, robust governance, and significant investment in both technology and talent. Organizations that act decisively now, focusing on value creation rather than experimentation, will be best positioned to capitalize on AI's transformative potential in the years ahead.</p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://guptadeepak.com/">Deepak Gupta | AI &amp;amp; Cybersecurity Innovation Leader | Founder&amp;#039;s Journey from Code to Scale</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Deepak Gupta - Tech Entrepreneur, Cybersecurity Author">Deepak Gupta - Tech Entrepreneur, Cybersecurity Author</a>. Read the original post at: <a href="https://guptadeepak.com/ai-tools-transforming-business-operations-in-2025/">https://guptadeepak.com/ai-tools-transforming-business-operations-in-2025/</a> </p>

<p>American democracy runs on trust, and that trust is cracking.</p><p>Nearly half of Americans, both Democrats and Republicans, question whether elections are <a href="https://news.gallup.com/poll/651185/partisan-split-election-integrity-gets-even-wider.aspx">conducted fairly</a>. Some voters accept election results only <a href="https://worldjusticeproject.org/our-work/research-and-data/rule-law-united-states">when their side wins</a>. The problem isn’t just political polarization—it’s a creeping <a href="https://www.pewresearch.org/politics/2018/10/29/elections-in-america-concerns-over-security-divisions-over-expanding-access-to-voting/">erosion of trust</a> in the machinery of democracy itself.</p><p>Commentators blame ideological tribalism, <a href="https://www.nytimes.com/2024/01/09/business/media/election-disinformation-2024.html">misinformation campaigns</a> and <a href="https://www.nytimes.com/2022/06/15/opinion/social-media-polarization-democracy.html">partisan echo chambers</a> for this crisis of trust. But these explanations miss a critical piece of the puzzle: a growing unease with the digital infrastructure that now underpins nearly every aspect of how Americans vote.</p><div class="code-block code-block-12 ai-track" data-ai="WzEyLCIiLCJCbG9jayAxMiIsIiIsMV0=" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-12-1" data-info="WyIxMi0xIiwyXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="VGVjaHN0cm9uZyBHYW5nIFlvdXR1YmU=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://youtu.be/Fojn5NFwaw8" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2024/12/Techstrong-Gang-Youtube-PodcastV2-770.png" alt="Techstrong Gang Youtube"></a></div> <div class="clear-custom-ad"></div> </div></div> <div class="ai-rotate-option" style="visibility: hidden; position: absolute; top: 0; left: 0; width: 100%; height: 100%;" data-index="1" data-name="QVdTIEh1Yg==" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://devops.com/builder-community-hub/?ref=in-article-ad-1&amp;utm_source=do&amp;utm_medium=referral&amp;utm_campaign=in-article-ad-1" target="_blank"><img src="https://devops.com/wp-content/uploads/2024/10/Gradient-1.png" alt="AWS Hub"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><p>The digital transformation of American elections has been swift and sweeping. Just two decades ago, most people voted using mechanical levers or punch cards. Today, <a href="https://electionlab.mit.edu/research/voting-technology">over 95% of ballots</a> are counted electronically. Digital systems have replaced poll books, taken over voter identity verification processes and are integrated into registration, counting, auditing and voting systems.</p><p>This technological leap has made voting more accessible and efficient, and <a href="https://www.scientificamerican.com/article/voting-has-never-been-more-secure-than-it-is-right-now/">sometimes more secure</a>. But these new systems are also more complex. And that complexity plays into the hands of those looking to undermine democracy.</p><div class="code-block code-block-15" style="margin: 8px 0; clear: both;"> <script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2091799172090865" crossorigin="anonymous" type="59856af1c26d1231be7681c4-text/javascript"></script> <!-- SB In Article Ad 1 --> <ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-2091799172090865" data-ad-slot="8723094367" data-ad-format="auto" data-full-width-responsive="true"></ins> <script type="59856af1c26d1231be7681c4-text/javascript"> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div><p>In recent years, authoritarian regimes have refined a <a href="https://cyberscoop.com/china-midterms-elections-influence-nord-hacking/">chillingly effective strategy</a> to chip away at Americans’ faith in democracy by relentlessly sowing doubt about the tools U.S. states use to conduct elections. It’s a sustained <a href="https://www.brookings.edu/articles/misinformation-is-eroding-the-publics-confidence-in-democracy/">campaign to fracture civic faith</a> and make Americans believe that democracy is rigged, especially when their side loses.</p><p>This is not cyberwar in the traditional sense. There’s no evidence that anyone has managed to break into voting machines and alter votes. But cyberattacks on election systems don’t need to succeed to have an effect. Even a single failed intrusion, magnified by sensational headlines and political echo chambers, is enough to shake public trust. By feeding into existing anxiety about the complexity and opacity of digital systems, adversaries create <a href="https://www.nytimes.com/2024/04/01/business/media/china-online-disinformation-us-election.html">fertile ground for disinformation and conspiracy theories</a>.</p><h3>Testing cyber fears</h3><p>To test this dynamic, we launched a study to uncover precisely how cyberattacks corroded trust in the vote during the 2024 U.S. presidential race. We surveyed more than 3,000 voters before and after election day, testing them using a series of fictional but highly realistic breaking news reports depicting cyberattacks against critical infrastructure. We randomly assigned participants to watch different types of news reports: some depicting cyberattacks on election systems, others on unrelated infrastructure such as the power grid, and a third, neutral control group.</p><p>The results, which are under peer review, were both striking and sobering. Mere exposure to reports of cyberattacks <a href="https://drive.google.com/file/d/1M0iGIYk_WsxumppZ4ZEVAANS4CC9lTaQ/view">undermined trust in the electoral process</a>—regardless of partisanship. Voters who supported the losing candidate experienced the greatest drop in trust, with two-thirds of Democratic voters showing heightened skepticism toward the election results.</p><p>But winners too showed diminished confidence. Even though most Republican voters, buoyed by their victory, accepted the overall security of the election, the majority of those who viewed news reports about cyberattacks remained suspicious.</p><p>The attacks didn’t even have to be related to the election. Even cyberattacks against critical infrastructure such as utilities had spillover effects. Voters seemed to extrapolate: “If the power grid can be hacked, why should I believe that voting machines are secure?”</p><p>Strikingly, voters who used digital machines to cast their ballots were the most rattled. For this group of people, belief in the accuracy of the vote count fell by nearly twice as much as that of voters who cast their ballots by mail and who didn’t use any technology. Their firsthand experience with the sorts of systems being portrayed as vulnerable personalized the threat.</p><p>It’s not hard to see why. When you’ve just used a touchscreen to vote, and then you see a news report about a digital system being breached, the leap in logic isn’t far.</p><p>Our data suggests that in a digital society, perceptions of trust—and distrust—are fluid, contagious and easily activated. The cyber domain isn’t just about networks and code. <a href="https://doi.org/10.1093/jogss/ogac042">It’s also about emotions</a>: fear, vulnerability and uncertainty.</p><h3>Firewall of trust</h3><p>Does this mean we should scrap electronic voting machines? Not necessarily.</p><p>Every election system, digital or analog, has flaws. And in many respects, today’s high-tech systems have solved the problems of the past with voter-verifiable paper ballots. Modern voting machines reduce human error, increase accessibility and speed up the vote count. No one misses the <a href="https://www.nytimes.com/2000/11/12/us/counting-the-vote-the-ballots-after-cards-are-poked-the-confetti-can-count.html">hanging chads</a> of 2000.</p><p>But technology, no matter how advanced, cannot instill legitimacy on its own. It must be paired with something harder to code: public trust. In an environment where foreign adversaries amplify every flaw, cyberattacks can trigger spirals of suspicion. It is no longer enough for elections to be secure – voters must also <a href="https://www.theguardian.com/commentisfree/2018/apr/18/american-elections-hack-bruce-scheier">perceive them to be secure</a>.</p><p>That’s why <a href="https://www.nytimes.com/2024/08/22/learning/2024-election-teaching-resources.html">public education</a> surrounding elections is now as vital to election security as firewalls and encrypted networks. It’s vital that voters understand how elections are run, how they’re protected and how failures are caught and corrected. Election officials, civil society groups and researchers can teach <a href="https://verifiedvoting.org/audits/">how audits work</a>, host open-source verification demonstrations and ensure that high-tech electoral processes are comprehensible to voters.</p><p>We believe this is an essential investment in democratic resilience. But it needs to be proactive, not reactive. By the time the doubt takes hold, it’s already too late.</p><p>Just as crucially, we are convinced that it’s time to rethink the very nature of cyber threats. People often imagine them in <a href="https://www.nytimes.com/2024/04/17/us/politics/china-cyber-us-infrastructure.html">military terms</a>. But that framework misses the true power of these threats. The danger of cyberattacks is not only that they can destroy infrastructure or steal classified secrets, but that they chip away at societal cohesion, sow anxiety and fray citizens’ confidence in democratic institutions. These attacks erode the very idea of truth itself by making people doubt that anything can be trusted.</p><p>If trust is the target, then we believe that elected officials should start to treat trust as a national asset: something to be built, renewed and defended. Because in the end, elections aren’t just about votes being counted—they’re about people believing that those votes count.</p><p>And in that belief lies the true firewall of democracy.</p><p><em>This essay was written with Ryan Shandler and Anthony J. DeMattee, and originally appeared in <a href="https://theconversation.com/cyberattacks-shake-voters-trust-in-elections-regardless-of-party-259368">The Conversation</a>.</em></p><div class="spu-placeholder" style="display:none"></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.schneier.com/">Schneier on Security</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Bruce Schneier">Bruce Schneier</a>. Read the original post at: <a href="https://www.schneier.com/blog/archives/2025/06/cyberattacks-shake-voters-trust-in-elections.html">https://www.schneier.com/blog/archives/2025/06/cyberattacks-shake-voters-trust-in-elections.html</a> </p>