Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In my house, we consume a lot of AI research. We also watch a lot—probably too much—TV. Late in 2025, those worlds collided when the AI giant Anthropic was featured on “60 Minutes.” My husband tried to scroll past it, but I snatched the controller away, unable to resist a headline calling out the first widely acknowledged case of an “agentic AI cyberattack.” The framing itself was irresistible, a milestone moment in the rapid acceleration of AI.

Security Operations Centers (SOCs) are overwhelmed by alerts, often reacting to threats as they appear rather than anticipating them. Bitsight Threat Intelligence (TI) transforms SOC operations by providing external visibility, context, and correlation with real adversary behavior. By mapping incidents to MITRE ATT&CK techniques and monitoring the deep and dark web for emerging risks, Bitsight TI enables SOC and CTI teams to detect, understand, and prevent threats before they cause impact.

Exposure Management has quickly become one of the most talked-about concepts in cybersecurity. This article breaks down what exposure management really is, how it differs from vulnerability management, and why the ability to take action is what ultimately drives meaningful risk reduction.

Microsoft 365 is both powerful and challenging for managed service providers (MSPs). It's nearly ubiquitous at client sites, which means MSPs don't have to worry about managing multiple business suites. Unfortunately, protecting Microsoft 365 isn't easy. Microsoft's own level of protection is limited by design, and MSPs often have to cobble together a collection of unintegrated tools to keep Microsoft 365 data safe for clients. Technicians end up stretched thin as tickets pile up.

One thing is certain for manufacturers: Cyberattacks on your operations will succeed. Improving detection and prevention capabilities is critical, but at some point, your operational technology (OT) environment will face a significant incident. What matters most is how quickly you can recover and resume operations.

If you were part of the workforce before the year 2000, the emphasis on security and compliance might not have been as pronounced unless you were in a government role or a company with legal obligations. However, with the advent of cloud services in 2010, the landscape changed, and privacy compliance gained significant relevance, especially as companies expanded their services globally. Fast forward to the 2020s, where security and compliance are now mainstream.

At Fal.Con 2025, CrowdStrike introduced Threat AI, an agentic threat intelligence system of autonomous agents that reason across data, hunt for threats, and take action. As part of our vision for the agentic SOC, these AI-powered agents automate complex intelligence workflows so defenders can keep up with AI-powered adversaries while staying in control of every decision.

‍Cyber risk quantification (CRQ), the process of modeling cyber threats and forecasting loss outcomes, is becoming foundational to how organizations govern and respond to cyber exposure. What began as a specialized function is now shaping the priorities of security operations and enterprise risk management as a whole.

DevOps has become an important practice for companies looking to efficiently meet customers’ expectations, accelerate software delivery, and optimize resources. Companies that embrace the DevOps culture can smoothly merge their development and operations teams, resulting in faster releases and better development.

Automated red teaming uses software to simulate cyberattacks and test security defenses, helping organizations find and fix vulnerabilities more efficiently. It automates tasks like credential harvesting, system enumeration, and privilege escalation to test security posture in a continuous, scalable manner. Beyond traditional systems, automated red teaming can also be used for AI systems, where it tests for risks like data poisoning or prompt injection in generative models.